Display dependant info

2023-09-01 17:03:33 +02:00 · 2023-09-01 17:03:33 +02:00 · 0dc03abe5f
parent a541bde7e1
commit 0dc03abe5f
7 changed files with 84 additions and 1 deletions
--- a/packages/builder/src/components/backend/DataTable/modals/ManageAccessModal.svelte
+++ b/packages/builder/src/components/backend/DataTable/modals/ManageAccessModal.svelte
@ -9,6 +9,7 @@
    ModalContent,
    Tags,
    Tag,
+    Icon,
  } from "@budibase/bbui"
  import { capitalise } from "helpers"
  import { get } from "svelte/store"
@ -63,6 +64,12 @@
  )

  $: requiresPlanToModify = permissions.requiresPlanToModify
+
+  let dependantResources
+  async function loadDependantResources() {
+    dependantResources = await permissionsStore.getDependantsCount(resourceId)
+  }
+  loadDependantResources()
 </script>

 <ModalContent showCancelButton={false} confirmText="Done">
@ -93,6 +100,17 @@
      />
    {/each}
  </div>
+
+  {#if dependantResources}
+    <div class="inheriting-resources">
+      <Icon name="Alert" />
+      <Body size="S">
+        <i>
+          {dependantResources} resource/s are inheriting this access.
+        </i>
+      </Body>
+    </div>
+  {/if}
 </ModalContent>

 <style>
@ -105,4 +123,9 @@
  .lock-tag {
    padding-left: var(--spacing-s);
  }
+
+  .inheriting-resources {
+    display: flex;
+    gap: var(--spacing-s);
+  }
 </style>
--- a/packages/builder/src/stores/backend/permissions.js
+++ b/packages/builder/src/stores/backend/permissions.js
@ -26,6 +26,9 @@ export function createPermissionStore() {
    forResourceDetailed: async resourceId => {
      return await API.getPermissionForResource(resourceId)
    },
+    getDependantsCount: async resourceId => {
+      return (await API.getDependants(resourceId)).total
+    },
  }
 }

--- a/packages/frontend-core/src/api/permissions.js
+++ b/packages/frontend-core/src/api/permissions.js
@ -34,4 +34,14 @@ export const buildPermissionsEndpoints = API => ({
      url: `/api/permission/${roleId}/${resourceId}/${level}`,
    })
  },
+
+  /**
+   * Gets the resources that depend on this resource permissions
+   * @param resourceId the resource ID to check
+   */
+  getDependants: async resourceId => {
+    return await API.get({
+      url: `/api/permission/${resourceId}/dependants`,
+    })
+  },
 })
--- a/packages/server/src/api/controllers/permission.ts
+++ b/packages/server/src/api/controllers/permission.ts
@ -6,6 +6,7 @@ import {
  PermissionLevel,
  GetResourcePermsResponse,
  ResourcePermissionInfo,
+  GetDependantResourcesResponse,
 } from "@budibase/types"
 import { getRoleParams } from "../../db/utils"
 import {
@ -179,6 +180,15 @@ export async function getResourcePerms(
  }
 }

+export async function getDependantResources(
+  ctx: UserCtx<void, GetDependantResourcesResponse>
+) {
+  const resourceId = ctx.params.resourceId
+  ctx.body = {
+    total: await sdk.permissions.getDependantResources(resourceId),
+  }
+}
+
 export async function addPermission(ctx: UserCtx) {
  ctx.body = await updatePermissionOnRole(ctx.params, PermissionUpdateType.ADD)
 }
--- a/packages/server/src/api/routes/permission.ts
+++ b/packages/server/src/api/routes/permission.ts
@ -23,6 +23,11 @@ router
    authorized(permissions.BUILDER),
    controller.getResourcePerms
  )
+  .get(
+    "/api/permission/:resourceId/dependants",
+    authorized(permissions.BUILDER),
+    controller.getDependantResources
+  )
  // adding a specific role/level for the resource overrides the underlying access control
  .post(
    "/api/permission/:roleId/:resourceId/:level",
--- a/packages/server/src/sdk/app/permissions/index.ts
+++ b/packages/server/src/sdk/app/permissions/index.ts
@ -1,4 +1,4 @@
-import { context, env, roles } from "@budibase/backend-core"
+import { context, db, env, roles } from "@budibase/backend-core"
 import { features } from "@budibase/pro"
 import {
  DocumentType,
@ -16,6 +16,8 @@ import {
  CURRENTLY_SUPPORTED_LEVELS,
  getBasePermissions,
 } from "../../../utilities/security"
+import sdk from "../../../sdk"
+import { isV2 } from "../views"

 type ResourceActionAllowedResult =
  | { allowed: true }
@ -134,3 +136,29 @@ export async function getResourcePerms(
  const result = Object.assign(basePermissions, permissions)
  return result
 }
+
+export async function getDependantResources(resourceId: string) {
+  if (db.isTableId(resourceId)) {
+    const dependants = new Set<string>()
+
+    const table = await sdk.tables.getTable(resourceId)
+    const views = Object.values(table.views || {})
+
+    for (const view of views) {
+      if (!isV2(view)) {
+        continue
+      }
+
+      const permissions = await getResourcePerms(view.id)
+      for (const [level, roleInfo] of Object.entries(permissions)) {
+        if (roleInfo.type === PermissionSource.INHERITED) {
+          dependants.add(view.id)
+        }
+      }
+    }
+
+    return dependants.size
+  }
+
+  return 0
+}
--- a/packages/types/src/api/web/app/permission.ts
+++ b/packages/types/src/api/web/app/permission.ts
@ -10,3 +10,7 @@ export interface GetResourcePermsResponse {
  permissions: Record<string, ResourcePermissionInfo>
  requiresPlanToModify?: PlanType
 }
+
+export interface GetDependantResourcesResponse {
+  total: number
+}