Auth: Refactor ACL Roles and Resources #98

Renamed ResourcePeople to ResourceUsers. Work in progress.
Added a few "default" roles as a reminder for later.

internal/acl/permissions.go

@@ -19,7 +19,7 @@ var Permissions = ACL{
 		RoleAdmin: Actions{ActionDefault: true},
 		RoleGuest: Actions{ActionSearch: true, ActionRead: true, ActionDownload: true},
 	},
-	ResourcePeople: Roles{
+	ResourceUsers: Roles{
 		RoleDefault: Actions{ActionUpdateSelf: true},
 	},
 }

internal/acl/resources.go

@@ -20,7 +20,7 @@ const (
 	ResourceLinks         Resource = "links"
 	ResourceGeo           Resource = "geo"
 	ResourcePasswords     Resource = "passwords"
-	ResourcePeople        Resource = "people"
+	ResourceUsers         Resource = "users"
 	ResourcePhotos        Resource = "photos"
 	ResourcePlaces        Resource = "places"
 	ResourceFeedback      Resource = "feedback"

internal/acl/roles.go

@@ -4,10 +4,17 @@ type Role string
 type Roles map[Role]Actions
 
 const (
-	RoleDefault Role = "*"
+	RoleDefault     Role = "*"
-	RoleAdmin   Role = "admin"
+	RoleAdmin       Role = "admin"
-	RoleChild   Role = "child"
+	RolePartner     Role = "partner"
-	RoleFamily  Role = "family"
+	RoleFamily      Role = "family"
-	RoleFriend  Role = "friend"
+	RoleSibling     Role = "sibling"
-	RoleGuest   Role = "guest"
+	RoleParent      Role = "parent"
+	RoleGrandparent Role = "grandparent"
+	RoleChild       Role = "child"
+	RoleFriend      Role = "friend"
+	RoleBestFriend  Role = "best-friend"
+	RoleClassmate   Role = "classmate"
+	RoleWorkmate    Role = "workmate"
+	RoleGuest       Role = "guest"
 )

internal/api/user_password.go

@@ -21,7 +21,7 @@ func ChangePassword(router *gin.RouterGroup) {
 			return
 		}
 
-		s := Auth(SessionID(c), acl.ResourcePeople, acl.ActionUpdateSelf)
+		s := Auth(SessionID(c), acl.ResourceUsers, acl.ActionUpdateSelf)
 
 		if s.Invalid() {
 			AbortUnauthorized(c)