From 67bf46dd9a5508836d10a75eb29ed515bab90014 Mon Sep 17 00:00:00 2001
From: Michael Mayer <michael@photoprism.app>
Date: Fri, 13 Aug 2021 21:23:34 +0200
Subject: [PATCH] Auth: Refactor ACL Roles and Resources #98

Renamed ResourcePeople to ResourceUsers. Work in progress.
Added a few "default" roles as a reminder for later.
---
 internal/acl/permissions.go                   |  2 +-
 internal/acl/resources.go                     |  2 +-
 internal/acl/roles.go                         | 19 +++++++++++++------
 internal/api/{user.go => user_password.go}    |  2 +-
 .../{user_test.go => user_password_test.go}   |  0
 5 files changed, 16 insertions(+), 9 deletions(-)
 rename internal/api/{user.go => user_password.go} (95%)
 rename internal/api/{user_test.go => user_password_test.go} (100%)

diff --git a/internal/acl/permissions.go b/internal/acl/permissions.go
index 083d98741..6c9bb2cee 100644
--- a/internal/acl/permissions.go
+++ b/internal/acl/permissions.go
@@ -19,7 +19,7 @@ var Permissions = ACL{
 		RoleAdmin: Actions{ActionDefault: true},
 		RoleGuest: Actions{ActionSearch: true, ActionRead: true, ActionDownload: true},
 	},
-	ResourcePeople: Roles{
+	ResourceUsers: Roles{
 		RoleDefault: Actions{ActionUpdateSelf: true},
 	},
 }
diff --git a/internal/acl/resources.go b/internal/acl/resources.go
index 4cd6751fd..16f1a422b 100644
--- a/internal/acl/resources.go
+++ b/internal/acl/resources.go
@@ -20,7 +20,7 @@ const (
 	ResourceLinks         Resource = "links"
 	ResourceGeo           Resource = "geo"
 	ResourcePasswords     Resource = "passwords"
-	ResourcePeople        Resource = "people"
+	ResourceUsers         Resource = "users"
 	ResourcePhotos        Resource = "photos"
 	ResourcePlaces        Resource = "places"
 	ResourceFeedback      Resource = "feedback"
diff --git a/internal/acl/roles.go b/internal/acl/roles.go
index 1efe976d0..5003ae965 100644
--- a/internal/acl/roles.go
+++ b/internal/acl/roles.go
@@ -4,10 +4,17 @@ type Role string
 type Roles map[Role]Actions
 
 const (
-	RoleDefault Role = "*"
-	RoleAdmin   Role = "admin"
-	RoleChild   Role = "child"
-	RoleFamily  Role = "family"
-	RoleFriend  Role = "friend"
-	RoleGuest   Role = "guest"
+	RoleDefault     Role = "*"
+	RoleAdmin       Role = "admin"
+	RolePartner     Role = "partner"
+	RoleFamily      Role = "family"
+	RoleSibling     Role = "sibling"
+	RoleParent      Role = "parent"
+	RoleGrandparent Role = "grandparent"
+	RoleChild       Role = "child"
+	RoleFriend      Role = "friend"
+	RoleBestFriend  Role = "best-friend"
+	RoleClassmate   Role = "classmate"
+	RoleWorkmate    Role = "workmate"
+	RoleGuest       Role = "guest"
 )
diff --git a/internal/api/user.go b/internal/api/user_password.go
similarity index 95%
rename from internal/api/user.go
rename to internal/api/user_password.go
index 64deab05a..07a0ccb7c 100644
--- a/internal/api/user.go
+++ b/internal/api/user_password.go
@@ -21,7 +21,7 @@ func ChangePassword(router *gin.RouterGroup) {
 			return
 		}
 
-		s := Auth(SessionID(c), acl.ResourcePeople, acl.ActionUpdateSelf)
+		s := Auth(SessionID(c), acl.ResourceUsers, acl.ActionUpdateSelf)
 
 		if s.Invalid() {
 			AbortUnauthorized(c)
diff --git a/internal/api/user_test.go b/internal/api/user_password_test.go
similarity index 100%
rename from internal/api/user_test.go
rename to internal/api/user_password_test.go