🛂(frontend) show member list depend ability

We integrate the new ability "accesses_view" that tells if a user can view the accesses of a document.
2024-10-24 17:21:33 +02:00
parent 15700ddd8d
commit 31c3dd6119
6 changed files with 46 additions and 13 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -17,6 +17,10 @@ and this project adheres to
 - ✨(frontend) Add full name if available #380
 - ✨(backend) Add view accesses ability #376

+## Changed
+
+- ♻️(frontend) list accesses if user has abilities #376
+
 ## Fixed

 - 🐛(backend) require right to manage document accesses to see invitations #369
--- a/src/frontend/apps/e2e/tests/app-impress/doc-header.spec.ts
+++ b/src/frontend/apps/e2e/tests/app-impress/doc-header.spec.ts
@@ -177,12 +177,13 @@ test.describe('Doc Header', () => {
  test('it checks the options available if administrator', async ({ page }) => {
    await mockedDocument(page, {
      abilities: {
+        accesses_manage: true, // Means admin
+        accesses_view: true,
        destroy: false, // Means not owner
        link_configuration: true,
        versions_destroy: true,
        versions_list: true,
        versions_retrieve: true,
-        accesses_manage: true, // Means admin
        update: true,
        partial_update: true,
        retrieve: true,
@@ -247,12 +248,13 @@ test.describe('Doc Header', () => {
  test('it checks the options available if editor', async ({ page }) => {
    await mockedDocument(page, {
      abilities: {
+        accesses_manage: false, // Means not admin
+        accesses_view: true,
        destroy: false, // Means not owner
        link_configuration: false,
        versions_destroy: true,
        versions_list: true,
        versions_retrieve: true,
-        accesses_manage: false, // Means not admin
        update: true,
        partial_update: true, // Means editor
        retrieve: true,
@@ -324,12 +326,13 @@ test.describe('Doc Header', () => {
  test('it checks the options available if reader', async ({ page }) => {
    await mockedDocument(page, {
      abilities: {
+        accesses_manage: false, // Means not admin
+        accesses_view: true,
        destroy: false, // Means not owner
        link_configuration: false,
        versions_destroy: false,
        versions_list: true,
        versions_retrieve: true,
-        accesses_manage: false, // Means not admin
        update: false,
        partial_update: false, // Means not editor
        retrieve: true,
--- a/src/frontend/apps/e2e/tests/app-impress/doc-visibility.spec.ts
+++ b/src/frontend/apps/e2e/tests/app-impress/doc-visibility.spec.ts
@@ -435,10 +435,20 @@ test.describe('Doc Visibility: Authenticated', () => {
    await page.goto(urlDoc);

    await expect(page.locator('h2').getByText(docTitle)).toBeVisible();
-    await expect(page.getByRole('button', { name: 'Share' })).toBeVisible();
+    await page.getByRole('button', { name: 'Share' }).click();
    await expect(
      page.getByText('Read only, you cannot edit this document'),
    ).toBeVisible();
+
+    const shareModal = page.getByLabel('Share modal');
+
+    await expect(
+      shareModal.getByRole('combobox', {
+        name: 'Visibility',
+      }),
+    ).toHaveAttribute('disabled');
+    await expect(shareModal.getByText('Search by email')).toBeHidden();
+    await expect(shareModal.getByLabel('List members card')).toBeHidden();
  });

  test('It checks a authenticated doc in editable mode', async ({
@@ -483,9 +493,19 @@ test.describe('Doc Visibility: Authenticated', () => {
    await page.goto(urlDoc);

    await expect(page.locator('h2').getByText(docTitle)).toBeVisible();
-    await expect(page.getByRole('button', { name: 'Share' })).toBeVisible();
+    await page.getByRole('button', { name: 'Share' }).click();
    await expect(
      page.getByText('Read only, you cannot edit this document'),
    ).toBeHidden();
+
+    const shareModal = page.getByLabel('Share modal');
+
+    await expect(
+      shareModal.getByRole('combobox', {
+        name: 'Visibility',
+      }),
+    ).toHaveAttribute('disabled');
+    await expect(shareModal.getByText('Search by email')).toBeHidden();
+    await expect(shareModal.getByLabel('List members card')).toBeHidden();
  });
 });
--- a/src/frontend/apps/impress/src/features/docs/doc-management/components/ModalShare.tsx
+++ b/src/frontend/apps/impress/src/features/docs/doc-management/components/ModalShare.tsx
@@ -123,8 +123,12 @@ export const ModalShare = ({ onClose, doc }: ModalShareProps) => {
            )}
          </Box>
          <Box $minHeight="0">
-            <InvitationList doc={doc} />
-            <MemberList doc={doc} />
+            {doc.abilities.accesses_view && (
+              <>
+                <InvitationList doc={doc} />
+                <MemberList doc={doc} />
+              </>
+            )}
          </Box>
        </Box>
      </SideModal>
--- a/src/frontend/apps/impress/src/features/docs/doc-management/types.tsx
+++ b/src/frontend/apps/impress/src/features/docs/doc-management/types.tsx
@@ -44,10 +44,11 @@ export interface Doc {
  created_at: string;
  updated_at: string;
  abilities: {
+    accesses_manage: boolean;
+    accesses_view: boolean;
    attachment_upload: true;
    destroy: boolean;
    link_configuration: boolean;
-    accesses_manage: boolean;
    partial_update: boolean;
    retrieve: boolean;
    update: boolean;
--- a/src/frontend/apps/impress/src/features/service-worker/ApiPlugin.ts
+++ b/src/frontend/apps/impress/src/features/service-worker/ApiPlugin.ts
@@ -194,16 +194,17 @@ export class ApiPlugin implements WorkboxPlugin {
      created_at: new Date().toISOString(),
      updated_at: new Date().toISOString(),
      abilities: {
+        accesses_manage: true,
+        accesses_view: true,
+        attachment_upload: true,
        destroy: true,
        link_configuration: true,
+        partial_update: true,
+        retrieve: true,
+        update: true,
        versions_destroy: true,
        versions_list: true,
        versions_retrieve: true,
-        accesses_manage: true,
-        update: true,
-        partial_update: true,
-        retrieve: true,
-        attachment_upload: true,
      },
      accesses: [
        {