docupulse/utils/permissions.py

from models import RoomMemberPermission, Room
from flask_login import current_user
from typing import Optional

def user_has_permission(room_id: int, permission_type: str, user_id: Optional[int] = None) -> bool:
    """
    Check if a user has a specific permission in a room.
    
    Args:
        room_id: The ID of the room to check permissions for
        permission_type: The type of permission to check (e.g., 'can_upload', 'can_download')
        user_id: Optional user ID (defaults to current user)
    
    Returns:
        bool: True if the user has the permission, False otherwise
    """
    if user_id is None:
        if not current_user.is_authenticated:
            return False
        user_id = current_user.id
    
    # Admins have all permissions
    if current_user.is_authenticated and current_user.is_admin:
        return True
    
    # Check room membership and permissions
    permission = RoomMemberPermission.query.filter_by(
        room_id=room_id,
        user_id=user_id
    ).first()
    
    if not permission:
        return False
    
    # Check if the specific permission is granted
    return getattr(permission, permission_type, False)

def get_user_permissions(room_id: int, user_id: Optional[int] = None) -> dict:
    """
    Get all permissions for a user in a room.
    
    Args:
        room_id: The ID of the room to get permissions for
        user_id: Optional user ID (defaults to current user)
    
    Returns:
        dict: Dictionary containing all permissions for the user
    """
    if user_id is None:
        if not current_user.is_authenticated:
            return {}
        user_id = current_user.id
    
    # Admins have all permissions
    if current_user.is_authenticated and current_user.is_admin:
        return {
            'can_upload': True,
            'can_download': True,
            'can_delete': True,
            'can_rename': True,
            'can_move': True,
            'can_share': True,
            'can_manage_members': True
        }
    
    # Get user's permissions
    permission = RoomMemberPermission.query.filter_by(
        room_id=room_id,
        user_id=user_id
    ).first()
    
    if not permission:
        return {}
    
    return {
        'can_upload': permission.can_upload,
        'can_download': permission.can_download,
        'can_delete': permission.can_delete,
        'can_rename': permission.can_rename,
        'can_move': permission.can_move,
        'can_share': permission.can_share,
        'can_manage_members': permission.can_manage_members
    }