HFS.userBelongsTo

dev-plugins.md

@@ -268,7 +268,9 @@ The HFS objects contains many properties:
 - `debounceAsync: function` like lodash.debounce, but also avoids async invocations to overlap.
   For details please refer to `src/debounceAsync.ts`.
 - `loadScript(uri: string): Promise` load a js file. If uri is relative, it is based on the plugin's public folder.
-- `customRestCall(name: string, parameters?: object): Promise<any>` call backend functions exported with `customRest`. 
+- `customRestCall(name: string, parameters?: object): Promise<any>` call backend functions exported with `customRest`.
+- `userBelongsTo(groupOrUsername: string): boolean` returns true if logged in account belongs to the specified group name. 
+  Returns true if the specified name is the one of the logged in account.  
 
 The following properties are accessible only immediately at top-level; don't call it later in a callback.
 - `getPluginConfig()` returns object of all config keys that are declared frontend-accessible by this plugin.
@@ -643,6 +645,7 @@ If you want to override a text regardless of the language, use the special langu
     - exports.customRest + HFS.customRestCall
     - config.type: vfs_path
     - frontend event: sortCompare
+    - HFS.userBelongsTo
 - 8.891 (v0.53.0)
     - api.openDb
     - frontend event: menuZip

frontend/src/state.ts

@@ -38,7 +38,9 @@ export const state = proxy<typeof FRONTEND_OPTIONS & {
     uri: string
     uploadOnExisting: 'skip' | 'overwrite' | 'rename'
     searchOptions: any
+    expandedUsername: string[]
 }>({
+    expandedUsername: [],
     searchOptions: { wild: true },
     uploadOnExisting: getHFS().dontOverwriteUploading ? 'rename' : 'skip',
     uri: '',

shared/index.ts

@@ -27,6 +27,7 @@ Object.assign(HFS, {
     getPluginPublic: () => getScriptAttr('src')?.match(/^.*\//)?.[0],
     getPluginConfig: () => HFS.plugins[HFS.getPluginKey()] || {},
     loadScript: (uri: string) => loadScript(uri.includes('//') || uri.startsWith('/') ? uri : HFS.getPluginPublic() + uri),
+    userBelongsTo: (groupOrUser: string) => HFS.state.expandedUsername.includes(groupOrUser),
     cpuSpeedIndex,
 })
 
@@ -113,7 +114,7 @@ export function makeSessionRefresher(state: any) {
         if (!response) return
         const { exp } = response
         Object.assign(initial, response) // keep it updated, not necessary, just in case someone is looking at this instead of the state
-        Object.assign(state, _.pick(response, ['username', 'adminUrl', 'canChangePassword', 'accountExp']))
+        Object.assign(state, _.pick(response, ['username', 'adminUrl', 'canChangePassword', 'accountExp', 'expandedUsername']))
         if (!response.username || !exp) return
         const delta = new Date(exp).getTime() - Date.now()
         const t = _.clamp(delta - 30_000, 4_000, 600_000)

src/api.auth.ts

@@ -1,6 +1,6 @@
 // This file is part of HFS - Copyright 2021-2023, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
 
-import { Account, accountCanLogin, changeSrpHelper, getAccount, getFromAccount } from './perm'
+import { Account, accountCanLogin, changeSrpHelper, expandUsername, getAccount, getFromAccount } from './perm'
 import { ApiError, ApiHandler } from './apiMiddleware'
 import { SRPServerSessionStep1 } from 'tssrp6a'
 import { ADMIN_URI, HTTP_UNAUTHORIZED, HTTP_BAD_REQUEST, HTTP_SERVER_ERROR, HTTP_CONFLICT, HTTP_NOT_FOUND } from './const'
@@ -77,8 +77,10 @@ export const logout: ApiHandler = async ({}, ctx) => {
 }
 
 export const refresh_session: ApiHandler = async ({}, ctx) => {
+    const username = getCurrentUsername(ctx)
     return !ctx.session ? new ApiError(HTTP_SERVER_ERROR) : {
-        username: getCurrentUsername(ctx),
+        username,
+        expandedUsername: expandUsername(username),
         adminUrl: ctxAdminAccess(ctx) ? ctx.state.revProxyPath + ADMIN_URI : undefined,
         canChangePassword: canChangePassword(ctx.state.account),
         exp: keepSessionAlive.get() ? new Date(Date.now() + sessionDuration.compiled()) : undefined,