hcengineering
diff --git a/‎common/config/rush/pnpm-lock.yaml‎
Lines changed: 3 additions & 0 deletions b/‎common/config/rush/pnpm-lock.yaml‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎foundations/server/packages/middleware/package.json‎
Lines changed: 1 addition & 0 deletions b/‎foundations/server/packages/middleware/package.json‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎foundations/server/packages/middleware/src/guestPermissions.ts‎
Lines changed: 20 additions & 12 deletions b/‎foundations/server/packages/middleware/src/guestPermissions.ts‎
Lines changed: 20 additions & 12 deletions
diff --git a/‎models/contact/src/index.ts‎
Lines changed: 2 additions & 1 deletion b/‎models/contact/src/index.ts‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎plugins/export-resources/src/export.ts‎
Lines changed: 2 additions & 2 deletions b/‎plugins/export-resources/src/export.ts‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎plugins/text-editor-assets/lang/cs.json‎
Lines changed: 3 additions & 1 deletion b/‎plugins/text-editor-assets/lang/cs.json‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎plugins/text-editor-assets/lang/de.json‎
Lines changed: 3 additions & 1 deletion b/‎plugins/text-editor-assets/lang/de.json‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎plugins/text-editor-assets/lang/en.json‎
Lines changed: 3 additions & 1 deletion b/‎plugins/text-editor-assets/lang/en.json‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎plugins/text-editor-assets/lang/es.json‎
Lines changed: 3 additions & 1 deletion b/‎plugins/text-editor-assets/lang/es.json‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎plugins/text-editor-assets/lang/fr.json‎
Lines changed: 3 additions & 1 deletion b/‎plugins/text-editor-assets/lang/fr.json‎
Lines changed: 3 additions & 1 deletion
@@ -36,6 +36,7 @@
   },
   "dependencies": {
     "@hcengineering/core": "workspace:^0.7.24",
+    "@hcengineering/contact": "workspace:^0.7.0",
     "@hcengineering/platform": "workspace:^0.7.19",
     "@hcengineering/server-core": "workspace:^0.7.18",
     "@hcengineering/query": "workspace:^0.7.17",
 
@@ -5,6 +5,7 @@ import {
   type TxMiddlewareResult
 } from '@hcengineering/server-core'
 import core, {
+  type Account,
   AccountRole,
   type Doc,
   hasAccountRole,
@@ -19,6 +20,7 @@ import core, {
   type TxUpdateDoc
 } from '@hcengineering/core'
 import platform, { PlatformError, Severity, Status } from '@hcengineering/platform'
+import contact, { type Person } from '@hcengineering/contact'
 
 export class GuestPermissionsMiddleware extends BaseMiddleware implements Middleware {
   static async create (
@@ -40,44 +42,44 @@ export class GuestPermissionsMiddleware extends BaseMiddleware implements Middle
     }
 
     for (const tx of txes) {
-      this.processTx(ctx, tx)
+      await this.processTx(ctx, tx)
     }
 
     return await this.provideTx(ctx, txes)
   }
 
-  private processTx (ctx: MeasureContext<SessionData>, tx: Tx): void {
+  private async processTx (ctx: MeasureContext<SessionData>, tx: Tx): Promise<void> {
     const h = this.context.hierarchy
     if (tx._class === core.class.TxApplyIf) {
       const applyTx = tx as TxApplyIf
       for (const t of applyTx.txes) {
-        this.processTx(ctx, t)
+        await this.processTx(ctx, t)
       }
       return
     }
     if (TxProcessor.isExtendsCUD(tx._class)) {
-      const socialIds = ctx.contextData.account.socialIds
+      const { account } = ctx.contextData
       const cudTx = tx as TxCUD<Doc>
       const isSpace = h.isDerived(cudTx.objectClass, core.class.Space)
       if (isSpace) {
-        if (this.isForbiddenSpaceTx(cudTx as TxCUD<Space>, socialIds)) {
+        if (await this.isForbiddenSpaceTx(ctx, cudTx as TxCUD<Space>, account)) {
           throw new PlatformError(new Status(Severity.ERROR, platform.status.Forbidden, {}))
         }
-      } else if (cudTx.space !== core.space.DerivedTx && this.isForbiddenTx(cudTx, socialIds)) {
+      } else if (cudTx.space !== core.space.DerivedTx && (await this.isForbiddenTx(ctx, cudTx, account))) {
         throw new PlatformError(new Status(Severity.ERROR, platform.status.Forbidden, {}))
       }
     }
   }
 
-  private isForbiddenTx (tx: TxCUD<Doc>, socialIds: PersonId[]): boolean {
+  private async isForbiddenTx (ctx: MeasureContext, tx: TxCUD<Doc>, account: Account): Promise<boolean> {
     if (tx._class === core.class.TxMixin) return false
-    return !this.hasMixinAccessLevel(tx, socialIds)
+    return !(await this.hasMixinAccessLevel(ctx, tx, account))
   }
 
-  private isForbiddenSpaceTx (tx: TxCUD<Space>, socialIds: PersonId[]): boolean {
+  private async isForbiddenSpaceTx (ctx: MeasureContext, tx: TxCUD<Space>, account: Account): Promise<boolean> {
     if (tx._class === core.class.TxRemoveDoc) return true
     if (tx._class === core.class.TxCreateDoc) {
-      return !this.hasMixinAccessLevel(tx, socialIds)
+      return !(await this.hasMixinAccessLevel(ctx, tx, account))
     }
     if (tx._class === core.class.TxUpdateDoc) {
       const updateTx = tx as TxUpdateDoc<Space>
@@ -93,7 +95,7 @@ export class GuestPermissionsMiddleware extends BaseMiddleware implements Middle
     return false
   }
 
-  private hasMixinAccessLevel (tx: TxCUD<Doc>, socialIds: PersonId[]): boolean {
+  private async hasMixinAccessLevel (ctx: MeasureContext, tx: TxCUD<Doc>, account: Account): Promise<boolean> {
     const h = this.context.hierarchy
     const accessLevelMixin = h.classHierarchyMixin(tx.objectClass, core.mixin.TxAccessLevel)
     if (accessLevelMixin === undefined) return false
@@ -104,9 +106,15 @@ export class GuestPermissionsMiddleware extends BaseMiddleware implements Middle
       return accessLevelMixin.removeAccessLevel === AccountRole.Guest
     }
     if (tx._class === core.class.TxUpdateDoc) {
-      if (accessLevelMixin.isIdentity === true && socialIds.includes(tx.objectId as unknown as PersonId)) {
+      if (accessLevelMixin.isIdentity === true && account.socialIds.includes(tx.objectId as unknown as PersonId)) {
         return true
       }
+      if (accessLevelMixin.isIdentity === true && h.isDerived(tx.objectClass, contact.class.Person)) {
+        const person = (await this.findAll(ctx, tx.objectClass, { _id: tx.objectId }, { limit: 1 }))[0] as
+          | Person
+          | undefined
+        return person?.personUuid === account.uuid
+      }
       return accessLevelMixin.updateAccessLevel === AccountRole.Guest
     }
     return false
 
@@ -325,7 +325,8 @@ export function createModel (builder: Builder): void {
   })
 
   builder.mixin(contact.class.Person, core.class.Class, core.mixin.TxAccessLevel, {
-    createAccessLevel: AccountRole.Guest
+    createAccessLevel: AccountRole.Guest,
+    isIdentity: true
   })
 
   builder.mixin(contact.class.SocialIdentity, core.class.Class, core.mixin.TxAccessLevel, {
 
@@ -52,8 +52,8 @@ export async function exportToWorkspace (
         minor: 0,
         reviewers: [],
         controlledState: '',
-        seqNumber: '$ensureUnique',
-        code: '$ensureUnique'
+        seqNumber: '$generateSeqNumber',
+        code: '$generateCode'
       },
       'documents:class:DocumentMeta': {
         author: '$currentUser',
 
@@ -79,6 +79,8 @@
     "ConvertToLinkPreview": "Zobrazit jako odkaz",
     "ConvertToEmbedPreview": "Zobrazit jako náhled obsahu",
     "UnableToLoadEmbeddedContent": "Náhled odkazu nelze načíst kvůli nastavení oprávnění nebo nepodporovanému obsahu",
-    "CannotConnectToCollaborationService": "Nelze se připojit k službě spolupráce"
+    "CannotConnectToCollaborationService": "Nelze se připojit k službě spolupráce",
+    "SourceURL": "Zdrojová URL",
+    "SelectedDocuments": "Vybrané dokumenty ({count, plural, =1 {1 položka} other {# položek}})"
   }
 }
@@ -78,6 +78,8 @@
     "ConvertToLinkPreview": "Als Link anzeigen",
     "ConvertToEmbedPreview": "Als Inhaltsvorschau anzeigen",
     "UnableToLoadEmbeddedContent": "Die Linkvorschau konnte aufgrund von Berechtigungseinstellungen oder nicht unterstütztem Inhalt nicht geladen werden",
-    "CannotConnectToCollaborationService": "Kann keine Verbindung zum Kollaborationsdienst herstellen"
+    "CannotConnectToCollaborationService": "Kann keine Verbindung zum Kollaborationsdienst herstellen",
+    "SourceURL": "Quell-URL",
+    "SelectedDocuments": "Ausgewählte Dokumente ({count, plural, =1 {1 Element} other {# Elemente}})"
   }
 }
@@ -80,6 +80,8 @@
     "ConvertToLinkPreview": "Show as a link",
     "ConvertToEmbedPreview": "Show as a content preview",
     "UnableToLoadEmbeddedContent": "Link preview couldn't be loaded due to permission settings or unsupported content",
-    "CannotConnectToCollaborationService": "Cannot connect to collaboration service"
+    "CannotConnectToCollaborationService": "Cannot connect to collaboration service",
+    "SourceURL": "Source URL",
+    "SelectedDocuments": "Selected documents ({count, plural, =1 {1 item} other {# items}})"
   }
 }
@@ -69,6 +69,8 @@
     "ConvertToLinkPreview": "Mostrar como enlace",
     "ConvertToEmbedPreview": "Mostrar como vista previa de contenido",
     "UnableToLoadEmbeddedContent": "No se pudo cargar la vista previa del enlace debido a la configuración de permisos o contenido no compatible",
-    "CannotConnectToCollaborationService": "No se puede conectar con el colaborador"
+    "CannotConnectToCollaborationService": "No se puede conectar con el colaborador",
+    "SourceURL": "URL de origen",
+    "SelectedDocuments": "Documentos seleccionados ({count, plural, =1 {1 elemento} other {# elementos}})"
   }
 }
@@ -69,6 +69,8 @@
     "ConvertToLinkPreview": "Afficher comme lien",
     "ConvertToEmbedPreview": "Afficher comme aperçu de contenu",
     "UnableToLoadEmbeddedContent": "L’aperçu du lien n’a pas pu être chargé en raison des paramètres d’autorisation ou d’un contenu non pris en charge",
-    "CannotConnectToCollaborationService": "Impossible de se connecter au collaborateur"
+    "CannotConnectToCollaborationService": "Impossible de se connecter au collaborateur",
+    "SourceURL": "URL source",
+    "SelectedDocuments": "Documents sélectionnés ({count, plural, =1 {1 élément} other {# éléments}})"
   }
 }
Original file line number	Diff line number	Diff line change
`@@ -79,6 +79,8 @@`
`79`	`79`	`"ConvertToLinkPreview": "Zobrazit jako odkaz",`
`80`	`80`	`"ConvertToEmbedPreview": "Zobrazit jako náhled obsahu",`
`81`	`81`	`"UnableToLoadEmbeddedContent": "Náhled odkazu nelze načíst kvůli nastavení oprávnění nebo nepodporovanému obsahu",`
`82`		`- "CannotConnectToCollaborationService": "Nelze se připojit k službě spolupráce"`
	`82`	`+ "CannotConnectToCollaborationService": "Nelze se připojit k službě spolupráce",`
	`83`	`+ "SourceURL": "Zdrojová URL",`
	`84`	`+ "SelectedDocuments": "Vybrané dokumenty ({count, plural, =1 {1 položka} other {# položek}})"`
`83`	`85`	`}`
`84`	`86`	`}`
Original file line number	Diff line number	Diff line change
`@@ -78,6 +78,8 @@`
`78`	`78`	`"ConvertToLinkPreview": "Als Link anzeigen",`
`79`	`79`	`"ConvertToEmbedPreview": "Als Inhaltsvorschau anzeigen",`
`80`	`80`	`"UnableToLoadEmbeddedContent": "Die Linkvorschau konnte aufgrund von Berechtigungseinstellungen oder nicht unterstütztem Inhalt nicht geladen werden",`
`81`		`- "CannotConnectToCollaborationService": "Kann keine Verbindung zum Kollaborationsdienst herstellen"`
	`81`	`+ "CannotConnectToCollaborationService": "Kann keine Verbindung zum Kollaborationsdienst herstellen",`
	`82`	`+ "SourceURL": "Quell-URL",`
	`83`	`+ "SelectedDocuments": "Ausgewählte Dokumente ({count, plural, =1 {1 Element} other {# Elemente}})"`
`82`	`84`	`}`
`83`	`85`	`}`
Original file line number	Diff line number	Diff line change
`@@ -80,6 +80,8 @@`
`80`	`80`	`"ConvertToLinkPreview": "Show as a link",`
`81`	`81`	`"ConvertToEmbedPreview": "Show as a content preview",`
`82`	`82`	`"UnableToLoadEmbeddedContent": "Link preview couldn't be loaded due to permission settings or unsupported content",`
`83`		`- "CannotConnectToCollaborationService": "Cannot connect to collaboration service"`
	`83`	`+ "CannotConnectToCollaborationService": "Cannot connect to collaboration service",`
	`84`	`+ "SourceURL": "Source URL",`
	`85`	`+ "SelectedDocuments": "Selected documents ({count, plural, =1 {1 item} other {# items}})"`
`84`	`86`	`}`
`85`	`87`	`}`
Original file line number	Diff line number	Diff line change
`@@ -69,6 +69,8 @@`
`69`	`69`	`"ConvertToLinkPreview": "Mostrar como enlace",`
`70`	`70`	`"ConvertToEmbedPreview": "Mostrar como vista previa de contenido",`
`71`	`71`	`"UnableToLoadEmbeddedContent": "No se pudo cargar la vista previa del enlace debido a la configuración de permisos o contenido no compatible",`
`72`		`- "CannotConnectToCollaborationService": "No se puede conectar con el colaborador"`
	`72`	`+ "CannotConnectToCollaborationService": "No se puede conectar con el colaborador",`
	`73`	`+ "SourceURL": "URL de origen",`
	`74`	`+ "SelectedDocuments": "Documentos seleccionados ({count, plural, =1 {1 elemento} other {# elementos}})"`
`73`	`75`	`}`
`74`	`76`	`}`