nixos/hledger-web: fix access control options

nixos/doc/manual/release-notes/rl-2405.section.md

@@ -271,6 +271,13 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 
 - `services.resolved.fallbackDns` can now be used to disable the upstream fallback servers entirely by setting it to an empty list. To get the previous behaviour of the upstream defaults set it to null, the new default, instead.
 
+- `services.hledger-web.capabilities` options has been replaced by a new option `services.hledger-web.allow`.
+
+  - `allow = "view"` means `capabilities = { view = true; }`;
+  - `allow = "add"` means `capabilities = { view = true; add = true; }`;
+  - `allow = "edit"` means `capabilities = { view = true; add = true; edit = true }`;
+  - `allow = "sandstorm"` reads permissions from the `X-Sandstorm-Permissions` request header.
+
 - `xxd` has been moved from `vim` default output to its own output to reduce closure size. The canonical way to reference it across all platforms is `unixtools.xxd`.
 
 - The `stalwart-mail` package has been updated to v0.5.3, which includes [breaking changes](https://github.com/stalwartlabs/mail-server/blob/v0.5.3/UPGRADING.md).

nixos/modules/services/web-apps/hledger-web.nix

@@ -26,28 +26,17 @@ in {
       '';
     };
 
-    capabilities = {
+    allow = mkOption {
-      view = mkOption {
+      type = types.enum [ "view" "add" "edit" "sandstorm" ];
-        type = types.bool;
+      default = "view";
-        default = true;
+      description = lib.mdDoc ''
-        description = lib.mdDoc ''
+        User's access level for changing data.
-          Enable the view capability.
+
-        '';
+        * view: view only permission.
-      };
+        * add: view and add permissions.
-      add = mkOption {
+        * edit: view, add, and edit permissions.
-        type = types.bool;
+        * sandstorm: permissions from the `X-Sandstorm-Permissions` request header.
-        default = false;
+      '';
-        description = lib.mdDoc ''
-          Enable the add capability.
-        '';
-      };
-      manage = mkOption {
-        type = types.bool;
-        default = false;
-        description = lib.mdDoc ''
-          Enable the manage capability.
-        '';
-      };
     };
 
     stateDir = mkOption {
@@ -89,6 +78,11 @@ in {
 
   };
 
+  imports = [
+    (mkRemovedOptionModule [ "services" "hledger-web" "capabilities" ]
+      "This option has been replaced by new option `services.hledger-web.allow`.")
+  ];
+
   config = mkIf cfg.enable {
 
     users.users.hledger = {
@@ -102,16 +96,11 @@ in {
     users.groups.hledger = {};
 
     systemd.services.hledger-web = let
-      capabilityString = with cfg.capabilities; concatStringsSep "," (
-        (optional view "view")
-        ++ (optional add "add")
-        ++ (optional manage "manage")
-      );
       serverArgs = with cfg; escapeShellArgs ([
         "--serve"
         "--host=${host}"
         "--port=${toString port}"
-        "--capabilities=${capabilityString}"
+        "--allow=${allow}"
         (optionalString (cfg.baseUrl != null) "--base-url=${cfg.baseUrl}")
         (optionalString (cfg.serveApi) "--serve-api")
       ] ++ (map (f: "--file=${stateDir}/${f}") cfg.journalFiles)

nixos/tests/hledger-web.nix

@@ -19,7 +19,7 @@ rec {
         host = "127.0.0.1";
         port = 5000;
         enable = true;
-        capabilities.manage = true;
+        allow = "edit";
       };
       networking.firewall.allowedTCPPorts = [ config.services.hledger-web.port ];
       systemd.services.hledger-web.preStart = ''