From b4d91bf181780610a7fe90dac8ed0d77656504aa Mon Sep 17 00:00:00 2001
From: Jack Zhuang <zhuangjianguo@steedos.com>
Date: Fri, 15 Dec 2017 17:24:54 +0800
Subject: [PATCH] =?UTF-8?q?=E4=B8=BB=E8=A1=A8=E5=8A=A0=E5=85=A5=E6=9D=83?=
 =?UTF-8?q?=E9=99=90=E5=88=A4=E6=96=AD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../steedos-creator/client/views/list.coffee  | 11 +++++--
 creator/packages/steedos-creator/core.coffee  | 32 +++++++++++++++++++
 2 files changed, 41 insertions(+), 2 deletions(-)

diff --git a/creator/packages/steedos-creator/client/views/list.coffee b/creator/packages/steedos-creator/client/views/list.coffee
index 7a825c9fc5..63f7db6664 100644
--- a/creator/packages/steedos-creator/client/views/list.coffee
+++ b/creator/packages/steedos-creator/client/views/list.coffee
@@ -10,12 +10,19 @@ Template.creator_list.helpers
 		return Creator.TabularTables[Session.get("object_name")]
 
 	hasPermission: (permissionName)->
-		permissions = Creator.Objects[Session.get("object_name")]?.permissions?.default
+		permissions = Creator.getPermissions()
 		if permissions
 			return permissions[permissionName]
 
 	selector: ()->
-		return {space: Session.get("spaceId")}
+		if Session.get("spaceId")
+			permissions = Creator.getPermissions()
+			if permissions.viewAllRecords 
+				return {space: Session.get("spaceId")}
+			else if permissions.allowRead and Meteor.userId()
+				return {space: Session.get("spaceId"), owner: Meteor.userId()}
+		return {_id: "nothing to return"}
+
 
 Template.creator_list.events
 	# 'click .table-creator tr': (event) ->
diff --git a/creator/packages/steedos-creator/core.coffee b/creator/packages/steedos-creator/core.coffee
index 225d1a31c6..7cbfd7a4cd 100644
--- a/creator/packages/steedos-creator/core.coffee
+++ b/creator/packages/steedos-creator/core.coffee
@@ -198,6 +198,38 @@ Creator.getObjectRecord = (object_name, record_id)->
 		return collection.findOne(record_id)
 
 
+Creator.getPermissions = ()->
+	if !Session.get("object_name")
+		permissions = 
+			allowCreate: false
+			allowDelete: false
+			allowEdit: false
+			allowRead: false
+			modifyAllRecords: false
+			viewAllRecords: false 
+	else	
+		permissions = Creator.Objects[Session.get("object_name")]?.permissions?.default
+
+	if Steedos.isSpaceAdmin()
+		permissions = 
+			allowCreate: true
+			allowDelete: true
+			allowEdit: true
+			allowRead: true
+			modifyAllRecords: true
+			viewAllRecords: true 
+
+	if !permissions
+		permissions = 
+			allowCreate: true
+			allowDelete: true
+			allowEdit: true
+			allowRead: true
+			modifyAllRecords: false
+			viewAllRecords: false 
+			
+	return permissions
+
 # 切换工作区时，重置下拉框的选项
 if Meteor.isClient
 	Tracker.autorun ()->