Refactor class User (clean up)

lib/modules/@dougal/user/User.js

@@ -218,7 +218,7 @@ class User extends EventEmitter {
 		if (this.organisations.value("*")) {
 			return list;
 		} else {
-			return list.filter( user => this.canSee(user) );
+			return list.filter( user => this.canRead(user) );
 			// return list.filter( user =>
 				// user.organisations.value("*") ||
 				// user.organisations.filter(this.organisations).length > 0
@@ -255,71 +255,32 @@ class User extends EventEmitter {
 		return this.id == other.id;
 	}
 
-	/** Return `true` if we can see `other`
+	canDo (operation, other) {
-	 *
+		if (this.organisations.get('*')?.[operation])
-	 * If we are wildcarded, we can see everyone
-	 *
-	 * If not, we must have at least one common organisation
-	 * that we are both members of
-	 */
-	canSee (other) {
-		if (this.organisations.value("*")?.read) {
 			return true;
-		} else if (other instanceof User) {
+
-			return other.organisations.names().some( name => this.organisations.value(name) );
+		if (other instanceof User) {
+			return other.organisations.names().some(name => this.organisations.get(name)?.[operation]);
 		} else if (other instanceof Organisations) {
-			return other.accessToOperation("read").names().some( name => this.organisations.value(name)?.read );
+			return other.accessToOperation(operation).names().some(name => this.organisations.get(name)?.[operation]);
-		} else {
+		} else if (other?.organisations) {
-			// return other.organisations.names().some( name => this.organisations.value(name) );
+			return this.canDo(operation, new Organisations(other.organisations));
+		} else if (other instanceof Object) {
+			return this.canDo(operation, new Organisations(other));
 		}
+		return false;
 	}
 
 	canRead (other) {
-		return this.canSee(other);
+		return this.canDo("read", other);
 	}
 
 	canWrite (other) {
-		if (this.organisations.value("*")?.write) {
+		return this.canDo("write", other);
-			return true;
-		} else if (other instanceof User) {
-			return other.organisations.names().some( name => this.organisations.value(name) );
-		} else if (other instanceof Organisations) {
-			return other.accessToOperation("write").names().some( name => this.organisations.value(name)?.write );
-		} else {
-			// return other.organisations.names().some( name => this.organisations.value(name) );
-		}
 	}
 
-	/** Return `true` if we can edit `other`
-	 *
-	 * If we are edit wildcarded we can edit everyone
-	 *
-	 * If not, we must have `edit` access on at least one
-	 * of other's organisations
-	 */
 	canEdit (other) {
-		if (this.organisations.value("*")?.edit) {
+		return this.canDo("edit", other);
-			return true;
-		} else if (other instanceof User) {
-			return other.organisations.names().some( name => this.organisations.value(name)?.edit );
-		} else if (other instanceof Organisations) {
-			return other.accessToOperation("edit").names().some( name => this.organisations.value(name)?.edit );
-		} else if (other?.organisations) {
-			return this.canEdit(this.#clone(other));
-		}
-	}
-
-	canDo (operation, other) {
-		switch (operation) {
-			case "read":
-				return this.canRead(other);
-			case "write":
-				return this.canWrite(other);
-			case "edit":
-				return this.canEdit(other);
-			default:
-				return false;
-		}
 	}
 
 	/** Perform an edit on another user

lib/www/server/api/middleware/user/get.js

@@ -6,7 +6,7 @@ module.exports = async function (req, res, next) {
 		const user = new ServerUser(req.user);
 		const target = await ServerUser.fromSQL(null, req.params.user_id);
 
-		if (requestor.canSee(target)) {
+		if (requestor.canRead(target)) {
 			res.status(200).send(target.toJSON());
 		} else {
 			throw {status: 403, message: "Access denied"};