# Permission Service Interface


/**
 * Returns true, if the thing requested (identified by `name`) is allowed for each
 * provided data in `dataList` by the user given by `user_id`.
 *
 * Convention: For each action and presenter, there will be an permission check.
 * This is not enforced but a good guideline to see which permission check belongs
 * to which usecase.
 **/
is_allowed(name: string, user_id: Id, dataList: object[]): bool


/**
 * Filters the fqfields that can ve deen by the user. Only fqfields are returned, that are accessible.
 **/
restrict_fqfields(fqfields: Fqfield[], user_id: Id): Fqfield[]


/**
 * Should be called for each update of the datastore with the changed data. It
 * returns user ids, which should get a full update since too many/complicated
 * permission changes accur.
 *
 * Possible reasons for additional updates:
 * 1) A permission related relation to a user has changed:
 *  - Relation to a group
 *  - Relation to a meeting (via guest/temporary relation)
 *  - Relation to a committee (or an upgrade/downgrade as a manager)
 * 2) Role of a user has changed
 * 3) Permissions of a group changed -> Full update for all users in this group
 * 4) Changes in specific (meeting-related) models:
 *  - Motion submitter:
 *  - Motion state: Update des Antrages
 *  - Motion block internal: Update des Blocks
 *  - Motion comment section read groups: Update aller Comments dieser Section
 *  - State restrictions: Update aller Anträge in dem State
 *  - Agendaitem visibility: Update des Agendaitems
 *  - Poll state: Wenn state==published volles update aller options/votes
 *  - Mediafile (has_)inherited_access_groups: Update der Mediafile
 *  - Mediafile used_as_*: Update der Mediafile
 *
 **/
additional_update(updated: {[fqfield: Fqfield]: Value}): Id[]

/**
 * This technical interface must be implemented by the services
 * users.
 */
Interface DataProvider {
    get: (fqfields: Fqfield[]) => {[fqfield: Fqfield]: Value}
}