work on read-only restrictions

models/user.go

@@ -41,6 +41,7 @@ type UserSafe struct {
 	User
 	SafeId   int    `db:"SafeId"`
 	SafeName string `db:"SafeName"`
+	ReadOnly bool   `db:"ReadOnly" json:"readOnly"`
 	//GroupId  int    `db:"GroupId"`
 }
 
@@ -357,10 +358,12 @@ func UserGetSafesAllowed(userId int) ([]UserSafe, error) {
 
 	var results []UserSafe
 
+	// TODO add union for permissions directly assigned to safe via UserId instead of GroupId
+
 	// join users, groups and permissions
 	rows, err := db.Queryx(`
 	SELECT users.UserId, users.GroupId,
-	permissions.SafeId, safes.SafeName FROM users
+	permissions.SafeId, permissions.ReadOnly, safes.SafeName FROM users
 	INNER JOIN groups ON users.GroupId = groups.GroupId
 	INNER JOIN permissions ON groups.GroupId = permissions.GroupId
 	INNER JOIN safes on permissions.SafeId = safes.SafeId