Merge pull request #14779 from Budibase/fix/screen-role-creation

Fixing issue with base permissions of tables
This commit is contained in:
Michael Drury 2024-10-11 18:10:26 +01:00 committed by GitHub
commit b125a7c599
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 54 additions and 4 deletions

View File

@ -21,6 +21,7 @@ import {
ViewCalculation,
ViewV2Enriched,
RowExportFormat,
PermissionLevel,
} from "@budibase/types"
import { checkBuilderEndpoint } from "./utilities/TestFunctions"
import * as setup from "./utilities"
@ -191,6 +192,55 @@ describe.each([
)
})
describe("permissions", () => {
it("get the base permissions for the table", async () => {
const table = await config.api.table.save(
tableForDatasource(datasource, {
schema: {
name: {
type: FieldType.STRING,
name: "name",
},
},
})
)
// get the explicit permissions
const { permissions } = await config.api.permission.get(table._id!, {
status: 200,
})
const explicitPermissions = {
role: "ADMIN",
permissionType: "EXPLICIT",
}
expect(permissions.write).toEqual(explicitPermissions)
expect(permissions.read).toEqual(explicitPermissions)
// revoke the explicit permissions
for (let level of [PermissionLevel.WRITE, PermissionLevel.READ]) {
await config.api.permission.revoke(
{
roleId: permissions[level].role,
resourceId: table._id!,
level,
},
{ status: 200 }
)
}
// check base permissions
const { permissions: basePermissions } = await config.api.permission.get(
table._id!,
{
status: 200,
}
)
const basePerms = { role: "BASIC", permissionType: "BASE" }
expect(basePermissions.write).toEqual(basePerms)
expect(basePermissions.read).toEqual(basePerms)
})
})
describe("update", () => {
it("updates a table", async () => {
const table = await config.api.table.save(

View File

@ -73,8 +73,7 @@ export async function getResourcePerms(
p[level] = { role, type: PermissionSource.BASE }
return p
}, {})
const result = Object.assign(basePermissions, permissions)
return result
return Object.assign(basePermissions, permissions)
}
export async function getDependantResources(

View File

@ -1,5 +1,5 @@
import { permissions, roles } from "@budibase/backend-core"
import { DocumentType, VirtualDocumentType } from "../db/utils"
import { DocumentType, permissions, roles } from "@budibase/backend-core"
import { VirtualDocumentType } from "../db/utils"
import { getDocumentType, getVirtualDocumentType } from "@budibase/types"
export const CURRENTLY_SUPPORTED_LEVELS: string[] = [
@ -19,6 +19,7 @@ export function getPermissionType(resourceId: string) {
switch (docType) {
case DocumentType.TABLE:
case DocumentType.ROW:
case DocumentType.DATASOURCE_PLUS:
return permissions.PermissionType.TABLE
case DocumentType.AUTOMATION:
return permissions.PermissionType.AUTOMATION