Fixing minor issue with switch to level -> roleID.
This commit is contained in:
parent
6c4c70e62b
commit
a2ce35b2f6
|
@ -45,7 +45,7 @@ function getPermissionType(resourceId) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
async function getBasePermissions(resourceId) {
|
function getBasePermissions(resourceId) {
|
||||||
const type = getPermissionType(resourceId)
|
const type = getPermissionType(resourceId)
|
||||||
const permissions = {}
|
const permissions = {}
|
||||||
for (let [roleId, role] of Object.entries(BUILTIN_ROLES)) {
|
for (let [roleId, role] of Object.entries(BUILTIN_ROLES)) {
|
||||||
|
@ -153,6 +153,7 @@ exports.fetch = async function(ctx) {
|
||||||
if (permissions[roleId] == null) {
|
if (permissions[roleId] == null) {
|
||||||
permissions[roleId] = {}
|
permissions[roleId] = {}
|
||||||
}
|
}
|
||||||
|
// TODO: need to work this out
|
||||||
for (let [resource, level] of Object.entries(role.permissions)) {
|
for (let [resource, level] of Object.entries(role.permissions)) {
|
||||||
permissions[roleId][resource] = higherPermission(
|
permissions[roleId][resource] = higherPermission(
|
||||||
permissions[roleId][resource],
|
permissions[roleId][resource],
|
||||||
|
@ -173,16 +174,13 @@ exports.getResourcePerms = async function(ctx) {
|
||||||
})
|
})
|
||||||
)
|
)
|
||||||
const roles = body.rows.map(row => row.doc)
|
const roles = body.rows.map(row => row.doc)
|
||||||
const resourcePerms = {}
|
const resourcePerms = getBasePermissions(resourceId)
|
||||||
for (let level of SUPPORTED_LEVELS) {
|
for (let level of SUPPORTED_LEVELS) {
|
||||||
for (let role of roles)
|
|
||||||
// update the various roleIds in the resource permissions
|
// update the various roleIds in the resource permissions
|
||||||
|
for (let role of roles) {
|
||||||
if (role.permissions && role.permissions[resourceId]) {
|
if (role.permissions && role.permissions[resourceId]) {
|
||||||
const roleId = getExternalRoleID(role._id)
|
resourcePerms[level] = getExternalRoleID(role._id)
|
||||||
resourcePerms[level] = higherPermission(
|
}
|
||||||
resourcePerms[roleId],
|
|
||||||
role.permissions[resourceId]
|
|
||||||
)
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
ctx.body = resourcePerms
|
ctx.body = resourcePerms
|
||||||
|
|
|
@ -56,6 +56,29 @@ function isBuiltin(role) {
|
||||||
return exports.BUILTIN_ROLE_ID_ARRAY.some(builtin => role.includes(builtin))
|
return exports.BUILTIN_ROLE_ID_ARRAY.some(builtin => role.includes(builtin))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns whichever builtin roleID is lower.
|
||||||
|
*/
|
||||||
|
exports.lowerBuiltinRoleID = (roleId1, roleId2) => {
|
||||||
|
const MAX = Object.values(BUILTIN_IDS).length + 1
|
||||||
|
function toNum(id) {
|
||||||
|
if (id === BUILTIN_IDS.ADMIN || id === BUILTIN_IDS.BUILDER) {
|
||||||
|
return MAX
|
||||||
|
}
|
||||||
|
let role = exports.BUILTIN_ROLES[id],
|
||||||
|
count = 0
|
||||||
|
do {
|
||||||
|
if (!role) {
|
||||||
|
break
|
||||||
|
}
|
||||||
|
role = exports.BUILTIN_ROLES[role.inherits]
|
||||||
|
count++
|
||||||
|
} while (role !== null)
|
||||||
|
return count
|
||||||
|
}
|
||||||
|
return toNum(roleId1) > toNum(roleId2) ? roleId2 : roleId1
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Gets the role object, this is mainly useful for two purposes, to check if the level exists and
|
* Gets the role object, this is mainly useful for two purposes, to check if the level exists and
|
||||||
* to check if the role inherits any others.
|
* to check if the role inherits any others.
|
||||||
|
@ -222,31 +245,6 @@ exports.getExternalRoleID = roleId => {
|
||||||
return roleId
|
return roleId
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Returns whichever roleID is lower.
|
|
||||||
*/
|
|
||||||
exports.lowerRoleID = async (appId, roleId1, roleId2) => {
|
|
||||||
// TODO: need to make this function work
|
|
||||||
const MAX = Object.values(BUILTIN_IDS).length + 1
|
|
||||||
async function toNum(id) {
|
|
||||||
if (id === BUILTIN_IDS.ADMIN || id === BUILTIN_IDS.BUILDER) {
|
|
||||||
return MAX
|
|
||||||
}
|
|
||||||
let role = await exports.getRole(appId, id),
|
|
||||||
count = 0
|
|
||||||
do {
|
|
||||||
if (!role) {
|
|
||||||
break
|
|
||||||
}
|
|
||||||
role = exports.BUILTIN_ROLES[role.inherits]
|
|
||||||
count++
|
|
||||||
} while (role !== null)
|
|
||||||
return count
|
|
||||||
}
|
|
||||||
const [num1, num2] = Promise.all([toNum(roleId1), toNum(roleId2)])
|
|
||||||
return num1 > num2 ? roleId2 : roleId1
|
|
||||||
}
|
|
||||||
|
|
||||||
exports.AccessController = AccessController
|
exports.AccessController = AccessController
|
||||||
exports.BUILTIN_ROLE_IDS = BUILTIN_IDS
|
exports.BUILTIN_ROLE_IDS = BUILTIN_IDS
|
||||||
exports.isBuiltin = isBuiltin
|
exports.isBuiltin = isBuiltin
|
||||||
|
|
Loading…
Reference in New Issue