Building out the role assignment/unassignment APIs as new components of the public API.

2023-08-15 16:46:21 +01:00 · 2023-08-15 16:46:21 +01:00 · a6a70c2d09
parent cb49906d36
commit a6a70c2d09
9 changed files with 64 additions and 14 deletions
--- a/packages/backend-core/src/users/db.ts
+++ b/packages/backend-core/src/users/db.ts
@ -1,30 +1,30 @@
 import env from "../environment"
 import * as eventHelpers from "./events"
 import * as accounts from "../accounts"
+import * as accountSdk from "../accounts"
 import * as cache from "../cache"
-import { getIdentity, getTenantId, getGlobalDB } from "../context"
+import { getGlobalDB, getIdentity, getTenantId } from "../context"
 import * as dbUtils from "../db"
 import { EmailUnavailableError, HTTPError } from "../errors"
 import * as platform from "../platform"
 import * as sessions from "../security/sessions"
 import * as usersCore from "./users"
 import {
+  Account,
  AllDocsResponse,
  BulkUserCreated,
  BulkUserDeleted,
+  isSSOAccount,
+  isSSOUser,
  RowResponse,
  SaveUserOpts,
  User,
-  Account,
-  isSSOUser,
-  isSSOAccount,
  UserStatus,
 } from "@budibase/types"
-import * as accountSdk from "../accounts"
 import {
-  validateUniqueUser,
  getAccountHolderFromUserIds,
  isAdmin,
+  validateUniqueUser,
 } from "./utils"
 import { searchExistingEmails } from "./lookup"
 import { hash } from "../utils"
@ -179,6 +179,14 @@ export class UserDB {
    return user
  }

+  static async bulkGet(userIds: string[]) {
+    return await usersCore.bulkGetGlobalUsersById(userIds)
+  }
+
+  static async bulkUpdate(users: User[]) {
+    return await usersCore.bulkUpdateGlobalUsers(users)
+  }
+
  static async save(user: User, opts: SaveUserOpts = {}): Promise<User> {
    // default booleans to true
    if (opts.hashPassword == null) {
--- a/packages/pro
+++ b/packages/pro
@ -1 +1 @@
-Subproject commit 7394675d71f1a0f8c5471644ed03a079683297a2
+Subproject commit 1fc0fe26ec843794c4b80d25e593e3f6edd34840
--- a/packages/server/specs/resources/roles.ts
+++ b/packages/server/specs/resources/roles.ts
@ -3,6 +3,13 @@ import Resource from "./utils/Resource"

 const roleSchema = object(
  {
+    appBuilder: object({
+      appId: {
+        description:
+          "The app that the users should have app builder privileges granted for.",
+        type: "string",
+      },
+    }),
    builder: object(
      {
        global: {
--- a/packages/server/src/api/controllers/public/roles.ts
+++ b/packages/server/src/api/controllers/public/roles.ts
@ -1,12 +1,29 @@
-import { UserCtx } from "@budibase/types"
+import {
+  UserCtx,
+  RoleAssignmentResponse,
+  RoleAssignmentRequest,
+} from "@budibase/types"
 import { Next } from "koa"
+import { sdk } from "@budibase/pro"

-async function assign(ctx: UserCtx, next: Next) {
-  ctx.body = { message: "roles assigned" }
+async function assign(
+  ctx: UserCtx<RoleAssignmentRequest, RoleAssignmentResponse>,
+  next: Next
+) {
+  const { userIds, ...assignmentProps } = ctx.request.body
+  await sdk.publicApi.roles.assign(userIds, assignmentProps)
+  ctx.body = { userIds }
+  await next()
 }

-async function unAssign(ctx: UserCtx, next: Next) {
-  ctx.body = { message: "roles un-assigned" }
+async function unAssign(
+  ctx: UserCtx<RoleAssignmentRequest, RoleAssignmentResponse>,
+  next: Next
+) {
+  const { userIds, ...unAssignmentProps } = ctx.request.body
+  await sdk.publicApi.roles.unAssign(userIds, unAssignmentProps)
+  ctx.body = { userIds }
+  await next()
 }

 export default {
--- a/packages/server/src/api/controllers/public/users.ts
+++ b/packages/server/src/api/controllers/public/users.ts
@ -35,7 +35,7 @@ export async function search(ctx: UserCtx, next: Next) {
 }

 export async function create(ctx: UserCtx, next: Next) {
-  ctx = publicApiUserFix(await sdk.publicApi.userSaveUpdate(ctx))
+  ctx = publicApiUserFix(await sdk.publicApi.users.roleCheck(ctx))
  const response = await saveGlobalUser(ctx)
  ctx.body = await getUser(ctx, response._id)
  await next()
@ -52,7 +52,7 @@ export async function update(ctx: UserCtx, next: Next) {
    ...ctx.request.body,
    _rev: user._rev,
  }
-  ctx = publicApiUserFix(await sdk.publicApi.userSaveUpdate(ctx, user))
+  ctx = publicApiUserFix(await sdk.publicApi.users.roleCheck(ctx, user))
  const response = await saveGlobalUser(ctx)
  ctx.body = await getUser(ctx, response._id)
  await next()
--- a/packages/types/src/api/index.ts
+++ b/packages/types/src/api/index.ts
@ -1,2 +1,3 @@
 export * from "./account"
 export * from "./web"
+export * from "./public"
--- a/packages/types/src/api/public/.keep
+++ b/packages/types/src/api/public/.keep
--- a/packages/types/src/api/public/index.ts
+++ b/packages/types/src/api/public/index.ts
@ -0,0 +1 @@
+export * from "./roles"
--- a/packages/types/src/api/public/roles.ts
+++ b/packages/types/src/api/public/roles.ts
@ -0,0 +1,16 @@
+export interface RoleAssignmentRequest {
+  role?: {
+    appId: string
+    roleId: string
+  }
+  appBuilder?: {
+    appId: string
+  }
+  builder?: boolean
+  admin?: boolean
+  userIds: string[]
+}
+
+export interface RoleAssignmentResponse {
+  userIds: string[]
+}