UserRoleType

public enum UserRoleType : String, CaseIterable, Codable, Sendable

UserRole is a simple role-based access control mechanism mostly used for elevating ‘verified’ users to have specific extra access. UserRole is therefore an access model that works in addition to Twitarr’s priority access model (see UserLevel). With UserLevlels, each increasing access level is a superset of access provided by the previous level. Roles allow multiple users to each extend the verified permissions without one of the extensions always being a superset of the other.

This implementation is not a full RBAC. Instead: - Each user may have multiple roles - A db object or API call that requires a role to use must test that the requesting user has the proper role. - Roles implicitly define permissions; there is no facility to add/remove permissions from roles. - There is no role hierarchy. An operation X that allows X_User and X_Manager to access it must test for both roles explicitly. - Ideally, a DB object that requires a role to access should only require one role be stored for it. - In general, a nil value for a DB object’s requiredRole should mean no special role is required to access it. - Moderators and above should usually have access to role-protected content; without us having to add a bunch of roles to each moderator user.

Show on GitHub

  • KaraokeManagers have the ability to log song performances in the Karaoke Bar.

    Declaration

    Swift

    case karaokemanager
    Show on GitHub

  • Shutternaut Managers can add and remove members from the Shutternauts group. Note: Because of the “no hierarchy” rule, managers are NOT automatically Shutternauts.

    Declaration

    Swift

    case shutternautmanager
    Show on GitHub

  • Shutternauts can view, post, and create threads in the Shutternauts forum category.

    Declaration

    Swift

    case shutternaut
    Show on GitHub

  • Micro Karaoke Ambassadors can upload multiple song clips for the same song, without the 4-hour delay. Ideally, they will use this to get others to participate using their phone; having a single user hit the ‘participate’ button 30 times in quick succession and make a song where all the clips are them is not the goal.

    Declaration

    Swift

    case karaokeambassador
    Show on GitHub

  • Users that may create/edit their Performer profile outside of Pre-Registration, that is, on-board.

    Declaration

    Swift

    case performerselfeditor
    Show on GitHub

  • .label returns consumer-friendly case names.

    Declaration

    Swift

    var label: String { get }
    Show on GitHub

  • This gives us a bit more control than init(rawValue:). Since the strings for AccessControl are part of the API (specifically, they’re URL query values), they should be somewhat abstracted from internal representation. This fn provides lazy abstraction, making it easy for API strings to get re-mapped to enum values, in the future. URL Parameters that take an UserRoleType string should use this function to make a AccessControl from the input. I am not overriding init(rawValue:) both so that I can call through to that initializer, and because devs have specific ideas about how init(rawValue:) works.

    Declaration

    Swift

    init(fromAPIString str: String) throws
    Show on GitHub

  • A failable initializer for turning an optional string into a UserRoleType, if the string equals one of the enum cases.

    Declaration

    Swift

    init?(fromString str: String?)
    Show on GitHub