Merge pull request #14779 from Budibase/fix/screen-role-creation

Fixing issue with base permissions of tables

packages/server/src/api/routes/tests/table.spec.ts

@@ -21,6 +21,7 @@ import {
   ViewCalculation,
   ViewV2Enriched,
   RowExportFormat,
+  PermissionLevel,
 } from "@budibase/types"
 import { checkBuilderEndpoint } from "./utilities/TestFunctions"
 import * as setup from "./utilities"
@@ -191,6 +192,55 @@ describe.each([
     )
   })
 
+  describe("permissions", () => {
+    it("get the base permissions for the table", async () => {
+      const table = await config.api.table.save(
+        tableForDatasource(datasource, {
+          schema: {
+            name: {
+              type: FieldType.STRING,
+              name: "name",
+            },
+          },
+        })
+      )
+
+      // get the explicit permissions
+      const { permissions } = await config.api.permission.get(table._id!, {
+        status: 200,
+      })
+      const explicitPermissions = {
+        role: "ADMIN",
+        permissionType: "EXPLICIT",
+      }
+      expect(permissions.write).toEqual(explicitPermissions)
+      expect(permissions.read).toEqual(explicitPermissions)
+
+      // revoke the explicit permissions
+      for (let level of [PermissionLevel.WRITE, PermissionLevel.READ]) {
+        await config.api.permission.revoke(
+          {
+            roleId: permissions[level].role,
+            resourceId: table._id!,
+            level,
+          },
+          { status: 200 }
+        )
+      }
+
+      // check base permissions
+      const { permissions: basePermissions } = await config.api.permission.get(
+        table._id!,
+        {
+          status: 200,
+        }
+      )
+      const basePerms = { role: "BASIC", permissionType: "BASE" }
+      expect(basePermissions.write).toEqual(basePerms)
+      expect(basePermissions.read).toEqual(basePerms)
+    })
+  })
+
   describe("update", () => {
     it("updates a table", async () => {
       const table = await config.api.table.save(

packages/server/src/sdk/app/permissions/index.ts

@@ -73,8 +73,7 @@ export async function getResourcePerms(
     p[level] = { role, type: PermissionSource.BASE }
     return p
   }, {})
-  const result = Object.assign(basePermissions, permissions)
+  return Object.assign(basePermissions, permissions)
-  return result
 }
 
 export async function getDependantResources(

packages/server/src/utilities/security.ts

@@ -1,5 +1,5 @@
-import { permissions, roles } from "@budibase/backend-core"
+import { DocumentType, permissions, roles } from "@budibase/backend-core"
-import { DocumentType, VirtualDocumentType } from "../db/utils"
+import { VirtualDocumentType } from "../db/utils"
 import { getDocumentType, getVirtualDocumentType } from "@budibase/types"
 
 export const CURRENTLY_SUPPORTED_LEVELS: string[] = [
@@ -19,6 +19,7 @@ export function getPermissionType(resourceId: string) {
   switch (docType) {
     case DocumentType.TABLE:
     case DocumentType.ROW:
+    case DocumentType.DATASOURCE_PLUS:
       return permissions.PermissionType.TABLE
     case DocumentType.AUTOMATION:
       return permissions.PermissionType.AUTOMATION