83 lines
2.5 KiB
Dart
83 lines
2.5 KiB
Dart
import 'package:collection/collection.dart';
|
|
import 'package:flutter/foundation.dart';
|
|
|
|
import 'package:pshared/models/permissions/action.dart' as perm;
|
|
import 'package:pshared/models/permissions/data/permission.dart';
|
|
import 'package:pshared/models/permissions/descriptions/policy.dart';
|
|
import 'package:pshared/models/permissions/effect.dart';
|
|
import 'package:pshared/models/resources.dart';
|
|
|
|
import 'package:pweb/services/permissions.dart';
|
|
import 'package:pweb/services/mock_ids.dart';
|
|
|
|
class PermissionsProvider extends ChangeNotifier {
|
|
final PermissionsService _service;
|
|
|
|
PermissionsProvider({required PermissionsService service}) : _service = service;
|
|
|
|
bool _isLoading = false;
|
|
Object? _error;
|
|
String? _accountRef;
|
|
bool _hasLoaded = false;
|
|
String? _roleRef;
|
|
List<Permission> _permissions = [];
|
|
List<PolicyDescription> _policyDescriptions = [];
|
|
|
|
bool get isLoading => _isLoading;
|
|
Object? get error => _error;
|
|
bool get isReady => _hasLoaded && !_isLoading && _error == null;
|
|
List<Permission> get permissions => List.unmodifiable(_permissions);
|
|
bool get hasLoaded => _hasLoaded;
|
|
|
|
bool get isCompany => _roleRef == companyRoleId;
|
|
bool get isRecipient => _roleRef == recipientRoleId;
|
|
|
|
Future<void> loadForAccount(String accountRef) async {
|
|
_accountRef = accountRef;
|
|
_isLoading = true;
|
|
_error = null;
|
|
notifyListeners();
|
|
|
|
try {
|
|
final access = await _service.loadForAccount(accountRef);
|
|
_permissions = access.permissions.permissions;
|
|
_policyDescriptions = access.descriptions.policies;
|
|
_roleRef = access.permissions.roles.firstOrNull?.descriptionRef;
|
|
} catch (e) {
|
|
_permissions = [];
|
|
_policyDescriptions = [];
|
|
_error = e;
|
|
_roleRef = null;
|
|
} finally {
|
|
_hasLoaded = true;
|
|
_isLoading = false;
|
|
notifyListeners();
|
|
}
|
|
}
|
|
|
|
void clear() {
|
|
_accountRef = null;
|
|
_permissions = [];
|
|
_policyDescriptions = [];
|
|
_error = null;
|
|
_hasLoaded = false;
|
|
_roleRef = null;
|
|
notifyListeners();
|
|
}
|
|
|
|
bool canAccessResource(ResourceType resource, {perm.Action? action}) {
|
|
final policy = _policyDescriptions.firstWhereOrNull(
|
|
(policy) => (policy.resourceTypes?.contains(resource) ?? false),
|
|
);
|
|
if (policy == null) return false;
|
|
|
|
return _permissions.any(
|
|
(permission) =>
|
|
permission.accountRef == _accountRef &&
|
|
permission.policy.descriptionRef == policy.storable.id &&
|
|
permission.policy.effect.effect == Effect.allow &&
|
|
(action == null || permission.policy.effect.action == action),
|
|
);
|
|
}
|
|
}
|