Fixing minor issue with switch to level -> roleID.

2021-02-11 13:38:07 +00:00 · 2021-02-11 13:38:07 +00:00 · 60b7d68c2e
parent 091b4ee95d
commit 60b7d68c2e
2 changed files with 30 additions and 34 deletions
--- a/packages/server/src/api/controllers/permission.js
+++ b/packages/server/src/api/controllers/permission.js
@ -45,7 +45,7 @@ function getPermissionType(resourceId) {
  }
 }
-async function getBasePermissions(resourceId) {
+function getBasePermissions(resourceId) {
  const type = getPermissionType(resourceId)
  const permissions = {}
  for (let [roleId, role] of Object.entries(BUILTIN_ROLES)) {
@ -153,6 +153,7 @@ exports.fetch = async function(ctx) {
      if (permissions[roleId] == null) {
        permissions[roleId] = {}
      }
      // TODO: need to work this out
      for (let [resource, level] of Object.entries(role.permissions)) {
        permissions[roleId][resource] = higherPermission(
          permissions[roleId][resource],
@ -173,16 +174,13 @@ exports.getResourcePerms = async function(ctx) {
    })
  )
  const roles = body.rows.map(row => row.doc)
-  const resourcePerms = {}
+  const resourcePerms = getBasePermissions(resourceId)
  for (let level of SUPPORTED_LEVELS) {
    for (let role of roles)
    // update the various roleIds in the resource permissions
-    if (role.permissions && role.permissions[resourceId]) {
+    for (let role of roles) {
-      const roleId = getExternalRoleID(role._id)
+      if (role.permissions && role.permissions[resourceId]) {
-      resourcePerms[level] = higherPermission(
+        resourcePerms[level] = getExternalRoleID(role._id)
-        resourcePerms[roleId],
+      }
        role.permissions[resourceId]
      )
    }
  }
  ctx.body = resourcePerms
--- a/packages/server/src/utilities/security/roles.js
+++ b/packages/server/src/utilities/security/roles.js
@ -56,6 +56,29 @@ function isBuiltin(role) {
  return exports.BUILTIN_ROLE_ID_ARRAY.some(builtin => role.includes(builtin))
 }
 /**
 * Returns whichever builtin roleID is lower.
 */
 exports.lowerBuiltinRoleID = (roleId1, roleId2) => {
  const MAX = Object.values(BUILTIN_IDS).length + 1
  function toNum(id) {
    if (id === BUILTIN_IDS.ADMIN || id === BUILTIN_IDS.BUILDER) {
      return MAX
    }
    let role = exports.BUILTIN_ROLES[id],
      count = 0
    do {
      if (!role) {
        break
      }
      role = exports.BUILTIN_ROLES[role.inherits]
      count++
    } while (role !== null)
    return count
  }
  return toNum(roleId1) > toNum(roleId2) ? roleId2 : roleId1
 }
 /**
 * Gets the role object, this is mainly useful for two purposes, to check if the level exists and
 * to check if the role inherits any others.
@ -222,31 +245,6 @@ exports.getExternalRoleID = roleId => {
  return roleId
 }
 /**
 * Returns whichever roleID is lower.
 */
 exports.lowerRoleID = async (appId, roleId1, roleId2) => {
  // TODO: need to make this function work
  const MAX = Object.values(BUILTIN_IDS).length + 1
  async function toNum(id) {
    if (id === BUILTIN_IDS.ADMIN || id === BUILTIN_IDS.BUILDER) {
      return MAX
    }
    let role = await exports.getRole(appId, id),
      count = 0
    do {
      if (!role) {
        break
      }
      role = exports.BUILTIN_ROLES[role.inherits]
      count++
    } while (role !== null)
    return count
  }
  const [num1, num2] = Promise.all([toNum(roleId1), toNum(roleId2)])
  return num1 > num2 ? roleId2 : roleId1
 }
 exports.AccessController = AccessController
 exports.BUILTIN_ROLE_IDS = BUILTIN_IDS
 exports.isBuiltin = isBuiltin