@esri/hub-discussions - npm Package Compare versions

Comparing version 24.1.0 to 24.2.0

dist/esm/utils/channels/can-create-channel.js

@@ -1,6 +0,6 @@
-import { SharingAccess, } from "../../types";
+import { SharingAccess } from "../../types";
 import { ChannelPermission } from "../channel-permission";
 import { CANNOT_DISCUSS } from "../constants";
 import { isOrgAdmin } from "../platform";
-export function canCreateChannel(channel, user) {
+export function canCreateChannel(channel, user = {}) {
     const { channelAcl, access, groups, orgs } = channel;
@@ -19,6 +19,6 @@ if (channelAcl) {
 function isAuthorizedToCreateByLegacyPermissions(user, channelParams) {
-    const { username, groups: userGroups } = user;
-    const { access, groups: channelGroupIds, orgs: channelOrgs } = channelParams;
+    const { username, groups: userGroups = [] } = user;
+    const { access, groups: channelGroupIds = [], orgs: channelOrgs, } = channelParams;
     // ensure authenticated
-    if (username === null) {
+    if (!username) {
         return false;
@@ -30,3 +30,4 @@ }
     // public or org access
-    return isOrgAdminAndInChannelOrgs(user, channelOrgs);
+    return (canAllowGroupsLegacy(userGroups, channelGroupIds) &&
+        isChannelOrgAdmin(user, channelOrgs));
 }
@@ -49,5 +50,5 @@ function canAllowGroupsLegacy(userGroups, channelGroupIds) {
 }
-function isOrgAdminAndInChannelOrgs(user, channelOrgs) {
+function isChannelOrgAdmin(user, channelOrgs) {
     return isOrgAdmin(user) && channelOrgs.includes(user.orgId);
 }
 //# sourceMappingURL=can-create-channel.js.map

dist/esm/utils/channels/can-post-to-channel.js

@@ -12,3 +12,3 @@ import { Role, SharingAccess } from "../../types";
 ]);
-export function canPostToChannel(channel, user) {
+export function canPostToChannel(channel, user = {}) {
     const { channelAcl, access, groups, orgs, allowAnonymous } = channel;
@@ -34,3 +34,3 @@ if (channelAcl) {
     }
-    if (username === null) {
+    if (!username) {
         return false;
@@ -37,0 +37,0 @@ }

dist/esm/utils/channels/index.js

@@ -6,4 +6,4 @@ import { isOrgAdmin, reduceByGroupMembership } from "../platform";
     return (user, channel) => {
-        const { groups: sharedGroups } = channel;
-        const { groups: userGroups } = user;
+        const { groups: sharedGroups = [] } = channel;
+        const { groups: userGroups = [] } = user;
         const eligibleUserGroups = userGroups.reduce(reduceByGroupMembership(membershipTypes), []);
@@ -29,3 +29,3 @@ const method = "some";
  */
-export function canReadFromChannel(channel, user) {
+export function canReadFromChannel(channel, user = {}) {
     if (channel.access === "private") {
@@ -35,5 +35,7 @@ // ensure user is member of at least one group
     }
-    else if (channel.access === "org") {
-        return isChannelOrgMember(channel, user);
+    if (channel.access === "org") {
+        return (intersectGroups(["member", "owner", "admin"])(user, channel) ||
+            isChannelOrgMember(channel, user));
     }
+    // public channel
     return true;
@@ -49,3 +51,6 @@ }
  */
-export function canModifyChannel(channel, user) {
+export function canModifyChannel(channel, user = {}) {
+    if (!user.username) {
+        return false;
+    }
     if (channel.creator === user.username) {
@@ -58,4 +63,5 @@ return true;
     }
-    // if org or public channel, must be org admin
-    return isChannelOrgAdmin(channel, user);
+    // org or public channel
+    return (intersectGroups(["owner", "admin"])(user, channel) ||
+        isChannelOrgAdmin(channel, user));
 }
@@ -62,0 +68,0 @@ /**

dist/esm/utils/posts/can-modify-post-status.js

@@ -5,3 +5,3 @@ import { SharingAccess } from "../../types";
 const ADMIN_GROUP_ROLES = Object.freeze(["owner", "admin"]);
-export function canModifyPostStatus(channel, user) {
+export function canModifyPostStatus(channel, user = {}) {
     const { channelAcl } = channel;
@@ -15,4 +15,4 @@ if (channelAcl) {
 function isAuthorizedToModifyStatusByLegacyPermissions(user, channel) {
-    const { username, groups: userGroups, orgId: userOrgId } = user;
-    const { access, groups: channelGroups, orgs: channelOrgs, creator: channelCreator, } = channel;
+    const { username, groups: userGroups = [], orgId: userOrgId } = user;
+    const { access, groups: channelGroups = [], orgs: channelOrgs = [], creator: channelCreator, } = channel;
     if (!username) {
@@ -28,3 +28,4 @@ return false;
     // public or org access
-    return channelOrgs.includes(userOrgId) && isOrgAdmin(user);
+    return (isAuthorizedToModifyStatusByLegacyGroup(channelGroups, userGroups) ||
+        isChannelOrgAdmin(channelOrgs, user));
 }
@@ -34,3 +35,3 @@ /**
  */
-function isAuthorizedToModifyStatusByLegacyGroup(channelGroups, userGroups = []) {
+function isAuthorizedToModifyStatusByLegacyGroup(channelGroups, userGroups) {
     return channelGroups.some((channelGroupId) => {
@@ -44,2 +45,5 @@ return userGroups.some((group) => {
 }
+function isChannelOrgAdmin(channelOrgs, user) {
+    return isOrgAdmin(user) && channelOrgs.includes(user.orgId);
+}
 //# sourceMappingURL=can-modify-post-status.js.map

dist/esm/utils/posts/can-modify-post.js

@@ -6,3 +6,3 @@ import { SharingAccess } from "../../types";
  */
-export function canModifyPost(post, user, channel) {
+export function canModifyPost(post, user = {}, channel) {
     const { access, groups, orgs, allowAnonymous } = channel;
@@ -18,7 +18,7 @@ return (isPostCreator(post, user) &&
 function isPostCreator(post, user) {
-    return post.creator === user.username;
+    return !!user.username && post.creator === user.username;
 }
 function isAuthorizedToModifyByLegacyPermissions(user, channelParams) {
-    const { groups: userGroups, orgId: userOrgId } = user;
-    const { access, groups: channelGroups, orgs } = channelParams;
+    const { groups: userGroups = [], orgId: userOrgId } = user;
+    const { access, groups: channelGroups = [], orgs = [] } = channelParams;
     if (access === SharingAccess.PUBLIC) {
@@ -28,4 +28,6 @@ return true;
     if (access === SharingAccess.ORG) {
-        return orgs.includes(userOrgId);
+        return (isAuthorizedToModifyPostByLegacyGroup(channelGroups, userGroups) ||
+            orgs.includes(userOrgId));
     }
+    // private
     return isAuthorizedToModifyPostByLegacyGroup(channelGroups, userGroups);
@@ -37,3 +39,3 @@ }
  */
-function isAuthorizedToModifyPostByLegacyGroup(channelGroups = [], userGroups = []) {
+function isAuthorizedToModifyPostByLegacyGroup(channelGroups, userGroups) {
     return channelGroups.some((channelGroupId) => {
@@ -40,0 +42,0 @@ return userGroups.some((group) => {

dist/esm/utils/posts/index.js

@@ -60,7 +60,7 @@ import { parseDatasetId } from "@esri/hub-common";
  */
-export function canDeletePost(post, channel, user) {
+export function canDeletePost(post, channel, user = {}) {
     return isPostCreator(post, user) || canModifyChannel(channel, user);
 }
 function isPostCreator(post, user) {
-    return post.creator === user.username;
+    return !!user.username && post.creator === user.username;
 }
@@ -67,0 +67,0 @@ const MENTION_ATTRIBUTE_AND_VALUE_PATTERN = new RegExp(`${MENTION_ATTRIBUTE}=('|")[\\w@\\.-]+('|")`, "g");

dist/node/utils/channels/can-create-channel.js

@@ -8,3 +8,3 @@ "use strict";
 const platform_1 = require("../platform");
-function canCreateChannel(channel, user) {
+function canCreateChannel(channel, user = {}) {
     const { channelAcl, access, groups, orgs } = channel;
@@ -24,6 +24,6 @@ if (channelAcl) {
 function isAuthorizedToCreateByLegacyPermissions(user, channelParams) {
-    const { username, groups: userGroups } = user;
-    const { access, groups: channelGroupIds, orgs: channelOrgs } = channelParams;
+    const { username, groups: userGroups = [] } = user;
+    const { access, groups: channelGroupIds = [], orgs: channelOrgs, } = channelParams;
     // ensure authenticated
-    if (username === null) {
+    if (!username) {
         return false;
@@ -35,3 +35,4 @@ }
     // public or org access
-    return isOrgAdminAndInChannelOrgs(user, channelOrgs);
+    return (canAllowGroupsLegacy(userGroups, channelGroupIds) &&
+        isChannelOrgAdmin(user, channelOrgs));
 }
@@ -54,5 +55,5 @@ function canAllowGroupsLegacy(userGroups, channelGroupIds) {
 }
-function isOrgAdminAndInChannelOrgs(user, channelOrgs) {
+function isChannelOrgAdmin(user, channelOrgs) {
     return platform_1.isOrgAdmin(user) && channelOrgs.includes(user.orgId);
 }
 //# sourceMappingURL=can-create-channel.js.map

dist/node/utils/channels/can-post-to-channel.js

@@ -15,3 +15,3 @@ "use strict";
 ]);
-function canPostToChannel(channel, user) {
+function canPostToChannel(channel, user = {}) {
     const { channelAcl, access, groups, orgs, allowAnonymous } = channel;
@@ -38,3 +38,3 @@ if (channelAcl) {
     }
-    if (username === null) {
+    if (!username) {
         return false;
@@ -41,0 +41,0 @@ }

dist/node/utils/channels/index.js

@@ -11,4 +11,4 @@ "use strict";
     return (user, channel) => {
-        const { groups: sharedGroups } = channel;
-        const { groups: userGroups } = user;
+        const { groups: sharedGroups = [] } = channel;
+        const { groups: userGroups = [] } = user;
         const eligibleUserGroups = userGroups.reduce(platform_1.reduceByGroupMembership(membershipTypes), []);
@@ -34,3 +34,3 @@ const method = "some";
  */
-function canReadFromChannel(channel, user) {
+function canReadFromChannel(channel, user = {}) {
     if (channel.access === "private") {
@@ -40,5 +40,7 @@ // ensure user is member of at least one group
     }
-    else if (channel.access === "org") {
-        return isChannelOrgMember(channel, user);
+    if (channel.access === "org") {
+        return (intersectGroups(["member", "owner", "admin"])(user, channel) ||
+            isChannelOrgMember(channel, user));
     }
+    // public channel
     return true;
@@ -55,3 +57,6 @@ }
  */
-function canModifyChannel(channel, user) {
+function canModifyChannel(channel, user = {}) {
+    if (!user.username) {
+        return false;
+    }
     if (channel.creator === user.username) {
@@ -64,4 +69,5 @@ return true;
     }
-    // if org or public channel, must be org admin
-    return isChannelOrgAdmin(channel, user);
+    // org or public channel
+    return (intersectGroups(["owner", "admin"])(user, channel) ||
+        isChannelOrgAdmin(channel, user));
 }
@@ -68,0 +74,0 @@ exports.canModifyChannel = canModifyChannel;

dist/node/utils/posts/can-modify-post-status.js

@@ -8,3 +8,3 @@ "use strict";
 const ADMIN_GROUP_ROLES = Object.freeze(["owner", "admin"]);
-function canModifyPostStatus(channel, user) {
+function canModifyPostStatus(channel, user = {}) {
     const { channelAcl } = channel;
@@ -19,4 +19,4 @@ if (channelAcl) {
 function isAuthorizedToModifyStatusByLegacyPermissions(user, channel) {
-    const { username, groups: userGroups, orgId: userOrgId } = user;
-    const { access, groups: channelGroups, orgs: channelOrgs, creator: channelCreator, } = channel;
+    const { username, groups: userGroups = [], orgId: userOrgId } = user;
+    const { access, groups: channelGroups = [], orgs: channelOrgs = [], creator: channelCreator, } = channel;
     if (!username) {
@@ -32,3 +32,4 @@ return false;
     // public or org access
-    return channelOrgs.includes(userOrgId) && platform_1.isOrgAdmin(user);
+    return (isAuthorizedToModifyStatusByLegacyGroup(channelGroups, userGroups) ||
+        isChannelOrgAdmin(channelOrgs, user));
 }
@@ -38,3 +39,3 @@ /**
  */
-function isAuthorizedToModifyStatusByLegacyGroup(channelGroups, userGroups = []) {
+function isAuthorizedToModifyStatusByLegacyGroup(channelGroups, userGroups) {
     return channelGroups.some((channelGroupId) => {
@@ -48,2 +49,5 @@ return userGroups.some((group) => {
 }
+function isChannelOrgAdmin(channelOrgs, user) {
+    return platform_1.isOrgAdmin(user) && channelOrgs.includes(user.orgId);
+}
 //# sourceMappingURL=can-modify-post-status.js.map

dist/node/utils/posts/can-modify-post.js

@@ -9,3 +9,3 @@ "use strict";
  */
-function canModifyPost(post, user, channel) {
+function canModifyPost(post, user = {}, channel) {
     const { access, groups, orgs, allowAnonymous } = channel;
@@ -22,7 +22,7 @@ return (isPostCreator(post, user) &&
 function isPostCreator(post, user) {
-    return post.creator === user.username;
+    return !!user.username && post.creator === user.username;
 }
 function isAuthorizedToModifyByLegacyPermissions(user, channelParams) {
-    const { groups: userGroups, orgId: userOrgId } = user;
-    const { access, groups: channelGroups, orgs } = channelParams;
+    const { groups: userGroups = [], orgId: userOrgId } = user;
+    const { access, groups: channelGroups = [], orgs = [] } = channelParams;
     if (access === types_1.SharingAccess.PUBLIC) {
@@ -32,4 +32,6 @@ return true;
     if (access === types_1.SharingAccess.ORG) {
-        return orgs.includes(userOrgId);
+        return (isAuthorizedToModifyPostByLegacyGroup(channelGroups, userGroups) ||
+            orgs.includes(userOrgId));
     }
+    // private
     return isAuthorizedToModifyPostByLegacyGroup(channelGroups, userGroups);
@@ -41,3 +43,3 @@ }
  */
-function isAuthorizedToModifyPostByLegacyGroup(channelGroups = [], userGroups = []) {
+function isAuthorizedToModifyPostByLegacyGroup(channelGroups, userGroups) {
     return channelGroups.some((channelGroupId) => {
@@ -44,0 +46,0 @@ return userGroups.some((group) => {

dist/node/utils/posts/index.js

@@ -67,3 +67,3 @@ "use strict";
  */
-function canDeletePost(post, channel, user) {
+function canDeletePost(post, channel, user = {}) {
     return isPostCreator(post, user) || channels_1.canModifyChannel(channel, user);
@@ -73,3 +73,3 @@ }
 function isPostCreator(post, user) {
-    return post.creator === user.username;
+    return !!user.username && post.creator === user.username;
 }
@@ -76,0 +76,0 @@ const MENTION_ATTRIBUTE_AND_VALUE_PATTERN = new RegExp(`${constants_1.MENTION_ATTRIBUTE}=('|")[\\w@\\.-]+('|")`, "g");

dist/types/utils/channels/can-create-channel.d.ts

@@ -0,2 +1,3 @@
+import { IUser } from "@esri/arcgis-rest-types";
 import { IChannel, IDiscussionsUser } from "../../types";
-export declare function canCreateChannel(channel: IChannel, user: IDiscussionsUser): boolean;
+export declare function canCreateChannel(channel: IChannel, user?: IUser | IDiscussionsUser): boolean;

dist/types/utils/channels/can-post-to-channel.d.ts

@@ -0,2 +1,3 @@
+import { IUser } from "@esri/arcgis-rest-types";
 import { IChannel, IDiscussionsUser } from "../../types";
-export declare function canPostToChannel(channel: IChannel, user: IDiscussionsUser): boolean;
+export declare function canPostToChannel(channel: IChannel, user?: IUser | IDiscussionsUser): boolean;

dist/types/utils/channels/index.d.ts

 import { IUser } from "@esri/arcgis-rest-auth";
-import { IChannel, IPlatformSharing } from "../../types";
+import { IChannel, IDiscussionsUser, IPlatformSharing } from "../../types";
 export { canPostToChannel } from "./can-post-to-channel";
@@ -13,3 +13,3 @@ export { canCreateChannel } from "./can-create-channel";
  */
-export declare function canReadFromChannel(channel: IChannel, user: IUser): boolean;
+export declare function canReadFromChannel(channel: IChannel, user?: IUser | IDiscussionsUser): boolean;
 /**
@@ -23,3 +23,3 @@ * Utility to determine whether User can modify channel settings and posts belonging to Channel
  */
-export declare function canModifyChannel(channel: IChannel, user: IUser): boolean;
+export declare function canModifyChannel(channel: IChannel, user?: IUser | IDiscussionsUser): boolean;
 /**
@@ -26,0 +26,0 @@ * Utility to determine whether a Channel definition (inner) is encapsulated by another Channel's definition (outer)

dist/types/utils/posts/can-modify-post-status.d.ts

@@ -0,2 +1,3 @@
+import { IUser } from "@esri/arcgis-rest-types";
 import { IChannel, IDiscussionsUser } from "../../types";
-export declare function canModifyPostStatus(channel: IChannel, user: IDiscussionsUser): boolean;
+export declare function canModifyPostStatus(channel: IChannel, user?: IUser | IDiscussionsUser): boolean;

dist/types/utils/posts/can-modify-post.d.ts

@@ -0,1 +1,2 @@
+import { IUser } from "@esri/arcgis-rest-types";
 import { IChannel, IDiscussionsUser, IPost } from "../../types";
@@ -5,2 +6,2 @@ /**
  */
-export declare function canModifyPost(post: IPost, user: IDiscussionsUser, channel: IChannel): boolean;
+export declare function canModifyPost(post: IPost, user: IUser | IDiscussionsUser, channel: IChannel): boolean;

dist/types/utils/posts/index.d.ts

 import { IGroup, IItem } from "@esri/arcgis-rest-portal";
-import { IChannel, IDiscussionParams, IPost } from "../../types";
 import { IHubContent, IHubItemEntity } from "@esri/hub-common";
+import { IChannel, IDiscussionParams, IDiscussionsUser, IPost } from "../../types";
 import { IUser } from "@esri/arcgis-rest-auth";
@@ -30,3 +30,3 @@ export { canModifyPost } from "./can-modify-post";
  */
-export declare function canDeletePost(post: IPost, channel: IChannel, user: IUser): boolean;
+export declare function canDeletePost(post: IPost, channel: IChannel, user?: IUser | IDiscussionsUser): boolean;
 /**
@@ -33,0 +33,0 @@ * Parses mentioned users

package.json

 {
   "name": "@esri/hub-discussions",
-  "version": "24.1.0",
+  "version": "24.2.0",
   "description": "Module to interact with ArcGIS Hub Discussions API in Node.js and modern browsers.",
@@ -5,0 +5,0 @@ "main": "dist/node/index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

197190

increased by1.52%

Lines of code

3859

increased by0.78%

No dependency changes