Marmelator/red-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1.4k Wiki Activity

RED-5482: wip new permissions

Browse Source
This commit is contained in:
Dan Percic 2022-10-31 17:16:31 +02:00
parent 2933e4d45f
commit 2a60f2bcf4
9 changed files with 192 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

169
apps/red-ui/src/app/app-routing.module.ts
View File

@ -1,5 +1,12 @@
import { AuthErrorComponent } from '@components/auth-error/auth-error.component';
import { CompositeRouteGuard, CustomRouteReuseStrategy, IqserAuthGuard, IqserPermissionsGuard, IqserRoutes } from '@iqser/common-ui';
import {
CompositeRouteGuard,
CustomRouteReuseStrategy,
DEFAULT_REDIRECT_KEY,
IqserAuthGuard,
IqserPermissionsGuard,
IqserRoutes,
} from '@iqser/common-ui';
import { RedRoleGuard } from '@users/red-role.guard';
import { BaseScreenComponent } from '@components/base-screen/base-screen.component';
import { RouteReuseStrategy, RouterModule } from '@angular/router';
@ -17,6 +24,74 @@ import { DossierFilesGuard } from '@guards/dossier-files-guard';
import { WebViewerLoadedGuard } from './modules/pdf-viewer/services/webviewer-loaded.guard';
import { ROLES } from '@users/roles';
const dossierTemplateIdRoutes: IqserRoutes = [
{
path: `${DOSSIERS_ROUTE}`,
children: [
{
path: `:${DOSSIER_ID}`,
canActivate: [CompositeRouteGuard, IqserPermissionsGuard],
data: {
routeGuards: [DossierFilesGuard],
breadcrumbs: [BreadcrumbTypes.dossierTemplate, BreadcrumbTypes.dossier],
dossiersService: ACTIVE_DOSSIERS_SERVICE,
permissions: {
allow: [ROLES.dossierAttributes.read, ROLES.dossierAttributes.readConfig],
redirectTo: '/auth-error',
},
},
loadChildren: () => import('./modules/dossier-overview/dossier-overview.module').then(m => m.DossierOverviewModule),
},
{
path: `:${DOSSIER_ID}/file/:${FILE_ID}`,
canActivate: [CompositeRouteGuard, IqserPermissionsGuard],
data: {
routeGuards: [DossierFilesGuard, WebViewerLoadedGuard],
breadcrumbs: [BreadcrumbTypes.dossierTemplate, BreadcrumbTypes.dossier, BreadcrumbTypes.file],
dossiersService: ACTIVE_DOSSIERS_SERVICE,
permissions: {
allow: [ROLES.readRedactionLog, ROLES.files.downloadOriginal, ROLES.highlights.read],
redirectTo: '/auth-error',
},
},
loadChildren: () => import('./modules/file-preview/file-preview.module').then(m => m.FilePreviewModule),
},
{
path: '',
pathMatch: 'full',
loadChildren: () => import('./modules/dossiers-listing/dossiers-listing.module').then(m => m.DossiersListingModule),
data: {
breadcrumbs: [BreadcrumbTypes.dossierTemplate],
},
},
],
canActivate: [CompositeRouteGuard, IqserPermissionsGuard],
data: {
routeGuards: [DossiersGuard],
dossiersService: ACTIVE_DOSSIERS_SERVICE,
permissions: {
allow: [ROLES.files.readStatus],
redirectTo: '/auth-error',
},
},
},
{
path: `${ARCHIVE_ROUTE}`,
loadChildren: () => import('./modules/archive/archive.module').then(m => m.ArchiveModule),
canActivate: [CompositeRouteGuard, WebViewerLoadedGuard],
data: {
routeGuards: [FeaturesGuard, DossiersGuard],
dossiersService: ARCHIVED_DOSSIERS_SERVICE,
features: [DOSSIERS_ARCHIVE],
},
},
{
path: '**',
redirectTo: `${DOSSIERS_ROUTE}`,
pathMatch: 'full',
},
];
const routes: IqserRoutes = [
{
path: '',
@ -39,6 +114,13 @@ const routes: IqserRoutes = [
{
path: 'admin',
loadChildren: () => import('./modules/admin/admin.module').then(m => m.AdminModule),
canActivate: [IqserPermissionsGuard],
data: {
permissions: {
allow: [ROLES.templates.read],
redirectTo: '/auth-error',
},
},
},
{
path: 'dashboard',
@ -48,6 +130,7 @@ const routes: IqserRoutes = [
routeGuards: [IqserAuthGuard, RedRoleGuard, DossierTemplatesGuard, DashboardGuard],
permissions: {
allow: [
ROLES.any,
ROLES.templates.read,
ROLES.fileAttributes.readConfig,
ROLES.watermarks.read,
@ -63,94 +146,49 @@ const routes: IqserRoutes = [
{
path: 'downloads',
component: DownloadsListScreenComponent,
canActivate: [CompositeRouteGuard],
canActivate: [CompositeRouteGuard, IqserPermissionsGuard],
data: {
routeGuards: [IqserAuthGuard, RedRoleGuard],
permissions: {
allow: ROLES.readDownloadStatus,
redirectTo: '/auth-error',
},
},
},
{
path: 'search',
loadChildren: () => import('./modules/search/search.module').then(m => m.SearchModule),
canActivate: [CompositeRouteGuard],
canActivate: [CompositeRouteGuard, IqserPermissionsGuard],
data: {
routeGuards: [IqserAuthGuard, RedRoleGuard],
requiredRoles: ['RED_USER'],
permissions: {
allow: [ROLES.search],
redirectTo: '/auth-error',
},
},
},
{
path: 'trash',
loadChildren: () => import('./modules/trash/trash.module').then(m => m.TrashModule),
canActivate: [CompositeRouteGuard],
canActivate: [CompositeRouteGuard, IqserPermissionsGuard],
data: {
routeGuards: [IqserAuthGuard, RedRoleGuard, DossiersGuard, TrashGuard],
requiredRoles: ['RED_USER'],
dossiersService: ACTIVE_DOSSIERS_SERVICE,
permissions: {
allow: [ROLES.dossiers.read, ROLES.files.readStatus],
redirectTo: '/auth-error',
},
},
},
{
path: `:${DOSSIER_TEMPLATE_ID}`,
children: [
{
path: `${DOSSIERS_ROUTE}`,
children: [
{
path: `:${DOSSIER_ID}`,
canActivate: [CompositeRouteGuard],
data: {
routeGuards: [DossierFilesGuard],
breadcrumbs: [BreadcrumbTypes.dossierTemplate, BreadcrumbTypes.dossier],
dossiersService: ACTIVE_DOSSIERS_SERVICE,
},
loadChildren: () =>
import('./modules/dossier-overview/dossier-overview.module').then(m => m.DossierOverviewModule),
},
{
path: `:${DOSSIER_ID}/file/:${FILE_ID}`,
canActivate: [CompositeRouteGuard],
data: {
routeGuards: [DossierFilesGuard, WebViewerLoadedGuard],
breadcrumbs: [BreadcrumbTypes.dossierTemplate, BreadcrumbTypes.dossier, BreadcrumbTypes.file],
dossiersService: ACTIVE_DOSSIERS_SERVICE,
},
loadChildren: () => import('./modules/file-preview/file-preview.module').then(m => m.FilePreviewModule),
},
{
path: '',
pathMatch: 'full',
loadChildren: () =>
import('./modules/dossiers-listing/dossiers-listing.module').then(m => m.DossiersListingModule),
data: {
breadcrumbs: [BreadcrumbTypes.dossierTemplate],
},
},
],
canActivate: [CompositeRouteGuard],
data: {
routeGuards: [DossiersGuard],
dossiersService: ACTIVE_DOSSIERS_SERVICE,
},
},
{
path: `${ARCHIVE_ROUTE}`,
loadChildren: () => import('./modules/archive/archive.module').then(m => m.ArchiveModule),
canActivate: [CompositeRouteGuard, WebViewerLoadedGuard],
data: {
routeGuards: [FeaturesGuard, DossiersGuard],
dossiersService: ARCHIVED_DOSSIERS_SERVICE,
features: [DOSSIERS_ARCHIVE],
},
},
{
path: '**',
redirectTo: `${DOSSIERS_ROUTE}`,
pathMatch: 'full',
},
],
children: dossierTemplateIdRoutes,
canActivate: [CompositeRouteGuard, IqserPermissionsGuard],
data: {
routeGuards: [IqserAuthGuard, RedRoleGuard, DossierTemplatesGuard, DashboardGuard, DossierTemplateExistsGuard],
permissions: {
allow: [
ROLES.any,
ROLES.templates.read,
ROLES.fileAttributes.readConfig,
ROLES.watermarks.read,
@ -160,7 +198,10 @@ const routes: IqserRoutes = [
ROLES.notifications.read,
ROLES.dossiers.read,
],
redirectTo: '/',
redirectTo: {
[ROLES.any]: '/auth-error',
[DEFAULT_REDIRECT_KEY]: '/',
},
},
},
},

12
apps/red-ui/src/app/components/base-screen/base-screen.component.html
View File

@ -1,14 +1,16 @@
<iqser-help-mode></iqser-help-mode>
<div class="top-bar">
<div *ngIf="!currentUser.isUser" class="menu-placeholder"></div>
<ng-template #menuPlaceholder>
<div *ngIf="!currentUser.isUser" class="menu-placeholder"></div>
</ng-template>
<div *ngIf="currentUser.isUser" class="flex-2 visible-lg breadcrumbs-container">
<div *allow="roles.templates.read; else menuPlaceholder" class="flex-2 visible-lg breadcrumbs-container">
<redaction-breadcrumbs></redaction-breadcrumbs>
</div>
<a [matTooltip]="'top-bar.navigation-items.back-to-dashboard' | translate" [routerLink]="['/']" class="logo">
<div class="actions" [iqserHelpMode]="'home'">
<div [iqserHelpMode]="'home'" class="actions">
<iqser-hidden-action (action)="userPreferenceService.toggleDevFeatures()">
<iqser-logo icon="red:logo"></iqser-logo>
</iqser-hidden-action>
@ -19,7 +21,7 @@
<div class="actions flex-2">
<div class="buttons">
<redaction-spotlight-search
*ngIf="(isSearchScreen$ | async) === false && (currentUser.isUser || currentUser.isManager)"
*allow="roles.search; if: (isSearchScreen$ | async) === false"
[actions]="searchActions"
[iqserHelpMode]="'search_in_entire_application'"
[placeholder]="'search.placeholder' | translate"
@ -34,7 +36,7 @@
<mat-menu #userMenu="matMenu" xPosition="before">
<ng-container *ngFor="let item of userMenuItems; trackBy: trackByName">
<a (click)="(item.action)" *ngIf="item.show" [id]="item.id" [routerLink]="item.routerLink" mat-menu-item>
<a (click)="item.action?.()" *ngIf="item.show" [id]="item.id" [routerLink]="item.routerLink" mat-menu-item>
{{ item.name | translate }}
</a>
</ng-container>

11
apps/red-ui/src/app/components/base-screen/base-screen.component.ts
View File

@ -7,10 +7,11 @@ import { TranslateService } from '@ngx-translate/core';
import { SpotlightSearchAction } from '@components/spotlight-search/spotlight-search-action';
import { marker as _ } from '@biesbjerg/ngx-translate-extract-marker';
import { filter, map, startWith } from 'rxjs/operators';
import { shareDistinctLast } from '@iqser/common-ui';
import { IqserPermissionsService, shareDistinctLast } from '@iqser/common-ui';
import { BreadcrumbsService } from '@services/breadcrumbs.service';
import { FeaturesService } from '@services/features.service';
import { ARCHIVE_ROUTE, DOSSIERS_ARCHIVE, DOSSIERS_ROUTE } from '@red/domain';
import { ROLES } from '@users/roles';
interface MenuItem {
readonly id: string;
@ -29,6 +30,7 @@ const isSearchScreen: (url: string) => boolean = url => url.includes('/search');
styleUrls: ['./base-screen.component.scss'],
})
export class BaseScreenComponent {
readonly roles = ROLES;
readonly currentUser = this.userService.currentUser;
readonly userMenuItems: readonly MenuItem[] = [
{
@ -41,19 +43,19 @@ export class BaseScreenComponent {
id: 'admin',
name: _('top-bar.navigation-items.my-account.children.admin'),
routerLink: '/main/admin',
show: this.currentUser.isManager || this.currentUser.isUserAdmin,
show: this._permissionsService.has([ROLES.templates.read]),
},
{
id: 'downloads',
name: _('top-bar.navigation-items.my-account.children.downloads'),
routerLink: '/main/downloads',
show: this.currentUser.isUser,
show: this._permissionsService.has(ROLES.readDownloadStatus),
},
{
id: 'trash',
name: _('top-bar.navigation-items.my-account.children.trash'),
routerLink: '/main/trash',
show: this.currentUser.isUser,
show: this._permissionsService.has([ROLES.dossiers.read, ROLES.files.readStatus]),
},
];
readonly searchActions: readonly SpotlightSearchAction[] = [
@ -87,6 +89,7 @@ export class BaseScreenComponent {
private readonly _router: Router,
private readonly _translateService: TranslateService,
private readonly _featuresService: FeaturesService,
private readonly _permissionsService: IqserPermissionsService,
readonly userService: UserService,
readonly userPreferenceService: UserPreferenceService,
readonly titleService: Title,

43
apps/red-ui/src/app/modules/admin/admin-routing.module.ts
View File

@ -1,5 +1,5 @@
import { NgModule } from '@angular/core';
import { CompositeRouteGuard, IqserAuthGuard } from '@iqser/common-ui';
import { CompositeRouteGuard, IqserAuthGuard, IqserPermissionsGuard, IqserRoutes } from '@iqser/common-ui';
import { RedRoleGuard } from '@users/red-role.guard';
import { EntitiesListingScreenComponent } from './screens/entities-listing/entities-listing-screen.component';
import { PendingChangesGuard } from '@guards/can-deactivate.guard';
@ -8,7 +8,7 @@ import { DefaultColorsScreenComponent } from './screens/default-colors/default-c
import { UserListingScreenComponent } from './screens/user-listing/user-listing-screen.component';
import { DigitalSignatureScreenComponent } from './screens/digital-signature/digital-signature-screen.component';
import { AuditScreenComponent } from './screens/audit/audit-screen.component';
import { RouterModule, Routes } from '@angular/router';
import { RouterModule } from '@angular/router';
import { DossierAttributesListingScreenComponent } from './screens/dossier-attributes-listing/dossier-attributes-listing-screen.component';
import { GeneralConfigScreenComponent } from './screens/general-config/general-config-screen.component';
import { BaseAdminScreenComponent } from './base-admin-screen/base-admin-screen.component';
@ -20,11 +20,11 @@ import { EntityExistsGuard } from '@guards/entity-exists-guard.service';
import { DossierStatesListingScreenComponent } from './screens/dossier-states-listing/dossier-states-listing-screen.component';
import { BaseEntityScreenComponent } from './base-entity-screen/base-entity-screen.component';
import { PermissionsGuard } from '@guards/permissions-guard';
import { ROLES } from '@users/roles';
const dossierTemplateIdRoutes: Routes = [
const dossierTemplateIdRoutes: IqserRoutes = [
{
path: 'info',
canActivate: [CompositeRouteGuard],
component: BaseDossierTemplateScreenComponent,
loadChildren: () => import('./screens/info/dossier-template-info.module').then(m => m.DossierTemplateInfoModule),
},
@ -75,11 +75,14 @@ const dossierTemplateIdRoutes: Routes = [
{
path: 'reports',
component: BaseDossierTemplateScreenComponent,
canActivate: [CompositeRouteGuard],
data: {
routeGuards: [IqserAuthGuard, RedRoleGuard],
},
loadChildren: () => import('./screens/reports/reports.module').then(m => m.ReportsModule),
canActivate: [IqserAuthGuard, IqserPermissionsGuard],
data: {
permissions: {
allow: [ROLES.reportTemplates.read],
redirectTo: '/auth-error',
},
},
},
{
path: 'dossier-attributes',
@ -108,20 +111,23 @@ const dossierTemplateIdRoutes: Routes = [
{
path: 'justifications',
component: BaseDossierTemplateScreenComponent,
canActivate: [CompositeRouteGuard],
loadChildren: () => import('./screens/justifications/justifications.module').then(m => m.JustificationsModule),
canActivate: [IqserPermissionsGuard],
data: {
permissions: {
allow: [ROLES.legalBasis.read],
redirectTo: '/auth-error',
},
},
},
{ path: '', redirectTo: 'info', pathMatch: 'full' },
];
const dossierTemplatesRoutes: Routes = [
const dossierTemplatesRoutes: IqserRoutes = [
{
path: '',
component: BaseAdminScreenComponent,
canActivate: [CompositeRouteGuard],
data: {
routeGuards: [IqserAuthGuard, RedRoleGuard],
},
canActivate: [IqserAuthGuard],
loadChildren: () =>
import('./screens/dossier-templates-listing/dossier-templates-listing.module').then(m => m.DossierTemplatesListingModule),
},
@ -133,15 +139,18 @@ const dossierTemplatesRoutes: Routes = [
},
];
const routes: Routes = [
const routes: IqserRoutes = [
{ path: '', redirectTo: 'dossier-templates', pathMatch: 'full' },
{
path: 'dossier-templates',
children: dossierTemplatesRoutes,
canActivate: [CompositeRouteGuard],
canActivate: [CompositeRouteGuard, IqserPermissionsGuard],
data: {
routeGuards: [IqserAuthGuard, RedRoleGuard, DossierTemplatesGuard],
requiredRoles: ['RED_MANAGER', 'RED_ADMIN'],
permissions: {
allow: [ROLES.templates.read],
redirectTo: '/',
},
},
},
{

8
apps/red-ui/src/app/modules/admin/admin-side-nav/admin-side-nav.component.ts
View File

@ -5,6 +5,8 @@ import { adminSideNavTranslations } from '@translations/admin-side-nav-translati
import { UserService } from '@users/user.service';
import { ActivatedRoute } from '@angular/router';
import { AdminSideNavType, AdminSideNavTypes, ENTITY_TYPE } from '@red/domain';
import { ROLES } from '@users/roles';
import { IqserPermissionsService } from '@iqser/common-ui';
interface NavItem {
readonly label: string;
@ -23,6 +25,7 @@ export class AdminSideNavComponent implements OnInit {
@Input() disabledItems: string[] = [];
readonly translations = adminSideNavTranslations;
readonly currentUser = this._userService.currentUser;
readonly roles = ROLES;
prefix: string;
readonly items: { readonly [key in AdminSideNavType]: NavItem[] } = {
@ -30,7 +33,7 @@ export class AdminSideNavComponent implements OnInit {
{
screen: 'dossier-templates',
label: _('admin-side-nav.dossier-templates'),
hideIf: !this.currentUser.isManager && !this.currentUser.isAdmin,
hideIf: !this._permissionsService.has([ROLES.templates.read]),
helpModeKey: 'dossier_templates',
},
{
@ -114,11 +117,13 @@ export class AdminSideNavComponent implements OnInit {
{
screen: 'reports',
label: _('admin-side-nav.reports'),
hideIf: !this._permissionsService.has([ROLES.reportTemplates.read]),
helpModeKey: 'reports',
},
{
screen: 'justifications',
label: _('admin-side-nav.justifications'),
hideIf: !this._permissionsService.has([ROLES.legalBasis.read]),
helpModeKey: 'justifications',
},
],
@ -147,6 +152,7 @@ export class AdminSideNavComponent implements OnInit {
constructor(
private readonly _userService: UserService,
private readonly _permissionsService: IqserPermissionsService,
private readonly _route: ActivatedRoute,
readonly userPreferenceService: UserPreferenceService,
) {}

2
apps/red-ui/src/app/modules/dossier-overview/components/screen-header/dossier-overview-screen-header.component.html
View File

@ -37,7 +37,7 @@
<iqser-circle-button
(action)="upload.emit()"
*ngIf="permissionsService.canUploadFiles(dossier)"
*allow="roles.files.upload; if: permissionsService.canUploadFiles(dossier)"
[icon]="'iqser:upload'"
[id]="'upload-document-btn'"
[iqserHelpMode]="'edit_dossier_in_dossier'"

2
apps/red-ui/src/app/modules/dossier-overview/components/screen-header/dossier-overview-screen-header.component.ts
View File

@ -21,6 +21,7 @@ import { ConfigService } from '../../config.service';
import { firstValueFrom } from 'rxjs';
import { PrimaryFileAttributeService } from '@services/primary-file-attribute.service';
import { Router } from '@angular/router';
import { ROLES } from '@users/roles';
@Component({
selector: 'redaction-dossier-overview-screen-header',
@ -31,6 +32,7 @@ export class DossierOverviewScreenHeaderComponent implements OnInit {
@Input() @Required() dossier: Dossier;
@Output() @Required() readonly upload = new EventEmitter<void>();
readonly circleButtonTypes = CircleButtonTypes;
readonly roles = ROLES;
actionConfigs: List<ActionConfig>;
constructor(

2
apps/red-ui/src/app/modules/dossier-overview/dossier-overview.module.ts
View File

@ -8,6 +8,7 @@ import {
IqserIconsModule,
IqserListingModule,
IqserLoadingModule,
IqserPermissionsModule,
IqserScrollbarModule,
IqserSharedModule,
IqserUsersModule,
@ -61,6 +62,7 @@ const routes: Routes = [
IqserLoadingModule,
IqserSharedModule,
IqserScrollbarModule,
IqserPermissionsModule,
],
})
export class DossierOverviewModule {}

60
apps/red-ui/src/app/users/roles.ts
View File

@ -1,24 +1,13 @@
export const ROLES = {
RED_ADD_COMMENT: 'red-add-comment',
RED_ADD_REDACTION: 'red-add-redaction',
RED_CONVERT_HIGHLIGHTS: 'red-convert-highlights',
RED_CREATE_TENANT: 'red-create-tenant',
RED_DELETE_COMMENT: 'red-delete-comment',
RED_DELETE_FILE: 'red-delete-file',
RED_DELETE_HIGHLIGHTS: 'red-delete-highlights',
RED_DELETE_IMPORTED_REDACTIONS: 'red-delete-imported-redactions',
RED_DELETE_MANUAL_REDACTION: 'red-delete-manual-redaction',
RED_DELETE_REPORT_TEMPLATE: 'red-delete-report-template',
RED_DEPLOYMENT_INFO: 'red-deployment-info',
RED_DOWNLOAD_ANNOTATED_FILE: 'red-download-annotated-file',
RED_DOWNLOAD_ORIGINAL_FILE: 'red-download-original-file',
RED_DOWNLOAD_REDACTED_FILE: 'red-download-redacted-file',
RED_DOWNLOAD_REDACTION_PREVIEW_FILE: 'red-download-redaction-preview-file',
RED_DOWNLOAD_REPORT_TEMPLATE: 'red-download-report-template',
RED_EXCLUDE_INCLUDE_FILE: 'red-exclude-include-file',
RED_EXCLUDE_INCLUDE_PAGES: 'red-exclude-include-pages',
RED_GET_HIGHLIGHTS: 'red-get-highlights',
RED_GET_REPORT_TEMPLATES: 'red-get-report-templates',
RED_GET_RSS: 'red-get-rss',
RED_GET_TENANTS: 'red-get-tenants',
RED_MANAGE_ACL_PERMISSIONS: 'red-manage-acl-permissions',
@ -26,38 +15,43 @@ export const ROLES = {
RED_MANAGE_VIEWED_PAGES: 'red-manage-viewed-pages',
RED_PROCESS_DOWNLOAD: 'red-process-download',
RED_PROCESS_MANUAL_REDACTION_REQUEST: 'red-process-manual-redaction-request',
RED_PROCESS_TEXTHIGHLIGHTS: 'red-process-texthighlights',
RED_READ_DIGITAL_SIGNATURE: 'red-read-digital-signature',
RED_READ_DOSSIER_ATTRIBUTES: 'red-read-dossier-attributes',
RED_READ_DOSSIER_ATTRIBUTES_CONFIG: 'red-read-dossier-attributes-config',
RED_READ_DOWNLOAD_STATUS: 'red-read-download-status',
RED_READ_FILE_STATUS: 'red-read-file-status',
RED_READ_LEGAL_BASIS: 'red-read-legal-basis',
RED_READ_LICENSE: 'red-read-license',
RED_READ_LICENSE_REPORT: 'red-read-license-report',
RED_READ_MANUAL_REDACTIONS: 'red-read-manual-redactions',
RED_READ_REDACTION_LOG: 'red-read-redaction-log',
RED_READ_RULES: 'red-read-rules',
RED_READ_SMTP_CONFIGURATION: 'red-read-smtp-configuration',
RED_READ_VERSIONS: 'red-read-versions',
RED_REANALYZE_FILE: 'red-reanalyze-file',
RED_REINDEX: 'red-reindex',
RED_REQUEST_REDACTION: 'red-request-redaction',
RED_ROTATE_PAGE: 'red-rotate-page',
RED_SEARCH: 'red-search',
RED_SEARCH_AUDIT_LOG: 'red-search-audit-log',
RED_SET_REVIEWER: 'red-set-reviewer',
RED_SET_STATUS_APPROVED: 'red-set-status-approved',
RED_SET_STATUS_UNDER_APPROVAL: 'red-set-status-under-approval',
RED_UPDATE_MY_PROFILE: 'red-update-my-profile',
RED_UPLOAD_FILE: 'red-upload-file',
RED_UPLOAD_REPORT_TEMPLATE: 'red-upload-report-template',
RED_WRITE_DIGITAL_SIGNATURE: 'red-write-digital-signature',
RED_WRITE_DOSSIER_ATTRIBUTES: 'red-write-dossier-attributes',
RED_WRITE_DOSSIER_ATTRIBUTES_CONFIG: 'red-write-dossier-attributes-config',
RED_WRITE_LEGAL_BASIS: 'red-write-legal-basis',
RED_WRITE_RULES: 'red-write-rules',
RED_WRITE_SMTP_CONFIGURATION: 'red-write-smtp-configuration',
readDownloadStatus: 'red-read-download-status',
readRedactionLog: 'red-read-redaction-log',
search: 'red-search',
legalBasis: {
read: 'red-read-legal-basis',
write: 'red-write-legal-basis',
},
reportTemplates: {
read: 'red-get-report-templates',
upload: 'red-upload-report-template',
download: 'red-download-report-template',
delete: 'red-delete-report-template',
},
highlights: {
read: 'red-get-highlights',
delete: 'red-delete-highlights',
convert: 'red-convert-highlights',
process: 'red-process-texthighlights',
},
watermarks: {
write: 'red-write-watermark',
read: 'red-read-watermark',
@ -83,6 +77,16 @@ export const ROLES = {
delete: 'red-delete-dossier-dictionary-entry',
},
},
files: {
delete: 'red-delete-file',
readStatus: 'red-read-file-status',
downloadAnnotated: 'red-download-annotated-file',
downloadOriginal: 'red-download-original-file',
downloadRedacted: 'red-download-redacted-file',
downloadPreview: 'red-download-redaction-preview-file',
reanalyze: 'red-reanalyze-file',
upload: 'red-upload-file',
},
templates: {
read: 'red-read-dossier-templates',
write: 'red-write-dossier-templates',
@ -96,6 +100,12 @@ export const ROLES = {
readConfig: 'red-read-file-attributes-config',
writeConfig: 'red-write-file-attributes-config',
},
dossierAttributes: {
read: 'red-read-dossier-attributes',
write: 'red-write-dossier-attributes',
readConfig: 'red-read-dossier-attributes-config',
writeConfig: 'red-write-dossier-attributes-config',
},
dictionaryEntries: {
write: 'red-add-dictionary-entry',
delete: 'red-delete-dictionary-entry',