Switch collaboration permission checks to using User object

Author: negasora

binaryninjaapi.h

@@ -5774,7 +5774,7 @@ namespace BinaryNinja {
 		void PerformDefineRelocation(Architecture* arch, BNRelocationInfo& info, Ref<Symbol> sym, uint64_t reloc);
 
 		/*! OnAfterSnapshotDataApplied is called when loading a view from a database, after snapshot data has been applied to it.
-		
+
 		    \note This method **may** be overridden by custom BinaryViews.
 
 			\warning This method **must not** be called directly.
@@ -23088,9 +23088,9 @@ namespace BinaryNinja::Collaboration
 		Ref<CollabPermission> CreateUserPermission(const std::string& userId, BNCollaborationPermissionLevel level, ProgressFunction progress = {});
 		void PushPermission(Ref<CollabPermission> permission, const std::vector<std::pair<std::string, std::string>>& extraFields = {});
 		void DeletePermission(Ref<CollabPermission> permission);
-		bool CanUserView(const std::string& username);
-		bool CanUserEdit(const std::string& username);
-		bool CanUserAdmin(const std::string& username);
+		bool CanUserView(Ref<CollabUser> user);
+		bool CanUserEdit(Ref<CollabUser> user);
+		bool CanUserAdmin(Ref<CollabUser> user);
 	};
 
 	class AnalysisMergeConflict : public CoreRefCountObject<BNAnalysisMergeConflict, BNNewAnalysisMergeConflictReference, BNFreeAnalysisMergeConflict>

binaryninjacore.h

@@ -8667,9 +8667,9 @@ extern "C"
 	BINARYNINJACOREAPI BNCollaborationPermission* BNRemoteProjectCreateUserPermission(BNRemoteProject* project, const char* userId, BNCollaborationPermissionLevel level, BNProgressFunction progress, void* progressContext);
 	BINARYNINJACOREAPI bool BNRemoteProjectPushPermission(BNRemoteProject* project, BNCollaborationPermission* permission, const char** extraFieldKeys, const char** extraFieldValues, size_t extraFieldCount);
 	BINARYNINJACOREAPI bool BNRemoteProjectDeletePermission(BNRemoteProject* project, BNCollaborationPermission* permission);
-	BINARYNINJACOREAPI bool BNRemoteProjectCanUserView(BNRemoteProject* project, const char* username);
-	BINARYNINJACOREAPI bool BNRemoteProjectCanUserEdit(BNRemoteProject* project, const char* username);
-	BINARYNINJACOREAPI bool BNRemoteProjectCanUserAdmin(BNRemoteProject* project, const char* username);
+	BINARYNINJACOREAPI bool BNRemoteProjectCanUserView(BNRemoteProject* project, BNCollaborationUser* user);
+	BINARYNINJACOREAPI bool BNRemoteProjectCanUserEdit(BNRemoteProject* project, BNCollaborationUser* user);
+	BINARYNINJACOREAPI bool BNRemoteProjectCanUserAdmin(BNRemoteProject* project, BNCollaborationUser* user);
 
 	// RemoteFile
 	BINARYNINJACOREAPI BNRemoteFile* BNNewRemoteFileReference(BNRemoteFile* file);

collaboration.cpp

@@ -1566,21 +1566,21 @@ void RemoteProject::DeletePermission(Ref<CollabPermission> permission)
 }
 
 
-bool RemoteProject::CanUserView(const std::string& username)
+bool RemoteProject::CanUserView(Ref<CollabUser> user)
 {
-	return BNRemoteProjectCanUserView(m_object, username.c_str());
+	return BNRemoteProjectCanUserView(m_object, user->m_object);
 }
 
 
-bool RemoteProject::CanUserEdit(const std::string& username)
+bool RemoteProject::CanUserEdit(Ref<CollabUser> user)
 {
-	return BNRemoteProjectCanUserEdit(m_object, username.c_str());
+	return BNRemoteProjectCanUserEdit(m_object, user->m_object);
 }
 
 
-bool RemoteProject::CanUserAdmin(const std::string& username)
+bool RemoteProject::CanUserAdmin(Ref<CollabUser> user)
 {
-	return BNRemoteProjectCanUserAdmin(m_object, username.c_str());
+	return BNRemoteProjectCanUserAdmin(m_object, user->m_object);
 }
 
 

python/collaboration/project.py

@@ -11,7 +11,7 @@
 from ..database import Database
 from ..filemetadata import FileMetadata
 from ..project import Project
-from . import databasesync, file, folder, permission, remote, util
+from . import databasesync, file, folder, permission, remote, user, util
 
 
 def _nop(*args, **kwargs):
@@ -713,35 +713,35 @@ def delete_permission(self, permission: 'permission.Permission'):
 		if not core.BNRemoteProjectDeletePermission(self._handle, permission._handle):
 			raise RuntimeError(util._last_error())
 
-	def can_user_view(self, username: str) -> bool:
+	def can_user_view(self, user: user.User) -> bool:
 		"""
 		Determine if a user is in any of the view/edit/admin groups
 
-		:param username: Username of user to check
-		:return: True if they are in any of those groups
+		:param user: User to check
+		:return: True if the user has view permission (either directly or from a group)
 		:raises: RuntimeError if there was an error
 		"""
-		return core.BNRemoteProjectCanUserView(self._handle, username)
+		return core.BNRemoteProjectCanUserView(self._handle, user._handle)
 
-	def can_user_edit(self, username: str) -> bool:
+	def can_user_edit(self, user: user.User) -> bool:
 		"""
 		Determine if a user is in any of the edit/admin groups
 
-		:param username: Username of user to check
-		:return: True if they are in any of those groups
+		:param user: User to check
+		:return: True if the user has edit permission (either directly or from a group)
 		:raises: RuntimeError if there was an error
 		"""
-		return core.BNRemoteProjectCanUserEdit(self._handle, username)
+		return core.BNRemoteProjectCanUserEdit(self._handle, user._handle)
 
-	def can_user_admin(self, username: str) -> bool:
+	def can_user_admin(self, user: user.User) -> bool:
 		"""
 		Determine if a user is in the admin group
 
-		:param username: Username of user to check
-		:return: True if they are in any of those groups
+		:param user: User to check
+		:return: True if the user has admin permission (either directly or from a group)
 		:raises: RuntimeError if there was an error
 		"""
-		return core.BNRemoteProjectCanUserAdmin(self._handle, username)
+		return core.BNRemoteProjectCanUserAdmin(self._handle, user._handle)
 
 	def upload_new_file(
 			self,

rust/src/collaboration/project.rs

@@ -12,6 +12,7 @@ use super::{
 };
 
 use crate::binary_view::{BinaryView, BinaryViewExt};
+use crate::collaboration::RemoteUser;
 use crate::database::Database;
 use crate::file_metadata::FileMetadata;
 use crate::progress::{NoProgressCallback, ProgressCallback};
@@ -761,34 +762,31 @@ impl RemoteProject {
         success.then_some(()).ok_or(())
     }
 
-    /// Determine if a user is in any of the view/edit/admin groups.
+    /// Determine if a user has view permission (either directly or from a group)
     ///
     /// # Arguments
     ///
-    /// * `username` - Username of user to check
-    pub fn can_user_view(&self, username: &str) -> bool {
-        let username = username.to_cstr();
-        unsafe { BNRemoteProjectCanUserView(self.handle.as_ptr(), username.as_ptr()) }
+    /// * `user` - User to check
+    pub fn can_user_view(&self, user: Ref<RemoteUser>) -> bool {
+        unsafe { BNRemoteProjectCanUserView(self.handle.as_ptr(), user.handle.as_ptr()) }
     }
 
-    /// Determine if a user is in any of the edit/admin groups.
+    /// Determine if a user has edit permission (either directly or from a group)
     ///
     /// # Arguments
     ///
-    /// * `username` - Username of user to check
-    pub fn can_user_edit(&self, username: &str) -> bool {
-        let username = username.to_cstr();
-        unsafe { BNRemoteProjectCanUserEdit(self.handle.as_ptr(), username.as_ptr()) }
+    /// * `user` - User to check
+    pub fn can_user_edit(&self, user: Ref<RemoteUser>) -> bool {
+        unsafe { BNRemoteProjectCanUserEdit(self.handle.as_ptr(), user.handle.as_ptr()) }
     }
 
-    /// Determine if a user is in the admin group.
+    /// Determine if a user has admin permission (either directly or from a group)
     ///
     /// # Arguments
     ///
-    /// * `username` - Username of user to check
-    pub fn can_user_admin(&self, username: &str) -> bool {
-        let username = username.to_cstr();
-        unsafe { BNRemoteProjectCanUserAdmin(self.handle.as_ptr(), username.as_ptr()) }
+    /// * `user` - User to check
+    pub fn can_user_admin(&self, user: Ref<RemoteUser>) -> bool {
+        unsafe { BNRemoteProjectCanUserAdmin(self.handle.as_ptr(), user.handle.as_ptr()) }
     }
 
     /// Get the default directory path for a remote Project. This is based off