Disable posting and reposting if current user doesn't have "create_post" permission

CHANGELOG.md

@@ -6,6 +6,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ## [Unreleased]
 
+### Changed
+
+- Disabled posting and reposting if current user doesn't have `create_post` permission.
+
 ## [1.11.0] - 2023-01-23
 
 ### Added

src/api/users.ts

@@ -24,6 +24,16 @@ interface Source {
   fields: ProfileField[];
 }
 
+interface Role {
+  id: number,
+  name: string,
+  permissions: string[],
+}
+
+export enum Permissions {
+  CreatePost = "create_post",
+}
+
 export interface Profile {
   id: string;
   username: string;
@@ -67,6 +77,7 @@ export function defaultProfile(): Profile {
 
 export interface User extends Profile {
   source: Source;
+  role: Role,
 }
 
 export interface ProfileWrapper extends Profile {}

src/components/Post.vue

@@ -255,7 +255,7 @@ import {
   createRepost,
   deleteRepost,
 } from "@/api/posts"
-import { ProfileWrapper } from "@/api/users"
+import { Permissions, ProfileWrapper } from "@/api/users"
 import Avatar from "@/components/Avatar.vue"
 import CryptoAddress from "@/components/CryptoAddress.vue"
 import PostAttachment from "@/components/PostAttachment.vue"
@@ -348,7 +348,10 @@ function getQuoteAuthorDisplayName(post: Post): string | null {
 }
 
 function canReply(): boolean {
-  return currentUser !== null
+  if (currentUser === null) {
+    return false
+  }
+  return currentUser.role.permissions.includes(Permissions.CreatePost)
 }
 
 function onCommentCreated(post: Post) {
@@ -357,7 +360,13 @@ function onCommentCreated(post: Post) {
 }
 
 function canRepost(): boolean {
-  return currentUser !== null && props.post.visibility === "public"
+  if (currentUser === null) {
+    return false
+  }
+  return (
+    props.post.visibility === "public" &&
+    currentUser.role.permissions.includes(Permissions.CreatePost)
+  )
 }
 
 async function toggleRepost() {

src/views/HomeTimeline.vue

@@ -1,7 +1,11 @@
 <template>
   <sidebar-layout>
     <template #content>
-      <post-editor :in-reply-to="null" @post-created="insertPost"></post-editor>
+      <post-editor
+        v-if="canCreatePost()"
+        :in-reply-to="null"
+        @post-created="insertPost"
+      ></post-editor>
       <post-list :posts="posts" @load-next-page="loadNextPage"></post-list>
       <loader v-if="isLoading"></loader>
     </template>
@@ -13,13 +17,14 @@ import { onMounted } from "vue"
 import { $ref } from "vue/macros"
 
 import { Post, getHomeTimeline } from "@/api/posts"
+import { Permissions } from "@/api/users"
 import Loader from "@/components/Loader.vue"
 import PostEditor from "@/components/PostEditor.vue"
 import PostList from "@/components/PostList.vue"
 import SidebarLayout from "@/components/SidebarLayout.vue"
 import { useCurrentUser } from "@/store/user"
 
-const { ensureAuthToken } = useCurrentUser()
+const { ensureAuthToken, ensureCurrentUser } = useCurrentUser()
 
 let posts = $ref<Post[]>([])
 let isLoading = $ref(false)
@@ -31,6 +36,11 @@ onMounted(async () => {
   isLoading = false
 })
 
+function canCreatePost(): boolean {
+  const user = ensureCurrentUser()
+  return user.role.permissions.includes(Permissions.CreatePost)
+}
+
 function insertPost(post: Post) {
   posts = [post, ...posts]
 }