feat: new permission to allow users to see other users requests

closes #840
2026-01-01 04:08:45 -05:00 · 2021-02-04 12:40:00 +00:00
parent 06e941171a
commit 033ba9d41b
8 changed files with 62 additions and 20 deletions
--- a/src/components/PermissionEdit/index.tsx
+++ b/src/components/PermissionEdit/index.tsx
@@ -39,6 +39,8 @@ export const messages = defineMessages({
  advancedrequest: 'Advanced Requests',
  advancedrequestDescription:
    'Grants permission to use advanced request options. (Ex. Changing servers/profiles/paths)',
+  viewrequests: 'View Requests',
+  viewrequestsDescription: "Grants permission to view other user's requests.",
 });

 interface PermissionEditProps {
@@ -85,6 +87,12 @@ export const PermissionEdit: React.FC<PermissionEditProps> = ({
          description: intl.formatMessage(messages.advancedrequestDescription),
          permission: Permission.REQUEST_ADVANCED,
        },
+        {
+          id: 'viewrequests',
+          name: intl.formatMessage(messages.viewrequests),
+          description: intl.formatMessage(messages.viewrequestsDescription),
+          permission: Permission.REQUEST_VIEW,
+        },
      ],
    },
    {
--- a/src/components/RequestModal/AdvancedRequester/index.tsx
+++ b/src/components/RequestModal/AdvancedRequester/index.tsx
@@ -322,8 +322,7 @@ const AdvancedRequester: React.FC<AdvancedRequesterProps> = ({
            </div>
          </>
        )}
-        {hasPermission(Permission.MANAGE_REQUESTS) &&
-          hasPermission(Permission.MANAGE_USERS) &&
+        {hasPermission([Permission.MANAGE_REQUESTS, Permission.MANAGE_USERS]) &&
          selectedUser && (
            <div className="mt-0 sm:mt-2">
              <Listbox
--- a/src/hooks/useUser.ts
+++ b/src/hooks/useUser.ts
@@ -1,5 +1,9 @@
 import useSwr from 'swr';
-import { hasPermission, Permission } from '../../server/lib/permissions';
+import {
+  hasPermission,
+  Permission,
+  PermissionCheckOptions,
+} from '../../server/lib/permissions';
 import { UserType } from '../../server/constants/user';

 export { Permission, UserType };
@@ -20,7 +24,10 @@ interface UserHookResponse {
  loading: boolean;
  error: string;
  revalidate: () => Promise<boolean>;
-  hasPermission: (permission: Permission | Permission[]) => boolean;
+  hasPermission: (
+    permission: Permission | Permission[],
+    options?: PermissionCheckOptions
+  ) => boolean;
 }

 export const useUser = ({
@@ -37,8 +44,11 @@ export const useUser = ({
    }
  );

-  const checkPermission = (permission: Permission | Permission[]): boolean => {
-    return hasPermission(permission, data?.permissions ?? 0);
+  const checkPermission = (
+    permission: Permission | Permission[],
+    options?: PermissionCheckOptions
+  ): boolean => {
+    return hasPermission(permission, data?.permissions ?? 0, options);
  };

  return {
--- a/src/i18n/locale/en.json
+++ b/src/i18n/locale/en.json
@@ -114,6 +114,8 @@
  "components.PermissionEdit.settingsDescription": "Grants permission to modify all Overseerr settings. A user must have this permission to grant it to others.",
  "components.PermissionEdit.users": "Manage Users",
  "components.PermissionEdit.usersDescription": "Grants permission to manage Overseerr users. Users with this permission cannot modify users with Administrator privilege, or grant it.",
+  "components.PermissionEdit.viewrequests": "View Requests",
+  "components.PermissionEdit.viewrequestsDescription": "Grants permission to view other user's requests.",
  "components.PermissionEdit.vote": "Vote",
  "components.PermissionEdit.voteDescription": "Grants permission to vote on requests (voting not yet implemented)",
  "components.PersonDetails.appearsin": "Appears in",