MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Display dependant info

This commit is contained in:
Adria Navarro 2023-09-01 17:03:33 +02:00
parent a541bde7e1
commit 0dc03abe5f
7 changed files with 84 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
packages/builder/src/components/backend/DataTable/modals/ManageAccessModal.svelte
View File

@ -9,6 +9,7 @@
ModalContent, ModalContent,
Tags, Tags,
Tag, Tag,
Icon,
} from "@budibase/bbui" } from "@budibase/bbui"
import { capitalise } from "helpers" import { capitalise } from "helpers"
import { get } from "svelte/store" import { get } from "svelte/store"
@ -63,6 +64,12 @@
) )
$: requiresPlanToModify = permissions.requiresPlanToModify $: requiresPlanToModify = permissions.requiresPlanToModify
let dependantResources
async function loadDependantResources() {
dependantResources = await permissionsStore.getDependantsCount(resourceId)
}
loadDependantResources()
</script> </script>
<ModalContent showCancelButton={false} confirmText="Done"> <ModalContent showCancelButton={false} confirmText="Done">
@ -93,6 +100,17 @@
/> />
{/each} {/each}
</div> </div>
{#if dependantResources}
<div class="inheriting-resources">
<Icon name="Alert" />
<Body size="S">
<i>
{dependantResources} resource/s are inheriting this access.
</i>
</Body>
</div>
{/if}
</ModalContent> </ModalContent>
<style> <style>
@ -105,4 +123,9 @@
.lock-tag { .lock-tag {
padding-left: var(--spacing-s); padding-left: var(--spacing-s);
} }
.inheriting-resources {
display: flex;
gap: var(--spacing-s);
}
</style> </style>

3
packages/builder/src/stores/backend/permissions.js
View File

@ -26,6 +26,9 @@ export function createPermissionStore() {
forResourceDetailed: async resourceId => { forResourceDetailed: async resourceId => {
return await API.getPermissionForResource(resourceId) return await API.getPermissionForResource(resourceId)
}, },
getDependantsCount: async resourceId => {
return (await API.getDependants(resourceId)).total
},
} }
} }

10
packages/frontend-core/src/api/permissions.js
View File

@ -34,4 +34,14 @@ export const buildPermissionsEndpoints = API => ({
url: `/api/permission/${roleId}/${resourceId}/${level}`, url: `/api/permission/${roleId}/${resourceId}/${level}`,
}) })
}, },
/**
* Gets the resources that depend on this resource permissions
* @param resourceId the resource ID to check
*/
getDependants: async resourceId => {
return await API.get({
url: `/api/permission/${resourceId}/dependants`,
})
},
}) })

10
packages/server/src/api/controllers/permission.ts
View File

@ -6,6 +6,7 @@ import {
PermissionLevel, PermissionLevel,
GetResourcePermsResponse, GetResourcePermsResponse,
ResourcePermissionInfo, ResourcePermissionInfo,
GetDependantResourcesResponse,
} from "@budibase/types" } from "@budibase/types"
import { getRoleParams } from "../../db/utils" import { getRoleParams } from "../../db/utils"
import { import {
@ -179,6 +180,15 @@ export async function getResourcePerms(
} }
} }
export async function getDependantResources(
ctx: UserCtx<void, GetDependantResourcesResponse>
) {
const resourceId = ctx.params.resourceId
ctx.body = {
total: await sdk.permissions.getDependantResources(resourceId),
}
}
export async function addPermission(ctx: UserCtx) { export async function addPermission(ctx: UserCtx) {
ctx.body = await updatePermissionOnRole(ctx.params, PermissionUpdateType.ADD) ctx.body = await updatePermissionOnRole(ctx.params, PermissionUpdateType.ADD)
} }

5
packages/server/src/api/routes/permission.ts
View File

@ -23,6 +23,11 @@ router
authorized(permissions.BUILDER), authorized(permissions.BUILDER),
controller.getResourcePerms controller.getResourcePerms
) )
.get(
"/api/permission/:resourceId/dependants",
authorized(permissions.BUILDER),
controller.getDependantResources
)
// adding a specific role/level for the resource overrides the underlying access control // adding a specific role/level for the resource overrides the underlying access control
.post( .post(
"/api/permission/:roleId/:resourceId/:level", "/api/permission/:roleId/:resourceId/:level",

30
packages/server/src/sdk/app/permissions/index.ts
View File

@ -1,4 +1,4 @@
import { context, env, roles } from "@budibase/backend-core" import { context, db, env, roles } from "@budibase/backend-core"
import { features } from "@budibase/pro" import { features } from "@budibase/pro"
import { import {
DocumentType, DocumentType,
@ -16,6 +16,8 @@ import {
CURRENTLY_SUPPORTED_LEVELS, CURRENTLY_SUPPORTED_LEVELS,
getBasePermissions, getBasePermissions,
} from "../../../utilities/security" } from "../../../utilities/security"
import sdk from "../../../sdk"
import { isV2 } from "../views"
type ResourceActionAllowedResult = type ResourceActionAllowedResult =
| { allowed: true } | { allowed: true }
@ -134,3 +136,29 @@ export async function getResourcePerms(
const result = Object.assign(basePermissions, permissions) const result = Object.assign(basePermissions, permissions)
return result return result
} }
export async function getDependantResources(resourceId: string) {
if (db.isTableId(resourceId)) {
const dependants = new Set<string>()
const table = await sdk.tables.getTable(resourceId)
const views = Object.values(table.views || {})
for (const view of views) {
if (!isV2(view)) {
continue
}
const permissions = await getResourcePerms(view.id)
for (const [level, roleInfo] of Object.entries(permissions)) {
if (roleInfo.type === PermissionSource.INHERITED) {
dependants.add(view.id)
}
}
}
return dependants.size
}
return 0
}

4
packages/types/src/api/web/app/permission.ts
View File

@ -10,3 +10,7 @@ export interface GetResourcePermsResponse {
permissions: Record<string, ResourcePermissionInfo> permissions: Record<string, ResourcePermissionInfo>
requiresPlanToModify?: PlanType requiresPlanToModify?: PlanType
} }
export interface GetDependantResourcesResponse {
total: number
}