Merge branch 'contextual-workflows' of github.com:Budibase/budibase into contextual-workflows
This commit is contained in:
commit
bcd27a2026
|
@ -1,106 +1,29 @@
|
||||||
const viewController = require("../api/controllers/view")
|
|
||||||
const modelController = require("../api/controllers/model")
|
|
||||||
const workflowController = require("../api/controllers/workflow")
|
|
||||||
|
|
||||||
// Access Level IDs
|
|
||||||
const ADMIN_LEVEL_ID = "ADMIN"
|
|
||||||
const POWERUSER_LEVEL_ID = "POWER_USER"
|
|
||||||
const BUILDER_LEVEL_ID = "BUILDER"
|
|
||||||
const ANON_LEVEL_ID = "ANON"
|
|
||||||
|
|
||||||
// Permissions
|
// Permissions
|
||||||
const READ_MODEL = "read-model"
|
module.exports.READ_MODEL = "read-model"
|
||||||
const WRITE_MODEL = "write-model"
|
module.exports.WRITE_MODEL = "write-model"
|
||||||
const READ_VIEW = "read-view"
|
module.exports.READ_VIEW = "read-view"
|
||||||
const EXECUTE_WORKFLOW = "execute-workflow"
|
module.exports.EXECUTE_WORKFLOW = "execute-workflow"
|
||||||
const USER_MANAGEMENT = "user-management"
|
module.exports.USER_MANAGEMENT = "user-management"
|
||||||
const BUILDER = "builder"
|
module.exports.BUILDER = "builder"
|
||||||
const LIST_USERS = "list-users"
|
module.exports.LIST_USERS = "list-users"
|
||||||
|
// Access Level IDs
|
||||||
const adminPermissions = [
|
module.exports.ADMIN_LEVEL_ID = "ADMIN"
|
||||||
|
module.exports.POWERUSER_LEVEL_ID = "POWER_USER"
|
||||||
|
module.exports.BUILDER_LEVEL_ID = "BUILDER"
|
||||||
|
module.exports.ANON_LEVEL_ID = "ANON"
|
||||||
|
module.exports.ACCESS_LEVELS = [
|
||||||
|
module.exports.ADMIN_LEVEL_ID,
|
||||||
|
module.exports.POWERUSER_LEVEL_ID,
|
||||||
|
module.exports.BUILDER_LEVEL_ID,
|
||||||
|
module.exports.ANON_LEVEL_ID,
|
||||||
|
]
|
||||||
|
module.exports.adminPermissions = [
|
||||||
{
|
{
|
||||||
name: USER_MANAGEMENT,
|
name: module.exports.USER_MANAGEMENT,
|
||||||
},
|
},
|
||||||
]
|
]
|
||||||
|
|
||||||
const generateAdminPermissions = async instanceId => [
|
// to avoid circular dependencies this is included later, after exporting all enums
|
||||||
...adminPermissions,
|
const permissions = require("./permissions")
|
||||||
...(await generatePowerUserPermissions(instanceId)),
|
module.exports.generateAdminPermissions = permissions.generateAdminPermissions
|
||||||
]
|
module.exports.generatePowerUserPermissions = permissions.generatePowerUserPermissions
|
||||||
|
|
||||||
const generatePowerUserPermissions = async instanceId => {
|
|
||||||
const fetchModelsCtx = {
|
|
||||||
user: {
|
|
||||||
instanceId,
|
|
||||||
},
|
|
||||||
}
|
|
||||||
await modelController.fetch(fetchModelsCtx)
|
|
||||||
const models = fetchModelsCtx.body
|
|
||||||
|
|
||||||
const fetchViewsCtx = {
|
|
||||||
user: {
|
|
||||||
instanceId,
|
|
||||||
},
|
|
||||||
}
|
|
||||||
await viewController.fetch(fetchViewsCtx)
|
|
||||||
const views = fetchViewsCtx.body
|
|
||||||
|
|
||||||
const fetchWorkflowsCtx = {
|
|
||||||
user: {
|
|
||||||
instanceId,
|
|
||||||
},
|
|
||||||
}
|
|
||||||
await workflowController.fetch(fetchWorkflowsCtx)
|
|
||||||
const workflows = fetchWorkflowsCtx.body
|
|
||||||
|
|
||||||
const readModelPermissions = models.map(m => ({
|
|
||||||
itemId: m._id,
|
|
||||||
name: READ_MODEL,
|
|
||||||
}))
|
|
||||||
|
|
||||||
const writeModelPermissions = models.map(m => ({
|
|
||||||
itemId: m._id,
|
|
||||||
name: WRITE_MODEL,
|
|
||||||
}))
|
|
||||||
|
|
||||||
const viewPermissions = views.map(v => ({
|
|
||||||
itemId: v.name,
|
|
||||||
name: READ_VIEW,
|
|
||||||
}))
|
|
||||||
|
|
||||||
const executeWorkflowPermissions = workflows.map(w => ({
|
|
||||||
itemId: w._id,
|
|
||||||
name: EXECUTE_WORKFLOW,
|
|
||||||
}))
|
|
||||||
|
|
||||||
return [
|
|
||||||
...readModelPermissions,
|
|
||||||
...writeModelPermissions,
|
|
||||||
...viewPermissions,
|
|
||||||
...executeWorkflowPermissions,
|
|
||||||
{ name: LIST_USERS },
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
||||||
module.exports = {
|
|
||||||
ADMIN_LEVEL_ID,
|
|
||||||
POWERUSER_LEVEL_ID,
|
|
||||||
BUILDER_LEVEL_ID,
|
|
||||||
ANON_LEVEL_ID,
|
|
||||||
ACCESS_LEVELS: [
|
|
||||||
ADMIN_LEVEL_ID,
|
|
||||||
POWERUSER_LEVEL_ID,
|
|
||||||
BUILDER_LEVEL_ID,
|
|
||||||
ANON_LEVEL_ID,
|
|
||||||
],
|
|
||||||
READ_MODEL,
|
|
||||||
WRITE_MODEL,
|
|
||||||
READ_VIEW,
|
|
||||||
EXECUTE_WORKFLOW,
|
|
||||||
USER_MANAGEMENT,
|
|
||||||
BUILDER,
|
|
||||||
LIST_USERS,
|
|
||||||
adminPermissions,
|
|
||||||
generateAdminPermissions,
|
|
||||||
generatePowerUserPermissions,
|
|
||||||
}
|
|
||||||
|
|
|
@ -0,0 +1,66 @@
|
||||||
|
const viewController = require("../api/controllers/view")
|
||||||
|
const modelController = require("../api/controllers/model")
|
||||||
|
const workflowController = require("../api/controllers/workflow")
|
||||||
|
const accessLevels = require("./accessLevels")
|
||||||
|
|
||||||
|
// this has been broken out to reduce risk of circular dependency from utilities, no enums defined here
|
||||||
|
const generateAdminPermissions = async instanceId => [
|
||||||
|
...accessLevels.adminPermissions,
|
||||||
|
...(await generatePowerUserPermissions(instanceId)),
|
||||||
|
]
|
||||||
|
|
||||||
|
const generatePowerUserPermissions = async instanceId => {
|
||||||
|
const fetchModelsCtx = {
|
||||||
|
user: {
|
||||||
|
instanceId,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
await modelController.fetch(fetchModelsCtx)
|
||||||
|
const models = fetchModelsCtx.body
|
||||||
|
|
||||||
|
const fetchViewsCtx = {
|
||||||
|
user: {
|
||||||
|
instanceId,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
await viewController.fetch(fetchViewsCtx)
|
||||||
|
const views = fetchViewsCtx.body
|
||||||
|
|
||||||
|
const fetchWorkflowsCtx = {
|
||||||
|
user: {
|
||||||
|
instanceId,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
await workflowController.fetch(fetchWorkflowsCtx)
|
||||||
|
const workflows = fetchWorkflowsCtx.body
|
||||||
|
|
||||||
|
const readModelPermissions = models.map(m => ({
|
||||||
|
itemId: m._id,
|
||||||
|
name: accessLevels.READ_MODEL,
|
||||||
|
}))
|
||||||
|
|
||||||
|
const writeModelPermissions = models.map(m => ({
|
||||||
|
itemId: m._id,
|
||||||
|
name: accessLevels.WRITE_MODEL,
|
||||||
|
}))
|
||||||
|
|
||||||
|
const viewPermissions = views.map(v => ({
|
||||||
|
itemId: v.name,
|
||||||
|
name: accessLevels.READ_VIEW,
|
||||||
|
}))
|
||||||
|
|
||||||
|
const executeWorkflowPermissions = workflows.map(w => ({
|
||||||
|
itemId: w._id,
|
||||||
|
name: accessLevels.EXECUTE_WORKFLOW,
|
||||||
|
}))
|
||||||
|
|
||||||
|
return [
|
||||||
|
...readModelPermissions,
|
||||||
|
...writeModelPermissions,
|
||||||
|
...viewPermissions,
|
||||||
|
...executeWorkflowPermissions,
|
||||||
|
{ name: accessLevels.LIST_USERS },
|
||||||
|
]
|
||||||
|
}
|
||||||
|
module.exports.generateAdminPermissions = generateAdminPermissions
|
||||||
|
module.exports.generatePowerUserPermissions = generatePowerUserPermissions
|
|
@ -1,5 +1,5 @@
|
||||||
|
const accessLevels = require("../../utilities/accessLevels")
|
||||||
const userController = require("../../api/controllers/user")
|
const userController = require("../../api/controllers/user")
|
||||||
let accessLevels = require("../../utilities/accessLevels")
|
|
||||||
|
|
||||||
module.exports.definition = {
|
module.exports.definition = {
|
||||||
description: "Create a new user",
|
description: "Create a new user",
|
||||||
|
|
Loading…
Reference in New Issue