Disable features for buckets with constraints

#34

src/components/BucketView.vue

@@ -637,7 +637,7 @@ watch(
       <!-- Add bucket permission button -->
       <button
         v-if="!authStore.foreignUser"
-        :hidden="bucketRepository.getBucketPermission(props.bucketName) != null"
+        :hidden="!bucketRepository.permissionFeatureAllowed(props.bucketName)"
         type="button"
         class="btn btn-secondary m-2 tooltip-container"
         :disabled="errorLoadingObjects"
@@ -669,7 +669,7 @@ watch(
       />
       <button
         v-if="!authStore.foreignUser"
-        :hidden="bucketRepository.getBucketPermission(props.bucketName) != null"
+        :hidden="!bucketRepository.permissionFeatureAllowed(props.bucketName)"
         type="button"
         class="btn btn-secondary m-2 tooltip-container"
         :disabled="errorLoadingObjects"
@@ -852,7 +852,7 @@ watch(
                     <button
                       class="dropdown-item"
                       type="button"
-                      :disabled="!writableBucket || !readableBucket"
+                      :disabled="!readableBucket"
                       data-bs-toggle="modal"
                       data-bs-target="#copy-object-modal"
                       @click="objectState.copyObject = obj"

src/stores/buckets.ts

 import { defineStore } from "pinia";
-import { BucketPermissionService, BucketService } from "@/client/s3proxy";
+import {
+  BucketPermissionService,
+  BucketService,
+  Constraint,
+} from "@/client/s3proxy";
 import type {
   BucketOut,
   BucketIn,
@@ -18,12 +22,33 @@ export const useBucketStore = defineStore({
       ownPermissions: Record<string, BucketPermissionOut>;
     }),
   getters: {
+    permissionFeatureAllowed(): (bucketName: string) => boolean {
+      return (bucketName) => {
+        // If a permission for the bucket exist, then false
+        if (this.ownPermissions[bucketName] != null) {
+          return false;
+        }
+        const bucket = this.buckets.find((b) => bucketName == b.name);
+        // If the bucket doesn't exist, then false
+        if (bucket == null) {
+          return false;
+        }
+        // If there is a constraint on the bucket, then false otherwise true
+        return bucket.owner_constraint == null;
+      };
+    },
     writableBuckets(): BucketOut[] {
-      return this.buckets.filter(
-        (bucket) =>
-          this.ownPermissions[bucket.name] === undefined ||
-          this.ownPermissions[bucket.name].permission !== "READ"
-      );
+      return this.buckets.filter((bucket) => {
+        const permission = this.ownPermissions[bucket.name];
+        if (permission != null) {
+          return permission.permission !== "READ";
+        }
+        // If the user owns the bucket, check the bucket constraint
+        return (
+          bucket.owner_constraint == null ||
+          bucket.owner_constraint == Constraint.WRITE
+        );
+      });
     },
     getBucketPermission(): (
       bucketName: string
@@ -31,14 +56,40 @@ export const useBucketStore = defineStore({
       return (bucketName) => this.ownPermissions[bucketName];
     },
     writableBucket(): (bucketName: string) => boolean {
-      return (bucketName) =>
-        this.ownPermissions[bucketName] === undefined ||
-        this.ownPermissions[bucketName].permission !== "READ";
+      return (bucketName) => {
+        // If this is a foreign bucket, check that the user has write permission
+        const permission = this.ownPermissions[bucketName];
+        if (permission != null) {
+          return permission.permission !== "READ";
+        }
+        // If the user owns the bucket, check the bucket constraint
+        const bucket = this.buckets.find((b) => bucketName == b.name);
+        if (bucket != null) {
+          return (
+            bucket.owner_constraint == null ||
+            bucket.owner_constraint == Constraint.WRITE
+          );
+        }
+        return false;
+      };
     },
     readableBucket(): (bucketName: string) => boolean {
-      return (bucketName) =>
-        this.ownPermissions[bucketName] === undefined ||
-        this.ownPermissions[bucketName].permission !== "WRITE";
+      return (bucketName) => {
+        // If this is a foreign bucket, check that the user has read permission
+        const permission = this.ownPermissions[bucketName];
+        if (permission != null) {
+          return permission.permission !== "WRITE";
+        }
+        // If the user owns the bucket, check the bucket constraint
+        const bucket = this.buckets.find((b) => bucketName == b.name);
+        if (bucket != null) {
+          return (
+            bucket.owner_constraint == null ||
+            bucket.owner_constraint == Constraint.READ
+          );
+        }
+        return false;
+      };
     },
   },
   actions: {

src/views/object-storage/BucketsView.vue

@@ -60,7 +60,6 @@ onMounted(() => {
 
 <template>
   <DeleteModal
-    v-if="!authStore.foreignUser"
     modalID="delete-bucket-modal"
     :object-name-delete="bucketsState.potentialDeleteBucketName"
     :back-modal-id="undefined"
@@ -148,7 +147,7 @@ onMounted(() => {
             :active="false"
             :loading="true"
             :permission="undefined"
-            :deletable="!authStore.foreignUser"
+            :deletable="false"
             :bucket="{
               name: '',
               description: '',