MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Endpoint to allow/disallow runs from table

This commit is contained in:
Adria Navarro 2024-10-04 13:30:54 +02:00
parent 75b5bbf401
commit 4c4f766a6a
3 changed files with 58 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
packages/server/src/api/controllers/rowAction/crud.ts
View File

@ -95,6 +95,37 @@ export async function remove(ctx: Ctx<void, void>) {
ctx.status = 204 ctx.status = 204
} }
export async function setTablePermission(ctx: Ctx<void, RowActionResponse>) {
const table = await getTable(ctx)
const tableId = table._id!
const { actionId } = ctx.params
const action = await sdk.rowActions.setTablePermission(tableId, actionId)
ctx.body = {
tableId,
id: action.id,
name: action.name,
automationId: action.automationId,
allowedSources: flattenAllowedSources(tableId, action.permissions),
}
}
export async function unsetTablePermission(ctx: Ctx<void, RowActionResponse>) {
const table = await getTable(ctx)
const tableId = table._id!
const { actionId } = ctx.params
const action = await sdk.rowActions.unsetTablePermission(tableId, actionId)
ctx.body = {
tableId,
id: action.id,
name: action.name,
automationId: action.automationId,
allowedSources: flattenAllowedSources(tableId, action.permissions),
}
}
export async function setViewPermission(ctx: Ctx<void, RowActionResponse>) { export async function setViewPermission(ctx: Ctx<void, RowActionResponse>) {
const table = await getTable(ctx) const table = await getTable(ctx)
const tableId = table._id! const tableId = table._id!

10
packages/server/src/api/routes/rowAction.ts
View File

@ -51,6 +51,16 @@ router
authorized(BUILDER), authorized(BUILDER),
rowActionController.remove rowActionController.remove
) )
.post(
"/api/tables/:tableId/actions/:actionId/permissions",
authorized(BUILDER),
rowActionController.setTablePermission
)
.delete(
"/api/tables/:tableId/actions/:actionId/permissions",
authorized(BUILDER),
rowActionController.unsetTablePermission
)
.post( .post(
"/api/tables/:tableId/actions/:actionId/permissions/:viewId", "/api/tables/:tableId/actions/:actionId/permissions/:viewId",
authorized(BUILDER), authorized(BUILDER),

17
packages/server/src/sdk/app/rowActions.ts
View File

@ -163,6 +163,23 @@ async function guardView(tableId: string, viewId: string) {
} }
} }
export async function setTablePermission(tableId: string, rowActionId: string) {
return await updateDoc(tableId, rowActionId, async actionsDoc => {
actionsDoc.actions[rowActionId].permissions.table.runAllowed = true
return actionsDoc
})
}
export async function unsetTablePermission(
tableId: string,
rowActionId: string
) {
return await updateDoc(tableId, rowActionId, async actionsDoc => {
actionsDoc.actions[rowActionId].permissions.table.runAllowed = false
return actionsDoc
})
}
export async function setViewPermission( export async function setViewPermission(
tableId: string, tableId: string,
rowActionId: string, rowActionId: string,