budibase/packages/server/src/api/routes/row.js

const Router = require("@koa/router")
const rowController = require("../controllers/row")
const authorized = require("../../middleware/authorized")
const usage = require("../../middleware/usageQuota")
const {
  paramResource,
  paramSubResource,
} = require("../../middleware/resourceId")
const {
  PermissionLevels,
  PermissionTypes,
} = require("@budibase/auth/permissions")

const router = Router()

router
  .get(
    "/api/:tableId/:rowId/enrich",
    paramSubResource("tableId", "rowId"),
    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
    rowController.fetchEnrichedRow
  )
  .get(
    "/api/:tableId/rows",
    paramResource("tableId"),
    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
    rowController.fetch
  )
  .get(
    "/api/:tableId/rows/:rowId",
    paramSubResource("tableId", "rowId"),
    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
    rowController.find
  )
  .post(
    "/api/:tableId/search",
    paramResource("tableId"),
    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
    rowController.search
  )
  // DEPRECATED - this is an old API, but for backwards compat it needs to be
  // supported still
  .post(
    "/api/search/:tableId/rows",
    paramResource("tableId"),
    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
    rowController.search
  )
  .post(
    "/api/:tableId/rows",
    paramResource("tableId"),
    authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),
    usage,
    rowController.save
  )
  .patch(
    "/api/:tableId/rows",
    paramResource("tableId"),
    authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),
    rowController.patch
  )
  .post(
    "/api/:tableId/rows/validate",
    paramResource("tableId"),
    authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),
    rowController.validate
  )
  .delete(
    "/api/:tableId/rows",
    paramResource("tableId"),
    authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),
    usage,
    rowController.destroy
  )

module.exports = router
removal of appRoot - appId comes in cookie 2020-06-12 21:42:55 +02:00			`const Router = require("@koa/router")`
Changing record -> row in this update, completing the update of renaming in the builder, this release needs further testing. 2020-10-09 20:10:28 +02:00			`const rowController = require("../controllers/row")`
removal of appRoot - appId comes in cookie 2020-06-12 21:42:55 +02:00			`const authorized = require("../../middleware/authorized")`
First work towards implementing Dynamo usage in the server when running in the cloud; this is for tracking usage against API keys. 2020-10-06 20:13:41 +02:00			`const usage = require("../../middleware/usageQuota")`
Adding in resource IDs everywhere they should be accessible. 2021-02-08 18:22:07 +01:00			`const {`
			`paramResource,`
			`paramSubResource,`
			`} = require("../../middleware/resourceId")`
WIP - this is working towards the permissions system but stopping here for the night, this is currently not functional. 2020-11-11 18:34:15 +01:00			`const {`
			`PermissionLevels,`
			`PermissionTypes,`
A general re-work of some parts of the auth lib, as well as moving roles/permissions around to make it possible to build an admin API which has role knowledge. 2021-05-14 16:43:41 +02:00			`} = require("@budibase/auth/permissions")`
removal of appRoot - appId comes in cookie 2020-06-12 21:42:55 +02:00
			`const router = Router()`

			`router`
Adding routes for getting link records based on a record Id. 2020-09-29 13:02:06 +02:00			`.get(`
Changing record -> row in this update, completing the update of renaming in the builder, this release needs further testing. 2020-10-09 20:10:28 +02:00			`"/api/:tableId/:rowId/enrich",`
Adding in resource IDs everywhere they should be accessible. 2021-02-08 18:22:07 +01:00			`paramSubResource("tableId", "rowId"),`
WIP - this is working towards the permissions system but stopping here for the night, this is currently not functional. 2020-11-11 18:34:15 +01:00			`authorized(PermissionTypes.TABLE, PermissionLevels.READ),`
Changing record -> row in this update, completing the update of renaming in the builder, this release needs further testing. 2020-10-09 20:10:28 +02:00			`rowController.fetchEnrichedRow`
Adding routes for getting link records based on a record Id. 2020-09-29 13:02:06 +02:00			`)`
removal of appRoot - appId comes in cookie 2020-06-12 21:42:55 +02:00			`.get(`
Changing record -> row in this update, completing the update of renaming in the builder, this release needs further testing. 2020-10-09 20:10:28 +02:00			`"/api/:tableId/rows",`
Adding in resource IDs everywhere they should be accessible. 2021-02-08 18:22:07 +01:00			`paramResource("tableId"),`
WIP - this is working towards the permissions system but stopping here for the night, this is currently not functional. 2020-11-11 18:34:15 +01:00			`authorized(PermissionTypes.TABLE, PermissionLevels.READ),`
Adding some work towards supporting full data source integration. 2021-06-15 14:03:55 +02:00			`rowController.fetch`
removal of appRoot - appId comes in cookie 2020-06-12 21:42:55 +02:00			`)`
			`.get(`
Changing record -> row in this update, completing the update of renaming in the builder, this release needs further testing. 2020-10-09 20:10:28 +02:00			`"/api/:tableId/rows/:rowId",`
Adding in resource IDs everywhere they should be accessible. 2021-02-08 18:22:07 +01:00			`paramSubResource("tableId", "rowId"),`
WIP - this is working towards the permissions system but stopping here for the night, this is currently not functional. 2020-11-11 18:34:15 +01:00			`authorized(PermissionTypes.TABLE, PermissionLevels.READ),`
Changing record -> row in this update, completing the update of renaming in the builder, this release needs further testing. 2020-10-09 20:10:28 +02:00			`rowController.find`
removal of appRoot - appId comes in cookie 2020-06-12 21:42:55 +02:00			`)`
Some of the functionality required for external SQL rows API. 2021-06-14 20:05:39 +02:00			`.post(`
			`"/api/:tableId/search",`
			`paramResource("tableId"),`
			`authorized(PermissionTypes.TABLE, PermissionLevels.READ),`
			`rowController.search`
			`)`
Fixing issue with app import, supporting old search API. 2021-06-21 23:29:32 +02:00			`// DEPRECATED - this is an old API, but for backwards compat it needs to be`
			`// supported still`
Linting. 2021-06-21 23:42:57 +02:00			`.post(`
			`"/api/search/:tableId/rows",`
Fixing issue with app import, supporting old search API. 2021-06-21 23:29:32 +02:00			`paramResource("tableId"),`
			`authorized(PermissionTypes.TABLE, PermissionLevels.READ),`
Linting. 2021-06-21 23:42:57 +02:00			`rowController.search`
			`)`
removal of appRoot - appId comes in cookie 2020-06-12 21:42:55 +02:00			`.post(`
Changing record -> row in this update, completing the update of renaming in the builder, this release needs further testing. 2020-10-09 20:10:28 +02:00			`"/api/:tableId/rows",`
Adding in resource IDs everywhere they should be accessible. 2021-02-08 18:22:07 +01:00			`paramResource("tableId"),`
WIP - this is working towards the permissions system but stopping here for the night, this is currently not functional. 2020-11-11 18:34:15 +01:00			`authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),`
First work towards implementing Dynamo usage in the server when running in the cloud; this is for tracking usage against API keys. 2020-10-06 20:13:41 +02:00			`usage,`
Changing record -> row in this update, completing the update of renaming in the builder, this release needs further testing. 2020-10-09 20:10:28 +02:00			`rowController.save`
removal of appRoot - appId comes in cookie 2020-06-12 21:42:55 +02:00			`)`
added PATCH record route 2020-09-10 10:36:14 +02:00			`.patch(`
Some of the functionality required for external SQL rows API. 2021-06-14 20:05:39 +02:00			`"/api/:tableId/rows",`
			`paramResource("tableId"),`
WIP - this is working towards the permissions system but stopping here for the night, this is currently not functional. 2020-11-11 18:34:15 +01:00			`authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),`
Changing record -> row in this update, completing the update of renaming in the builder, this release needs further testing. 2020-10-09 20:10:28 +02:00			`rowController.patch`
added PATCH record route 2020-09-10 10:36:14 +02:00			`)`
removal of appRoot - appId comes in cookie 2020-06-12 21:42:55 +02:00			`.post(`
Changing record -> row in this update, completing the update of renaming in the builder, this release needs further testing. 2020-10-09 20:10:28 +02:00			`"/api/:tableId/rows/validate",`
Adding in resource IDs everywhere they should be accessible. 2021-02-08 18:22:07 +01:00			`paramResource("tableId"),`
WIP - this is working towards the permissions system but stopping here for the night, this is currently not functional. 2020-11-11 18:34:15 +01:00			`authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),`
Changing record -> row in this update, completing the update of renaming in the builder, this release needs further testing. 2020-10-09 20:10:28 +02:00			`rowController.validate`
removal of appRoot - appId comes in cookie 2020-06-12 21:42:55 +02:00			`)`
			`.delete(`
Fixing bulk deletion. 2021-06-11 20:54:47 +02:00			`"/api/:tableId/rows",`
			`paramResource("tableId"),`
WIP - this is working towards the permissions system but stopping here for the night, this is currently not functional. 2020-11-11 18:34:15 +01:00			`authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),`
First work towards implementing Dynamo usage in the server when running in the cloud; this is for tracking usage against API keys. 2020-10-06 20:13:41 +02:00			`usage,`
Changing record -> row in this update, completing the update of renaming in the builder, this release needs further testing. 2020-10-09 20:10:28 +02:00			`rowController.destroy`
removal of appRoot - appId comes in cookie 2020-06-12 21:42:55 +02:00			`)`

			`module.exports = router`