2020-12-02 14:20:56 +01:00
|
|
|
const Router = require("@koa/router")
|
|
|
|
const controller = require("../controllers/role")
|
|
|
|
const authorized = require("../../middleware/authorized")
|
2020-12-02 18:08:25 +01:00
|
|
|
const Joi = require("joi")
|
|
|
|
const joiValidator = require("../../middleware/joi-validator")
|
|
|
|
const {
|
|
|
|
BUILTIN_PERMISSION_IDS,
|
2021-05-14 16:43:41 +02:00
|
|
|
BUILDER,
|
|
|
|
PermissionLevels,
|
2022-01-10 20:33:00 +01:00
|
|
|
} = require("@budibase/backend-core/permissions")
|
2020-12-02 14:20:56 +01:00
|
|
|
|
|
|
|
const router = Router()
|
|
|
|
|
2020-12-02 18:08:25 +01:00
|
|
|
function generateValidator() {
|
2021-02-05 19:46:15 +01:00
|
|
|
const permLevelArray = Object.values(PermissionLevels)
|
2020-12-02 18:08:25 +01:00
|
|
|
// prettier-ignore
|
|
|
|
return joiValidator.body(Joi.object({
|
|
|
|
_id: Joi.string().optional(),
|
|
|
|
_rev: Joi.string().optional(),
|
|
|
|
name: Joi.string().required(),
|
2021-02-05 19:46:15 +01:00
|
|
|
// this is the base permission ID (for now a built in)
|
2020-12-02 18:08:25 +01:00
|
|
|
permissionId: Joi.string().valid(...Object.values(BUILTIN_PERMISSION_IDS)).required(),
|
2021-02-05 19:46:15 +01:00
|
|
|
permissions: Joi.object()
|
|
|
|
.pattern(/.*/, [Joi.string().valid(...permLevelArray)])
|
|
|
|
.optional(),
|
2020-12-02 18:08:25 +01:00
|
|
|
inherits: Joi.string().optional(),
|
|
|
|
}).unknown(true))
|
|
|
|
}
|
|
|
|
|
2020-12-02 14:20:56 +01:00
|
|
|
router
|
2020-12-02 18:08:25 +01:00
|
|
|
.post("/api/roles", authorized(BUILDER), generateValidator(), controller.save)
|
2020-12-02 14:20:56 +01:00
|
|
|
.get("/api/roles", authorized(BUILDER), controller.fetch)
|
|
|
|
.get("/api/roles/:roleId", authorized(BUILDER), controller.find)
|
|
|
|
.delete("/api/roles/:roleId/:rev", authorized(BUILDER), controller.destroy)
|
|
|
|
|
|
|
|
module.exports = router
|