Move permissions code to sdk

2023-08-31 10:36:17 +02:00 · 2023-08-31 10:36:17 +02:00 · dcd8c3b289
parent d36c7d744f
commit dcd8c3b289
2 changed files with 37 additions and 27 deletions
--- a/packages/server/src/api/controllers/permission.ts
+++ b/packages/server/src/api/controllers/permission.ts
@ -147,31 +147,7 @@ export async function fetch(ctx: UserCtx) {

 export async function getResourcePerms(ctx: UserCtx) {
  const resourceId = ctx.params.resourceId
-  const db = context.getAppDB()
-  const body = await db.allDocs(
-    getRoleParams(null, {
-      include_docs: true,
-    })
-  )
-  const rolesList = body.rows.map(row => row.doc)
-  let permissions: Record<string, string> = {}
-  for (let level of SUPPORTED_LEVELS) {
-    // update the various roleIds in the resource permissions
-    for (let role of rolesList) {
-      const rolePerms = roles.checkForRoleResourceArray(
-        role.permissions,
-        resourceId
-      )
-      if (
-        rolePerms &&
-        rolePerms[resourceId] &&
-        rolePerms[resourceId].indexOf(level) !== -1
-      ) {
-        permissions[level] = roles.getExternalRoleID(role._id, role.version)!
-      }
-    }
-  }
-  ctx.body = Object.assign(getBasePermissions(resourceId), permissions)
+  ctx.body = await sdk.permissions.getResourcePerms(resourceId)
 }

 export async function addPermission(ctx: UserCtx) {
--- a/packages/server/src/sdk/app/permissions/index.ts
+++ b/packages/server/src/sdk/app/permissions/index.ts
@ -1,10 +1,15 @@
+import { context, roles } from "@budibase/backend-core"
+import { features } from "@budibase/pro"
 import {
  DocumentType,
  PermissionLevel,
  VirtualDocumentType,
 } from "@budibase/types"
-import { isViewID } from "../../../db/utils"
-import { features } from "@budibase/pro"
+import { getRoleParams, isViewID } from "../../../db/utils"
+import {
+  CURRENTLY_SUPPORTED_LEVELS,
+  getBasePermissions,
+} from "../../../utilities/security"

 type ResourceActionAllowedResult =
  | { allowed: true }
@ -35,3 +40,32 @@ export async function resourceActionAllowed({
    resourceType: VirtualDocumentType.VIEW,
  }
 }
+
+export async function getResourcePerms(resourceId: string) {
+  const db = context.getAppDB()
+  const body = await db.allDocs(
+    getRoleParams(null, {
+      include_docs: true,
+    })
+  )
+  const rolesList = body.rows.map(row => row.doc)
+  let permissions: Record<string, string> = {}
+  for (let level of CURRENTLY_SUPPORTED_LEVELS) {
+    // update the various roleIds in the resource permissions
+    for (let role of rolesList) {
+      const rolePerms = roles.checkForRoleResourceArray(
+        role.permissions,
+        resourceId
+      )
+      if (
+        rolePerms &&
+        rolePerms[resourceId] &&
+        rolePerms[resourceId].indexOf(level) !== -1
+      ) {
+        permissions[level] = roles.getExternalRoleID(role._id, role.version)!
+      }
+    }
+  }
+
+  return Object.assign(getBasePermissions(resourceId), permissions)
+}