Adding access controls to rest query ui.

This commit is contained in:
mike12345567 2021-12-07 18:50:29 +00:00
parent c0512fa242
commit ce075c97ff
5 changed files with 68 additions and 42 deletions

View File

@ -1,6 +1,8 @@
<script> <script>
import { Label, Select } from "@budibase/bbui" import { Label, Select } from "@budibase/bbui"
import { permissions, roles } from "stores/backend" import { permissions, roles } from "stores/backend"
import { onMount } from "svelte"
import { Roles } from "constants/backend"
export let query export let query
export let saveId export let saveId
@ -8,7 +10,7 @@
$: updateRole(roleId, saveId) $: updateRole(roleId, saveId)
let roleId let roleId, loaded
async function updateRole(role, id) { async function updateRole(role, id) {
roleId = role roleId = role
@ -23,15 +25,32 @@
} }
} }
} }
onMount(async () => {
if (!query || !query._id) {
roleId = Roles.BASIC
loaded = true
return
}
try {
roleId = (await permissions.forResource(query._id))["read"]
} catch (err) {
roleId = Roles.BASIC
}
loaded = true
})
</script> </script>
{#if label} {#if loaded}
{#if label}
<Label>{label}</Label> <Label>{label}</Label>
{/if} {/if}
<Select <Select
value={roleId} value={roleId}
on:change={e => updateRole(e.detail)} on:change={e => updateRole(e.detail)}
options={$roles} options={$roles}
getOptionLabel={x => x.name} getOptionLabel={x => x.name}
getOptionValue={x => x._id} getOptionValue={x => x._id}
/> autoWidth
/>
{/if}

View File

@ -75,15 +75,15 @@
<!-- Builds Objects with Key Value Pairs. Useful for building things like Request Headers. --> <!-- Builds Objects with Key Value Pairs. Useful for building things like Request Headers. -->
{#if Object.keys(object || {}).length > 0} {#if Object.keys(object || {}).length > 0}
{#if headings} {#if headings}
<div class="container" class:container-active={activity}> <div class="container" class:container-active={toggle}>
<Label>Key</Label> <Label>Key</Label>
<Label>Value</Label> <Label>Value</Label>
{#if activity} {#if toggle}
<Label>Active</Label> <Label>Active</Label>
{/if} {/if}
</div> </div>
{/if} {/if}
<div class="container" class:container-active={activity} class:readOnly> <div class="container" class:container-active={toggle} class:readOnly>
{#each fields as field, idx} {#each fields as field, idx}
<Input placeholder="Key" bind:value={field.name} on:change={changed} /> <Input placeholder="Key" bind:value={field.name} on:change={changed} />
{#if options} {#if options}

View File

@ -18,17 +18,11 @@
import IntegrationQueryEditor from "components/integration/index.svelte" import IntegrationQueryEditor from "components/integration/index.svelte"
import ExternalDataSourceTable from "components/backend/DataTable/ExternalDataSourceTable.svelte" import ExternalDataSourceTable from "components/backend/DataTable/ExternalDataSourceTable.svelte"
import ParameterBuilder from "components/integration/QueryParameterBuilder.svelte" import ParameterBuilder from "components/integration/QueryParameterBuilder.svelte"
import { import { datasources, integrations, queries } from "stores/backend"
datasources,
integrations,
queries,
permissions,
} from "stores/backend"
import { capitalise } from "../../helpers" import { capitalise } from "../../helpers"
import CodeMirrorEditor from "components/common/CodeMirrorEditor.svelte" import CodeMirrorEditor from "components/common/CodeMirrorEditor.svelte"
import JSONPreview from "./JSONPreview.svelte" import JSONPreview from "./JSONPreview.svelte"
import { Roles, SchemaTypeOptions } from "constants/backend" import { SchemaTypeOptions } from "constants/backend"
import { onMount } from "svelte"
import KeyValueBuilder from "./KeyValueBuilder.svelte" import KeyValueBuilder from "./KeyValueBuilder.svelte"
import { fieldsToSchema, schemaToFields } from "helpers/data/utils" import { fieldsToSchema, schemaToFields } from "helpers/data/utils"
import AccessLevelSelect from "./AccessLevelSelect.svelte" import AccessLevelSelect from "./AccessLevelSelect.svelte"
@ -38,7 +32,6 @@
let fields = query?.schema ? schemaToFields(query.schema) : [] let fields = query?.schema ? schemaToFields(query.schema) : []
let parameters let parameters
let data = [] let data = []
let roleId
let saveId let saveId
const transformerDocs = const transformerDocs =
"https://docs.budibase.com/building-apps/data/transformers" "https://docs.budibase.com/building-apps/data/transformers"
@ -95,18 +88,6 @@
notifications.error(`Error creating query. ${err.message}`) notifications.error(`Error creating query. ${err.message}`)
} }
} }
onMount(async () => {
if (!query || !query._id) {
roleId = Roles.BASIC
return
}
try {
roleId = (await permissions.forResource(query._id))["read"]
} catch (err) {
roleId = Roles.BASIC
}
})
</script> </script>
<Layout gap="S" noPadding> <Layout gap="S" noPadding>

View File

@ -1,8 +1,10 @@
<script> <script>
import { params } from "@roxi/routify" import { params, goto } from "@roxi/routify"
import { database, queries } from "stores/backend" import { database, datasources, queries } from "stores/backend"
import QueryInterface from "components/integration/QueryViewer.svelte" import QueryInterface from "components/integration/QueryViewer.svelte"
import { IntegrationTypes } from "constants/backend"
let selectedQuery, datasource
$: selectedQuery = $queries.list.find( $: selectedQuery = $queries.list.find(
query => query._id === $queries.selected query => query._id === $queries.selected
) || { ) || {
@ -11,6 +13,14 @@
fields: {}, fields: {},
queryVerb: "read", queryVerb: "read",
} }
$: datasource = $datasources.list.find(
ds => ds._id === $params.selectedDatasource
)
$: {
if (datasource?.source === IntegrationTypes.REST) {
$goto(`../rest/${$params.query}`)
}
}
</script> </script>
<section> <section>

View File

@ -36,6 +36,7 @@
SchemaTypeOptions, SchemaTypeOptions,
} from "constants/backend" } from "constants/backend"
import JSONPreview from "components/integration/JSONPreview.svelte" import JSONPreview from "components/integration/JSONPreview.svelte"
import AccessLevelSelect from "components/integration/AccessLevelSelect.svelte"
let query, datasource let query, datasource
let breakQs = {} let breakQs = {}
@ -144,12 +145,18 @@
<div class="inner"> <div class="inner">
<div class="top"> <div class="top">
<Layout gap="S"> <Layout gap="S">
<div class="top-bar">
<EditableLabel <EditableLabel
type="heading" type="heading"
bind:value={query.name} bind:value={query.name}
defaultValue="Untitled" defaultValue="Untitled"
on:change={() => (query.flags.urlName = false)} on:change={() => (query.flags.urlName = false)}
/> />
<div class="access">
<Label>Access level</Label>
<AccessLevelSelect {query} {saveId} />
</div>
</div>
<div class="url-block"> <div class="url-block">
<div class="verb"> <div class="verb">
<Select <Select
@ -303,4 +310,13 @@
.red { .red {
color: #ea7d82; color: #ea7d82;
} }
.top-bar {
display: flex;
justify-content: space-between;
}
.access {
display: flex;
gap: var(--spacing-m);
align-items: center;
}
</style> </style>