Safe Haskell | Safe-Inferred |
---|---|
Language | GHC2021 |
Synopsis
- ensureAccessRole :: (Member BrigAccess r, Member (ErrorS 'NotATeamMember) r, Member (ErrorS 'ConvAccessDenied) r) => Set AccessRole -> [(UserId, Maybe TeamMember)] -> Sem r ()
- ensureConnectedOrSameTeam :: (Member BrigAccess r, Member (ErrorS 'NotConnected) r, Member TeamStore r) => Local UserId -> [Qualified UserId] -> Sem r ()
- ensureConnectedToLocalsOrSameTeam :: (Member BrigAccess r, Member (ErrorS 'NotConnected) r, Member TeamStore r) => Local UserId -> [UserId] -> Sem r ()
- ensureConnected :: (Member BrigAccess r, Member (ErrorS 'NotConnected) r) => Local UserId -> UserList UserId -> Sem r ()
- ensureConnectedToLocals :: (Member (ErrorS 'NotConnected) r, Member BrigAccess r) => UserId -> [UserId] -> Sem r ()
- ensureConnectedToRemotes :: (Member BrigAccess r, Member (ErrorS 'NotConnected) r) => Local UserId -> [Remote UserId] -> Sem r ()
- ensureReAuthorised :: (Member BrigAccess r, Member (Error AuthenticationError) r) => UserId -> Maybe PlainTextPassword6 -> Maybe Value -> Maybe VerificationAction -> Sem r ()
- ensureActionAllowed :: forall (action :: Action) mem r. (IsConvMember mem, Member (ErrorS ('ActionDenied action)) r) => Sing action -> mem -> Sem r ()
- ensureGroupConversation :: Member (ErrorS 'InvalidOperation) r => Conversation -> Sem r ()
- ensureConvRoleNotElevated :: (IsConvMember mem, Member (ErrorS 'InvalidAction) r) => mem -> RoleName -> Sem r ()
- permissionCheckS :: forall perm (p :: perm) r. (SingKind perm, IsPerm (Demote perm), (Member (ErrorS (PermError p)) r, Member (ErrorS 'NotATeamMember) r)) => Sing p -> Maybe TeamMember -> Sem r TeamMember
- permissionCheck :: (IsPerm perm, (Member (ErrorS OperationDenied) r, Member (ErrorS 'NotATeamMember) r)) => perm -> Maybe TeamMember -> Sem r TeamMember
- assertTeamExists :: (Member (ErrorS 'TeamNotFound) r, Member TeamStore r) => TeamId -> Sem r ()
- assertOnTeam :: (Member (ErrorS 'NotATeamMember) r, Member TeamStore r) => UserId -> TeamId -> Sem r ()
- acceptOne2One :: (Member ConversationStore r, Member (ErrorS 'ConvNotFound) r, Member (Error InternalError) r, Member (ErrorS 'InvalidOperation) r, Member (Input UTCTime) r, Member MemberStore r, Member NotificationSubsystem r) => Local UserId -> Conversation -> Maybe ConnId -> Sem r Conversation
- localMemberToRecipient :: LocalMember -> Recipient
- userRecipient :: UserId -> Recipient
- memberJoinEvent :: Local UserId -> Qualified ConvId -> UTCTime -> [LocalMember] -> [RemoteMember] -> Event
- convDeleteMembers :: Member MemberStore r => UserList UserId -> Conversation -> Sem r Conversation
- isMember :: Foldable m => UserId -> m LocalMember -> Bool
- isRemoteMember :: Foldable m => Remote UserId -> m RemoteMember -> Bool
- class IsConvMember mem => IsConvMemberId uid mem | uid -> mem where
- getConvMember :: Local x -> Conversation -> uid -> Maybe mem
- isConvMember :: Local x -> Conversation -> uid -> Bool
- notIsConvMember :: Local x -> Conversation -> uid -> Bool
- isConvMemberL :: IsConvMemberId uid mem => Local Conversation -> uid -> Bool
- class IsConvMember mem where
- convMemberRole :: mem -> RoleName
- convMemberId :: Local x -> mem -> Qualified UserId
- ulNewMembers :: Local x -> Conversation -> UserList UserId -> UserList UserId
- class IsBotOrMember uid where
- bmAdd :: Local x -> uid -> BotsAndMembers -> BotsAndMembers
- data BotsAndMembers = BotsAndMembers {}
- bmQualifiedMembers :: Local x -> BotsAndMembers -> [Qualified UserId]
- bmDiff :: BotsAndMembers -> BotsAndMembers -> BotsAndMembers
- bmFromMembers :: [LocalMember] -> [RemoteMember] -> BotsAndMembers
- convBotsAndMembers :: Conversation -> BotsAndMembers
- localBotsAndUsers :: Foldable f => f LocalMember -> ([BotMember], [LocalMember])
- nonTeamMembers :: [LocalMember] -> [TeamMember] -> [LocalMember]
- membersToRecipients :: Maybe UserId -> [TeamMember] -> [Recipient]
- getSelfMemberFromLocals :: (Foldable t, Member (ErrorS 'ConvNotFound) r) => UserId -> t LocalMember -> Sem r LocalMember
- ensureOtherMember :: Member (ErrorS 'ConvMemberNotFound) r => Local a -> Qualified UserId -> Conversation -> Sem r (Either LocalMember RemoteMember)
- getMember :: forall e mem t userId r. (Foldable t, Eq userId, Member (ErrorS e) r) => (mem -> userId) -> userId -> t mem -> Sem r mem
- getConversationAndCheckMembership :: (Member ConversationStore r, Member (ErrorS 'ConvNotFound) r, Member (ErrorS 'ConvAccessDenied) r) => Qualified UserId -> Local ConvId -> Sem r Conversation
- getConversationWithError :: (Member ConversationStore r, Member (ErrorS 'ConvNotFound) r) => Local ConvId -> Sem r Conversation
- getConversationAndMemberWithError :: forall e uid mem r. (Member ConversationStore r, Member (ErrorS 'ConvNotFound) r, Member (ErrorS e) r, IsConvMemberId uid mem) => uid -> Local ConvId -> Sem r (Conversation, mem)
- canDeleteMember :: TeamMember -> TeamMember -> Bool
- pushConversationEvent :: (Member ExternalAccess r, Member NotificationSubsystem r, Foldable f) => Maybe ConnId -> Event -> Local (f UserId) -> f BotMember -> Sem r ()
- newConversationEventPush :: Event -> Local [UserId] -> Maybe Push
- verifyReusableCode :: (Member CodeStore r, Member (ErrorS 'CodeNotFound) r, Member (ErrorS 'InvalidConversationPassword) r) => Bool -> Maybe PlainTextPassword8 -> ConversationCode -> Sem r Code
- ensureConversationAccess :: (Member BrigAccess r, Member (ErrorS 'ConvAccessDenied) r, Member (ErrorS 'NotATeamMember) r, Member TeamStore r) => UserId -> Conversation -> Access -> Sem r ()
- ensureAccess :: Member (ErrorS 'ConvAccessDenied) r => Conversation -> Access -> Sem r ()
- ensureLocal :: Member (Error FederationError) r => Local x -> Qualified a -> Sem r (Local a)
- qualifyLocal :: Member (Input (Local ())) r => a -> Sem r (Local a)
- runLocalInput :: Local x -> Sem (Input (Local ()) ': r) a -> Sem r a
- toConversationCreated :: UTCTime -> Local UserId -> Conversation -> ConversationCreated ConvId
- fromConversationCreated :: Local x -> ConversationCreated (Remote ConvId) -> [(Member, Conversation)]
- ensureNoUnreachableBackends :: Member (Error UnreachableBackends) r => [Either (Remote e, b) a] -> Sem r [a]
- registerRemoteConversationMemberships :: (Member ConversationStore r, Member (Error UnreachableBackends) r, Member (Error FederationError) r, Member BackendNotificationQueueAccess r, Member FederatorAccess r) => UTCTime -> Local UserId -> Local Conversation -> Sem r ()
- userLHEnabled :: UserLegalHoldStatus -> Bool
- data ConsentGiven
- consentGiven :: UserLegalHoldStatus -> ConsentGiven
- checkConsent :: Member TeamStore r => Map UserId TeamId -> UserId -> Sem r ConsentGiven
- getLHStatus :: Member TeamStore r => Maybe TeamId -> UserId -> Sem r UserLegalHoldStatus
- anyLegalholdActivated :: (Member (Input Opts) r, Member TeamStore r) => [UserId] -> Sem r Bool
- allLegalholdConsentGiven :: (Member (Input Opts) r, Member LegalHoldStore r, Member TeamStore r) => [UserId] -> Sem r Bool
- getLHStatusForUsers :: Member TeamStore r => [UserId] -> Sem r [(UserId, UserLegalHoldStatus)]
- getTeamMembersForFanout :: Member TeamStore r => TeamId -> Sem r TeamMemberList
- ensureMemberLimit :: (Foldable f, (Member (ErrorS 'TooManyMembers) r, Member (Input Opts) r)) => ProtocolTag -> [LocalMember] -> f a -> Sem r ()
- conversationExisted :: (Member (Error InternalError) r, Member TinyLog r) => Local UserId -> Conversation -> Sem r (ConversationResponse Conversation)
- getLocalUsers :: Domain -> NonEmpty (Qualified UserId) -> [UserId]
- getBrigClients :: (Member BrigAccess r, Member ClientStore r) => [UserId] -> Sem r Clients
- class RethrowErrors (effs :: EffectRow) r where
- rethrowErrors :: GalleyError -> Sem r a
Documentation
ensureAccessRole :: (Member BrigAccess r, Member (ErrorS 'NotATeamMember) r, Member (ErrorS 'ConvAccessDenied) r) => Set AccessRole -> [(UserId, Maybe TeamMember)] -> Sem r () Source #
ensureConnectedOrSameTeam :: (Member BrigAccess r, Member (ErrorS 'NotConnected) r, Member TeamStore r) => Local UserId -> [Qualified UserId] -> Sem r () Source #
Check that the given user is either part of the same team as the other users OR that there is a connection.
ensureConnectedToLocalsOrSameTeam :: (Member BrigAccess r, Member (ErrorS 'NotConnected) r, Member TeamStore r) => Local UserId -> [UserId] -> Sem r () Source #
Check that the given user is either part of the same team(s) as the other users OR that there is a connection.
Team members are always considered connected, so we only check ensureConnected
for non-team-members of the _given_ user
ensureConnected :: (Member BrigAccess r, Member (ErrorS 'NotConnected) r) => Local UserId -> UserList UserId -> Sem r () Source #
Check that the user is connected to everybody else.
The connection has to be bidirectional (e.g. if A connects to B and later
B blocks A, the status of A-to-B is still Accepted
but it doesn't mean
that they are connected).
ensureConnectedToLocals :: (Member (ErrorS 'NotConnected) r, Member BrigAccess r) => UserId -> [UserId] -> Sem r () Source #
ensureConnectedToRemotes :: (Member BrigAccess r, Member (ErrorS 'NotConnected) r) => Local UserId -> [Remote UserId] -> Sem r () Source #
ensureReAuthorised :: (Member BrigAccess r, Member (Error AuthenticationError) r) => UserId -> Maybe PlainTextPassword6 -> Maybe Value -> Maybe VerificationAction -> Sem r () Source #
ensureActionAllowed :: forall (action :: Action) mem r. (IsConvMember mem, Member (ErrorS ('ActionDenied action)) r) => Sing action -> mem -> Sem r () Source #
Given a member in a conversation, check if the given action
is permitted. If the user does not have the given permission, or if it has a
custom role, throw ActionDenied
.
ensureGroupConversation :: Member (ErrorS 'InvalidOperation) r => Conversation -> Sem r () Source #
ensureConvRoleNotElevated :: (IsConvMember mem, Member (ErrorS 'InvalidAction) r) => mem -> RoleName -> Sem r () Source #
Ensure that the set of actions provided are not "greater" than the user's
own. This is used to ensure users cannot "elevate" allowed actions
This function needs to be review when custom roles are introduced since only
custom roles can cause roleNameToActions
to return a Nothing
permissionCheckS :: forall perm (p :: perm) r. (SingKind perm, IsPerm (Demote perm), (Member (ErrorS (PermError p)) r, Member (ErrorS 'NotATeamMember) r)) => Sing p -> Maybe TeamMember -> Sem r TeamMember Source #
Same as permissionCheck
, but for a statically known permission.
permissionCheck :: (IsPerm perm, (Member (ErrorS OperationDenied) r, Member (ErrorS 'NotATeamMember) r)) => perm -> Maybe TeamMember -> Sem r TeamMember Source #
If a team member is not given throw notATeamMember
; if the given team
member does not have the given permission, throw operationDenied
.
Otherwise, return the team member.
assertTeamExists :: (Member (ErrorS 'TeamNotFound) r, Member TeamStore r) => TeamId -> Sem r () Source #
assertOnTeam :: (Member (ErrorS 'NotATeamMember) r, Member TeamStore r) => UserId -> TeamId -> Sem r () Source #
acceptOne2One :: (Member ConversationStore r, Member (ErrorS 'ConvNotFound) r, Member (Error InternalError) r, Member (ErrorS 'InvalidOperation) r, Member (Input UTCTime) r, Member MemberStore r, Member NotificationSubsystem r) => Local UserId -> Conversation -> Maybe ConnId -> Sem r Conversation Source #
Try to accept a 1-1 conversation, promoting connect conversations as appropriate.
userRecipient :: UserId -> Recipient Source #
memberJoinEvent :: Local UserId -> Qualified ConvId -> UTCTime -> [LocalMember] -> [RemoteMember] -> Event Source #
convDeleteMembers :: Member MemberStore r => UserList UserId -> Conversation -> Sem r Conversation Source #
isRemoteMember :: Foldable m => Remote UserId -> m RemoteMember -> Bool Source #
class IsConvMember mem => IsConvMemberId uid mem | uid -> mem where Source #
getConvMember :: Local x -> Conversation -> uid -> Maybe mem Source #
isConvMember :: Local x -> Conversation -> uid -> Bool Source #
notIsConvMember :: Local x -> Conversation -> uid -> Bool Source #
Instances
isConvMemberL :: IsConvMemberId uid mem => Local Conversation -> uid -> Bool Source #
class IsConvMember mem where Source #
convMemberRole :: mem -> RoleName Source #
Instances
IsConvMember LocalMember Source # | |
Defined in Galley.API.Util convMemberRole :: LocalMember -> RoleName Source # convMemberId :: Local x -> LocalMember -> Qualified UserId Source # | |
IsConvMember RemoteMember Source # | |
Defined in Galley.API.Util convMemberRole :: RemoteMember -> RoleName Source # convMemberId :: Local x -> RemoteMember -> Qualified UserId Source # | |
IsConvMember (Either LocalMember RemoteMember) Source # | |
Defined in Galley.API.Util |
ulNewMembers :: Local x -> Conversation -> UserList UserId -> UserList UserId Source #
Remove users that are already present in the conversation.
class IsBotOrMember uid where Source #
This is an ad-hoc class to update notification targets based on the type of the user id. Local user IDs get added to the local targets, remote user IDs to remote targets, and qualified user IDs get added to the appropriate list according to whether they are local or remote, by making a runtime check.
bmAdd :: Local x -> uid -> BotsAndMembers -> BotsAndMembers Source #
Instances
IsBotOrMember (Local UserId) Source # | |
Defined in Galley.API.Util bmAdd :: Local x -> Local UserId -> BotsAndMembers -> BotsAndMembers Source # | |
IsBotOrMember (Qualified UserId) Source # | |
Defined in Galley.API.Util bmAdd :: Local x -> Qualified UserId -> BotsAndMembers -> BotsAndMembers Source # | |
IsBotOrMember (Remote UserId) Source # | |
Defined in Galley.API.Util bmAdd :: Local x -> Remote UserId -> BotsAndMembers -> BotsAndMembers Source # |
data BotsAndMembers Source #
Instances
Monoid BotsAndMembers Source # | |
Defined in Galley.API.Util mappend :: BotsAndMembers -> BotsAndMembers -> BotsAndMembers # mconcat :: [BotsAndMembers] -> BotsAndMembers # | |
Semigroup BotsAndMembers Source # | |
Defined in Galley.API.Util (<>) :: BotsAndMembers -> BotsAndMembers -> BotsAndMembers # sconcat :: NonEmpty BotsAndMembers -> BotsAndMembers # stimes :: Integral b => b -> BotsAndMembers -> BotsAndMembers # | |
Show BotsAndMembers Source # | |
Defined in Galley.API.Util showsPrec :: Int -> BotsAndMembers -> ShowS # show :: BotsAndMembers -> String # showList :: [BotsAndMembers] -> ShowS # |
bmQualifiedMembers :: Local x -> BotsAndMembers -> [Qualified UserId] Source #
bmDiff :: BotsAndMembers -> BotsAndMembers -> BotsAndMembers Source #
bmFromMembers :: [LocalMember] -> [RemoteMember] -> BotsAndMembers Source #
localBotsAndUsers :: Foldable f => f LocalMember -> ([BotMember], [LocalMember]) Source #
nonTeamMembers :: [LocalMember] -> [TeamMember] -> [LocalMember] Source #
membersToRecipients :: Maybe UserId -> [TeamMember] -> [Recipient] Source #
getSelfMemberFromLocals :: (Foldable t, Member (ErrorS 'ConvNotFound) r) => UserId -> t LocalMember -> Sem r LocalMember Source #
ensureOtherMember :: Member (ErrorS 'ConvMemberNotFound) r => Local a -> Qualified UserId -> Conversation -> Sem r (Either LocalMember RemoteMember) Source #
Throw ConvMemberNotFound
if the given user is not part of a
conversation (either locally or remotely).
getConversationAndCheckMembership :: (Member ConversationStore r, Member (ErrorS 'ConvNotFound) r, Member (ErrorS 'ConvAccessDenied) r) => Qualified UserId -> Local ConvId -> Sem r Conversation Source #
getConversationWithError :: (Member ConversationStore r, Member (ErrorS 'ConvNotFound) r) => Local ConvId -> Sem r Conversation Source #
getConversationAndMemberWithError :: forall e uid mem r. (Member ConversationStore r, Member (ErrorS 'ConvNotFound) r, Member (ErrorS e) r, IsConvMemberId uid mem) => uid -> Local ConvId -> Sem r (Conversation, mem) Source #
canDeleteMember :: TeamMember -> TeamMember -> Bool Source #
pushConversationEvent :: (Member ExternalAccess r, Member NotificationSubsystem r, Foldable f) => Maybe ConnId -> Event -> Local (f UserId) -> f BotMember -> Sem r () Source #
Send an event to local users and bots
verifyReusableCode :: (Member CodeStore r, Member (ErrorS 'CodeNotFound) r, Member (ErrorS 'InvalidConversationPassword) r) => Bool -> Maybe PlainTextPassword8 -> ConversationCode -> Sem r Code Source #
ensureConversationAccess :: (Member BrigAccess r, Member (ErrorS 'ConvAccessDenied) r, Member (ErrorS 'NotATeamMember) r, Member TeamStore r) => UserId -> Conversation -> Access -> Sem r () Source #
ensureAccess :: Member (ErrorS 'ConvAccessDenied) r => Conversation -> Access -> Sem r () Source #
ensureLocal :: Member (Error FederationError) r => Local x -> Qualified a -> Sem r (Local a) Source #
toConversationCreated Source #
:: UTCTime | The time stamp the conversation was created at |
-> Local UserId | The user that created the conversation |
-> Conversation | The conversation to convert for sending to a remote Galley |
-> ConversationCreated ConvId | The resulting information to be sent to a remote Galley |
Convert an internal conversation representation Conversation
to
ConversationCreated
to be sent over the wire to a remote backend that will
reconstruct this into multiple public-facing
Conversation
values, one per user from that remote
backend.
FUTUREWORK: Include the team ID as well once it becomes qualified.
fromConversationCreated :: Local x -> ConversationCreated (Remote ConvId) -> [(Member, Conversation)] Source #
The function converts a ConversationCreated
value to a
Conversation
value for each user that is on the given
domain/backend. The obtained value can be used in e.g. creating an Event
to
be sent out to users informing them that they were added to a new
conversation.
ensureNoUnreachableBackends :: Member (Error UnreachableBackends) r => [Either (Remote e, b) a] -> Sem r [a] Source #
registerRemoteConversationMemberships Source #
:: (Member ConversationStore r, Member (Error UnreachableBackends) r, Member (Error FederationError) r, Member BackendNotificationQueueAccess r, Member FederatorAccess r) | |
=> UTCTime | The time stamp when the conversation was created |
-> Local UserId | |
-> Local Conversation | |
-> Sem r () |
Notify remote users of being added to a new conversation.
data ConsentGiven Source #
Instances
Show ConsentGiven Source # | |
Defined in Galley.API.Util showsPrec :: Int -> ConsentGiven -> ShowS # show :: ConsentGiven -> String # showList :: [ConsentGiven] -> ShowS # | |
Eq ConsentGiven Source # | |
Defined in Galley.API.Util (==) :: ConsentGiven -> ConsentGiven -> Bool # (/=) :: ConsentGiven -> ConsentGiven -> Bool # | |
Ord ConsentGiven Source # | |
Defined in Galley.API.Util compare :: ConsentGiven -> ConsentGiven -> Ordering # (<) :: ConsentGiven -> ConsentGiven -> Bool # (<=) :: ConsentGiven -> ConsentGiven -> Bool # (>) :: ConsentGiven -> ConsentGiven -> Bool # (>=) :: ConsentGiven -> ConsentGiven -> Bool # max :: ConsentGiven -> ConsentGiven -> ConsentGiven # min :: ConsentGiven -> ConsentGiven -> ConsentGiven # |
getLHStatus :: Member TeamStore r => Maybe TeamId -> UserId -> Sem r UserLegalHoldStatus Source #
anyLegalholdActivated :: (Member (Input Opts) r, Member TeamStore r) => [UserId] -> Sem r Bool Source #
allLegalholdConsentGiven :: (Member (Input Opts) r, Member LegalHoldStore r, Member TeamStore r) => [UserId] -> Sem r Bool Source #
getLHStatusForUsers :: Member TeamStore r => [UserId] -> Sem r [(UserId, UserLegalHoldStatus)] Source #
Add to every uid the legalhold status
getTeamMembersForFanout :: Member TeamStore r => TeamId -> Sem r TeamMemberList Source #
ensureMemberLimit :: (Foldable f, (Member (ErrorS 'TooManyMembers) r, Member (Input Opts) r)) => ProtocolTag -> [LocalMember] -> f a -> Sem r () Source #
conversationExisted :: (Member (Error InternalError) r, Member TinyLog r) => Local UserId -> Conversation -> Sem r (ConversationResponse Conversation) Source #
getBrigClients :: (Member BrigAccess r, Member ClientStore r) => [UserId] -> Sem r Clients Source #
class RethrowErrors (effs :: EffectRow) r where Source #
rethrowErrors :: GalleyError -> Sem r a Source #
Instances
Member (Error FederationError :: (Type -> Type) -> Type -> Type) r => RethrowErrors ('[] :: [Effect]) r Source # | |
Defined in Galley.API.Util rethrowErrors :: GalleyError -> Sem r a Source # | |
(SingI e, Member (ErrorS e :: (Type -> Type) -> Type -> Type) r, RethrowErrors effs r) => RethrowErrors ((ErrorS e :: (Type -> Type) -> Type -> Type) ': effs) r Source # | |
Defined in Galley.API.Util rethrowErrors :: GalleyError -> Sem r a Source # |