backend/model/enum/
privacy_option.rs

1//! [`PrivacyOption`] enum.
2
3use diesel_derive_enum::DbEnum;
4use serde::{Deserialize, Serialize};
5use typeshare::typeshare;
6use utoipa::ToSchema;
7
8use crate::{config::auth::user_info::UserInfo, service::map_access_control::AccessRights};
9
10/// Enum for map privacy setting options.
11#[typeshare]
12#[derive(Serialize, Deserialize, DbEnum, Debug, ToSchema, Clone)]
13#[ExistingTypePath = "crate::schema::sql_types::PrivacyOption"]
14pub enum PrivacyOption {
15    /// Data is private and only visible for owner or members, the data was explicitly shared with.
16    #[serde(rename = "private")]
17    #[db_rename = "private"]
18    Private,
19
20    /// Data is protected and only visible for other members.
21    #[serde(rename = "protected")]
22    #[db_rename = "protected"]
23    Protected,
24
25    /// Data is public and visible for everyone.
26    #[serde(rename = "public")]
27    #[db_rename = "public"]
28    Public,
29}
30
31pub trait AccessControl {
32    fn check_access(&self, user_info: &UserInfo) -> AccessRights;
33}
34
35impl AccessControl for PrivacyOption {
36    fn check_access(&self, user_info: &UserInfo) -> AccessRights {
37        match self {
38            Self::Public => {
39                if user_info.is_admin() || user_info.is_member() {
40                    AccessRights::Write
41                } else {
42                    AccessRights::Read
43                }
44            }
45            Self::Protected => {
46                if user_info.is_admin() || user_info.is_member() {
47                    AccessRights::Write
48                } else {
49                    AccessRights::None
50                }
51            }
52            Self::Private => {
53                if user_info.is_admin() {
54                    AccessRights::Write
55                } else {
56                    AccessRights::None
57                }
58            }
59        }
60    }
61}