Reset server changes to master

packages/backend-core/src/security/roles.ts

@@ -7,8 +7,9 @@ import {
   doWithDB,
 } from "../db"
 import { getAppDB } from "../context"
-import { Screen, Role as RoleDoc } from "@budibase/types"
+import { Screen, Role as RoleDoc, RoleUIMetadata } from "@budibase/types"
 import cloneDeep from "lodash/fp/cloneDeep"
+import { RoleColor } from "@budibase/shared-core"
 
 export const BUILTIN_ROLE_IDS = {
   ADMIN: "ADMIN",
@@ -45,22 +46,12 @@ export class Role implements RoleDoc {
   inherits?: string
   version?: string
   permissions: Record<string, PermissionLevel[]> = {}
-  displayName?: string
+  uiMetadata?: RoleUIMetadata
-  color?: string
-  description?: string
 
-  constructor(
+  constructor(id: string, permissionId: string, uiMetadata?: RoleUIMetadata) {
-    id: string,
-    displayName: string,
-    description: string,
-    color: string,
-    permissionId: string
-  ) {
     this._id = id
-    this.name = id
+    this.name = uiMetadata?.displayName || id
-    this.displayName = displayName
+    this.uiMetadata = uiMetadata
-    this.color = color
-    this.description = description
     this.permissionId = permissionId
     // version for managing the ID - removing the role_ when responding
     this.version = RoleIDVersion.NAME
@@ -73,41 +64,31 @@ export class Role implements RoleDoc {
 }
 
 const BUILTIN_ROLES = {
-  ADMIN: new Role(
+  ADMIN: new Role(BUILTIN_IDS.ADMIN, BuiltinPermissionID.ADMIN, {
-    BUILTIN_IDS.ADMIN,
+    displayName: "App admin",
-    "App admin",
+    description: "Can do everything",
-    "Can do everything",
+    color: RoleColor.ADMIN,
-    "var(--spectrum-global-color-static-red-400)",
+  }).addInheritance(BUILTIN_IDS.POWER),
-    BuiltinPermissionID.ADMIN
+  POWER: new Role(BUILTIN_IDS.POWER, BuiltinPermissionID.POWER, {
-  ).addInheritance(BUILTIN_IDS.POWER),
+    displayName: "App power user",
-  POWER: new Role(
+    description: "An app user with more access",
-    BUILTIN_IDS.POWER,
+    color: RoleColor.POWER,
-    "App power user",
+  }).addInheritance(BUILTIN_IDS.BASIC),
-    "An app user with more access",
+  BASIC: new Role(BUILTIN_IDS.BASIC, BuiltinPermissionID.WRITE, {
-    "var(--spectrum-global-color-static-orange-400)",
+    displayName: "App user",
-    BuiltinPermissionID.POWER
+    description: "Any logged in user",
-  ).addInheritance(BUILTIN_IDS.BASIC),
+    color: RoleColor.BASIC,
-  BASIC: new Role(
+  }).addInheritance(BUILTIN_IDS.PUBLIC),
-    BUILTIN_IDS.BASIC,
+  PUBLIC: new Role(BUILTIN_IDS.PUBLIC, BuiltinPermissionID.PUBLIC, {
-    "App user",
+    displayName: "Public user",
-    "Any logged in user",
+    description: "Accessible to anyone",
-    "var(--spectrum-global-color-static-green-400)",
+    color: RoleColor.PUBLIC,
-    BuiltinPermissionID.WRITE
+  }),
-  ).addInheritance(BUILTIN_IDS.PUBLIC),
+  BUILDER: new Role(BUILTIN_IDS.BUILDER, BuiltinPermissionID.ADMIN, {
-  PUBLIC: new Role(
+    displayName: "Builder user",
-    BUILTIN_IDS.PUBLIC,
+    description: "Users that can edit this app",
-    "Public user",
+    color: RoleColor.BUILDER,
-    "Accessible to anyone",
+  }),
-    "var(--spectrum-global-color-static-blue-400)",
-    BuiltinPermissionID.PUBLIC
-  ),
-  BUILDER: new Role(
-    BUILTIN_IDS.BUILDER,
-    "Builder user",
-    "Users that can edit this app",
-    "var(--spectrum-global-color-static-magenta-600)",
-    BuiltinPermissionID.ADMIN
-  ),
 }
 
 export function getBuiltinRoles(): { [key: string]: RoleDoc } {

packages/server/src/api/controllers/role.ts

@@ -19,7 +19,7 @@ import {
   UserMetadata,
   DocumentType,
 } from "@budibase/types"
-import { sdk as sharedSdk } from "@budibase/shared-core"
+import { RoleColor, sdk as sharedSdk } from "@budibase/shared-core"
 import sdk from "../../sdk"
 
 const UpdateRolesOptions = {
@@ -62,16 +62,8 @@ export async function find(ctx: UserCtx<void, FindRoleResponse>) {
 
 export async function save(ctx: UserCtx<SaveRoleRequest, SaveRoleResponse>) {
   const db = context.getAppDB()
-  let {
+  let { _id, name, inherits, permissionId, version, uiMetadata } =
-    _id,
+    ctx.request.body
-    name,
-    displayName,
-    description,
-    color,
-    inherits,
-    permissionId,
-    version,
-  } = ctx.request.body
   let isCreate = false
   const isNewVersion = version === roles.RoleIDVersion.NAME
 
@@ -97,14 +89,11 @@ export async function save(ctx: UserCtx<SaveRoleRequest, SaveRoleResponse>) {
     ctx.throw(400, "Cannot change custom role name")
   }
 
-  const role = new roles.Role(
+  const role = new roles.Role(_id, permissionId, {
-    _id,
+    displayName: uiMetadata?.displayName || name,
-    displayName || name,
+    description: uiMetadata?.description || "Custom role",
-    description || "Custom role",
+    color: uiMetadata?.color || RoleColor.DEFAULT_CUSTOM,
-    color || "var(--spectrum-global-color-static-magenta-400)",
+  }).addInheritance(inherits)
-    permissionId
-  ).addInheritance(inherits)
-
   if (dbRole?.permissions && !role.permissions) {
     role.permissions = dbRole.permissions
   }

packages/server/src/api/routes/tests/permissions.spec.ts

@@ -1,16 +1,5 @@
-const mockedSdk = sdk.permissions as jest.Mocked<typeof sdk.permissions>
-
-import sdk from "../../../sdk"
-
 import { roles } from "@budibase/backend-core"
-import {
+import { Document, PermissionLevel, Row, Table, ViewV2 } from "@budibase/types"
-  Document,
-  DocumentType,
-  PermissionLevel,
-  Row,
-  Table,
-  ViewV2,
-} from "@budibase/types"
 import * as setup from "./utilities"
 import { generator, mocks } from "@budibase/backend-core/tests"
 
@@ -36,6 +25,7 @@ describe("/permission", () => {
 
   beforeEach(async () => {
     mocks.licenses.useCloudFree()
+
     table = (await config.createTable()) as typeof table
     row = await config.createRow()
     view = await config.api.viewV2.create({
@@ -154,27 +144,7 @@ describe("/permission", () => {
       await config.api.viewV2.publicSearch(view.id, undefined, { status: 401 })
     })
 
-    it("should ignore the view permissions if the flag is not on", async () => {
+    it("should use the view permissions", async () => {
-      await config.api.permission.add({
-        roleId: STD_ROLE_ID,
-        resourceId: view.id,
-        level: PermissionLevel.READ,
-      })
-      await config.api.permission.revoke({
-        roleId: STD_ROLE_ID,
-        resourceId: table._id,
-        level: PermissionLevel.READ,
-      })
-      // replicate changes before checking permissions
-      await config.publish()
-
-      await config.api.viewV2.publicSearch(view.id, undefined, {
-        status: 401,
-      })
-    })
-
-    it("should use the view permissions if the flag is on", async () => {
-      mocks.licenses.useViewPermissions()
       await config.api.permission.add({
         roleId: STD_ROLE_ID,
         resourceId: view.id,

packages/server/src/api/routes/utils/validators.ts

@@ -208,9 +208,11 @@ export function roleValidator() {
       name: Joi.string()
         .regex(/^[a-zA-Z0-9_]*$/)
         .required(),
-      displayName: Joi.string().optional(),
+      uiMetadata: Joi.object({
-      color: Joi.string().optional(),
+        displayName: OPTIONAL_STRING,
-      description: Joi.string().optional(),
+        color: OPTIONAL_STRING,
+        description: OPTIONAL_STRING,
+      }).optional(),
       // this is the base permission ID (for now a built in)
       permissionId: Joi.string()
         .valid(...Object.values(permissions.BuiltinPermissionID))

packages/types/src/api/web/role.ts

@@ -4,9 +4,6 @@ export interface SaveRoleRequest {
   _id?: string
   _rev?: string
   name: string
-  displayName?: string
-  color?: string
-  description?: string
   inherits: string
   permissionId: string
   version: string

packages/types/src/documents/app/role.ts

@@ -1,13 +1,17 @@
 import { Document } from "../document"
 import { PermissionLevel } from "../../sdk"
 
+export interface RoleUIMetadata {
+  displayName?: string
+  color?: string
+  description?: string
+}
+
 export interface Role extends Document {
   permissionId: string
   inherits?: string
   permissions: Record<string, PermissionLevel[]>
   version?: string
   name: string
-  displayName?: string
+  uiMetadata?: RoleUIMetadata
-  color?: string
-  description?: string
 }