From 472af5d4e5529e858a424eed921961755e9bf1d0 Mon Sep 17 00:00:00 2001 From: mike12345567 Date: Tue, 9 Nov 2021 16:25:23 +0000 Subject: [PATCH 1/9] Adding the ability to set a permission for data source queries. --- .../DataTable/modals/ManageAccessModal.svelte | 2 - .../components/integration/QueryViewer.svelte | 50 ++++++++++++++++++- .../builder/src/stores/backend/permissions.js | 6 +-- packages/server/src/api/routes/query.js | 1 + 4 files changed, 51 insertions(+), 8 deletions(-) diff --git a/packages/builder/src/components/backend/DataTable/modals/ManageAccessModal.svelte b/packages/builder/src/components/backend/DataTable/modals/ManageAccessModal.svelte index e0be768cf6..0998a5be2e 100644 --- a/packages/builder/src/components/backend/DataTable/modals/ManageAccessModal.svelte +++ b/packages/builder/src/components/backend/DataTable/modals/ManageAccessModal.svelte @@ -23,8 +23,6 @@ // Show updated permissions in UI: REMOVE permissions = await permissionsStore.forResource(resourceId) notifications.success("Updated permissions.") - // TODO: update permissions - // permissions[] } diff --git a/packages/builder/src/components/integration/QueryViewer.svelte b/packages/builder/src/components/integration/QueryViewer.svelte index 3213adbbe3..7d32db9e4c 100644 --- a/packages/builder/src/components/integration/QueryViewer.svelte +++ b/packages/builder/src/components/integration/QueryViewer.svelte @@ -19,15 +19,24 @@ import IntegrationQueryEditor from "components/integration/index.svelte" import ExternalDataSourceTable from "components/backend/DataTable/ExternalDataSourceTable.svelte" import ParameterBuilder from "components/integration/QueryParameterBuilder.svelte" - import { datasources, integrations, queries } from "stores/backend" + import { + datasources, + integrations, + queries, + roles, + permissions, + } from "stores/backend" import { capitalise } from "../../helpers" import CodeMirrorEditor from "components/common/CodeMirrorEditor.svelte" + import { Roles } from "constants/backend" + import { onMount } from "svelte" export let query export let fields = [] let parameters let data = [] + let roleId const transformerDocs = "https://docs.budibase.com/building-apps/data/transformers" const typeOptions = [ @@ -70,7 +79,22 @@ } function resetDependentFields() { - if (query.fields.extra) query.fields.extra = {} + if (query.fields.extra) { + query.fields.extra = {} + } + } + + async function updateRole(role, id = null) { + roleId = role + if (query?._id || id) { + for (let level of ["read", "write"]) { + await permissions.save({ + level, + role, + resource: query?._id || id, + }) + } + } } function populateExtraQuery(extraQueryFields) { @@ -122,6 +146,7 @@ async function saveQuery() { try { const { _id } = await queries.save(query.datasourceId, query) + await updateRole(roleId, _id) notifications.success(`Query saved successfully.`) $goto(`../${_id}`) } catch (err) { @@ -129,6 +154,17 @@ notifications.error(`Error creating query. ${err.message}`) } } + + onMount(async () => { + if (!query || !query._id) { + return + } + try { + roleId = (await permissions.forResource(query._id))["read"] + } catch (err) { + roleId = Roles.BASIC + } + }) @@ -151,6 +187,16 @@ queryConfig[verb]?.displayName || capitalise(verb)} /> +
+ +