diff --git a/packages/server/src/api/controllers/permission.ts b/packages/server/src/api/controllers/permission.ts index 8314f29398..ef138ee5c2 100644 --- a/packages/server/src/api/controllers/permission.ts +++ b/packages/server/src/api/controllers/permission.ts @@ -147,31 +147,7 @@ export async function fetch(ctx: UserCtx) { export async function getResourcePerms(ctx: UserCtx) { const resourceId = ctx.params.resourceId - const db = context.getAppDB() - const body = await db.allDocs( - getRoleParams(null, { - include_docs: true, - }) - ) - const rolesList = body.rows.map(row => row.doc) - let permissions: Record = {} - for (let level of SUPPORTED_LEVELS) { - // update the various roleIds in the resource permissions - for (let role of rolesList) { - const rolePerms = roles.checkForRoleResourceArray( - role.permissions, - resourceId - ) - if ( - rolePerms && - rolePerms[resourceId] && - rolePerms[resourceId].indexOf(level) !== -1 - ) { - permissions[level] = roles.getExternalRoleID(role._id, role.version)! - } - } - } - ctx.body = Object.assign(getBasePermissions(resourceId), permissions) + ctx.body = await sdk.permissions.getResourcePerms(resourceId) } export async function addPermission(ctx: UserCtx) { diff --git a/packages/server/src/sdk/app/permissions/index.ts b/packages/server/src/sdk/app/permissions/index.ts index 2219120db6..144b4fab2b 100644 --- a/packages/server/src/sdk/app/permissions/index.ts +++ b/packages/server/src/sdk/app/permissions/index.ts @@ -1,10 +1,15 @@ +import { context, roles } from "@budibase/backend-core" +import { features } from "@budibase/pro" import { DocumentType, PermissionLevel, VirtualDocumentType, } from "@budibase/types" -import { isViewID } from "../../../db/utils" -import { features } from "@budibase/pro" +import { getRoleParams, isViewID } from "../../../db/utils" +import { + CURRENTLY_SUPPORTED_LEVELS, + getBasePermissions, +} from "../../../utilities/security" type ResourceActionAllowedResult = | { allowed: true } @@ -35,3 +40,32 @@ export async function resourceActionAllowed({ resourceType: VirtualDocumentType.VIEW, } } + +export async function getResourcePerms(resourceId: string) { + const db = context.getAppDB() + const body = await db.allDocs( + getRoleParams(null, { + include_docs: true, + }) + ) + const rolesList = body.rows.map(row => row.doc) + let permissions: Record = {} + for (let level of CURRENTLY_SUPPORTED_LEVELS) { + // update the various roleIds in the resource permissions + for (let role of rolesList) { + const rolePerms = roles.checkForRoleResourceArray( + role.permissions, + resourceId + ) + if ( + rolePerms && + rolePerms[resourceId] && + rolePerms[resourceId].indexOf(level) !== -1 + ) { + permissions[level] = roles.getExternalRoleID(role._id, role.version)! + } + } + } + + return Object.assign(getBasePermissions(resourceId), permissions) +}