MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Move permissions code to sdk

This commit is contained in:
Adria Navarro 2023-08-31 10:36:17 +02:00
parent d36c7d744f
commit dcd8c3b289
2 changed files with 37 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
packages/server/src/api/controllers/permission.ts
View File

@ -147,31 +147,7 @@ export async function fetch(ctx: UserCtx) {
export async function getResourcePerms(ctx: UserCtx) { export async function getResourcePerms(ctx: UserCtx) {
const resourceId = ctx.params.resourceId const resourceId = ctx.params.resourceId
const db = context.getAppDB() ctx.body = await sdk.permissions.getResourcePerms(resourceId)
const body = await db.allDocs(
getRoleParams(null, {
include_docs: true,
})
)
const rolesList = body.rows.map(row => row.doc)
let permissions: Record<string, string> = {}
for (let level of SUPPORTED_LEVELS) {
// update the various roleIds in the resource permissions
for (let role of rolesList) {
const rolePerms = roles.checkForRoleResourceArray(
role.permissions,
resourceId
)
if (
rolePerms &&
rolePerms[resourceId] &&
rolePerms[resourceId].indexOf(level) !== -1
) {
permissions[level] = roles.getExternalRoleID(role._id, role.version)!
}
}
}
ctx.body = Object.assign(getBasePermissions(resourceId), permissions)
} }
export async function addPermission(ctx: UserCtx) { export async function addPermission(ctx: UserCtx) {

38
packages/server/src/sdk/app/permissions/index.ts
View File

@ -1,10 +1,15 @@
import { context, roles } from "@budibase/backend-core"
import { features } from "@budibase/pro"
import { import {
DocumentType, DocumentType,
PermissionLevel, PermissionLevel,
VirtualDocumentType, VirtualDocumentType,
} from "@budibase/types" } from "@budibase/types"
import { isViewID } from "../../../db/utils" import { getRoleParams, isViewID } from "../../../db/utils"
import { features } from "@budibase/pro" import {
CURRENTLY_SUPPORTED_LEVELS,
getBasePermissions,
} from "../../../utilities/security"
type ResourceActionAllowedResult = type ResourceActionAllowedResult =
| { allowed: true } | { allowed: true }
@ -35,3 +40,32 @@ export async function resourceActionAllowed({
resourceType: VirtualDocumentType.VIEW, resourceType: VirtualDocumentType.VIEW,
} }
} }
export async function getResourcePerms(resourceId: string) {
const db = context.getAppDB()
const body = await db.allDocs(
getRoleParams(null, {
include_docs: true,
})
)
const rolesList = body.rows.map(row => row.doc)
let permissions: Record<string, string> = {}
for (let level of CURRENTLY_SUPPORTED_LEVELS) {
// update the various roleIds in the resource permissions
for (let role of rolesList) {
const rolePerms = roles.checkForRoleResourceArray(
role.permissions,
resourceId
)
if (
rolePerms &&
rolePerms[resourceId] &&
rolePerms[resourceId].indexOf(level) !== -1
) {
permissions[level] = roles.getExternalRoleID(role._id, role.version)!
}
}
}
return Object.assign(getBasePermissions(resourceId), permissions)
}