Updating some enums, plural to single.

packages/backend-core/src/security/permissions.ts

@@ -5,7 +5,7 @@ export type RoleHierarchy = {
   permissionId: string
 }[]
 
-export enum PermissionLevels {
+export enum PermissionLevel {
   READ = "read",
   WRITE = "write",
   EXECUTE = "execute",
@@ -13,7 +13,7 @@ export enum PermissionLevels {
 }
 
 // these are the global types, that govern the underlying default behaviour
-export enum PermissionTypes {
+export enum PermissionType {
   APP = "app",
   TABLE = "table",
   USER = "user",
@@ -25,25 +25,25 @@ export enum PermissionTypes {
 }
 
 class Permission {
-  type: PermissionTypes
+  type: PermissionType
-  level: PermissionLevels
+  level: PermissionLevel
 
-  constructor(type: PermissionTypes, level: PermissionLevels) {
+  constructor(type: PermissionType, level: PermissionLevel) {
     this.type = type
     this.level = level
   }
 }
 
-function levelToNumber(perm: PermissionLevels) {
+function levelToNumber(perm: PermissionLevel) {
   switch (perm) {
     // not everything has execute privileges
-    case PermissionLevels.EXECUTE:
+    case PermissionLevel.EXECUTE:
       return 0
-    case PermissionLevels.READ:
+    case PermissionLevel.READ:
       return 1
-    case PermissionLevels.WRITE:
+    case PermissionLevel.WRITE:
       return 2
-    case PermissionLevels.ADMIN:
+    case PermissionLevel.ADMIN:
       return 3
     default:
       return -1
@@ -55,25 +55,25 @@ function levelToNumber(perm: PermissionLevels) {
  * @param {string} userPermLevel The permission level of the user.
  * @return {string[]} All the permission levels this user is allowed to carry out.
  */
-function getAllowedLevels(userPermLevel: PermissionLevels) {
+function getAllowedLevels(userPermLevel: PermissionLevel) {
   switch (userPermLevel) {
-    case PermissionLevels.EXECUTE:
+    case PermissionLevel.EXECUTE:
-      return [PermissionLevels.EXECUTE]
+      return [PermissionLevel.EXECUTE]
-    case PermissionLevels.READ:
+    case PermissionLevel.READ:
-      return [PermissionLevels.EXECUTE, PermissionLevels.READ]
+      return [PermissionLevel.EXECUTE, PermissionLevel.READ]
-    case PermissionLevels.WRITE:
+    case PermissionLevel.WRITE:
-    case PermissionLevels.ADMIN:
+    case PermissionLevel.ADMIN:
       return [
-        PermissionLevels.READ,
+        PermissionLevel.READ,
-        PermissionLevels.WRITE,
+        PermissionLevel.WRITE,
-        PermissionLevels.EXECUTE,
+        PermissionLevel.EXECUTE,
       ]
     default:
       return []
   }
 }
 
-export enum BUILTIN_PERMISSION_IDS {
+export enum BuiltinPermissionID {
   PUBLIC = "public",
   READ_ONLY = "read_only",
   WRITE = "write",
@@ -83,52 +83,52 @@ export enum BUILTIN_PERMISSION_IDS {
 
 const BUILTIN_PERMISSIONS = {
   PUBLIC: {
-    _id: BUILTIN_PERMISSION_IDS.PUBLIC,
+    _id: BuiltinPermissionID.PUBLIC,
     name: "Public",
     permissions: [
-      new Permission(PermissionTypes.WEBHOOK, PermissionLevels.EXECUTE),
+      new Permission(PermissionType.WEBHOOK, PermissionLevel.EXECUTE),
     ],
   },
   READ_ONLY: {
-    _id: BUILTIN_PERMISSION_IDS.READ_ONLY,
+    _id: BuiltinPermissionID.READ_ONLY,
     name: "Read only",
     permissions: [
-      new Permission(PermissionTypes.QUERY, PermissionLevels.READ),
+      new Permission(PermissionType.QUERY, PermissionLevel.READ),
-      new Permission(PermissionTypes.TABLE, PermissionLevels.READ),
+      new Permission(PermissionType.TABLE, PermissionLevel.READ),
-      new Permission(PermissionTypes.VIEW, PermissionLevels.READ),
+      new Permission(PermissionType.VIEW, PermissionLevel.READ),
     ],
   },
   WRITE: {
-    _id: BUILTIN_PERMISSION_IDS.WRITE,
+    _id: BuiltinPermissionID.WRITE,
     name: "Read/Write",
     permissions: [
-      new Permission(PermissionTypes.QUERY, PermissionLevels.WRITE),
+      new Permission(PermissionType.QUERY, PermissionLevel.WRITE),
-      new Permission(PermissionTypes.TABLE, PermissionLevels.WRITE),
+      new Permission(PermissionType.TABLE, PermissionLevel.WRITE),
-      new Permission(PermissionTypes.VIEW, PermissionLevels.READ),
+      new Permission(PermissionType.VIEW, PermissionLevel.READ),
-      new Permission(PermissionTypes.AUTOMATION, PermissionLevels.EXECUTE),
+      new Permission(PermissionType.AUTOMATION, PermissionLevel.EXECUTE),
     ],
   },
   POWER: {
-    _id: BUILTIN_PERMISSION_IDS.POWER,
+    _id: BuiltinPermissionID.POWER,
     name: "Power",
     permissions: [
-      new Permission(PermissionTypes.TABLE, PermissionLevels.WRITE),
+      new Permission(PermissionType.TABLE, PermissionLevel.WRITE),
-      new Permission(PermissionTypes.USER, PermissionLevels.READ),
+      new Permission(PermissionType.USER, PermissionLevel.READ),
-      new Permission(PermissionTypes.AUTOMATION, PermissionLevels.EXECUTE),
+      new Permission(PermissionType.AUTOMATION, PermissionLevel.EXECUTE),
-      new Permission(PermissionTypes.VIEW, PermissionLevels.READ),
+      new Permission(PermissionType.VIEW, PermissionLevel.READ),
-      new Permission(PermissionTypes.WEBHOOK, PermissionLevels.READ),
+      new Permission(PermissionType.WEBHOOK, PermissionLevel.READ),
     ],
   },
   ADMIN: {
-    _id: BUILTIN_PERMISSION_IDS.ADMIN,
+    _id: BuiltinPermissionID.ADMIN,
     name: "Admin",
     permissions: [
-      new Permission(PermissionTypes.TABLE, PermissionLevels.ADMIN),
+      new Permission(PermissionType.TABLE, PermissionLevel.ADMIN),
-      new Permission(PermissionTypes.USER, PermissionLevels.ADMIN),
+      new Permission(PermissionType.USER, PermissionLevel.ADMIN),
-      new Permission(PermissionTypes.AUTOMATION, PermissionLevels.ADMIN),
+      new Permission(PermissionType.AUTOMATION, PermissionLevel.ADMIN),
-      new Permission(PermissionTypes.VIEW, PermissionLevels.ADMIN),
+      new Permission(PermissionType.VIEW, PermissionLevel.ADMIN),
-      new Permission(PermissionTypes.WEBHOOK, PermissionLevels.READ),
+      new Permission(PermissionType.WEBHOOK, PermissionLevel.READ),
-      new Permission(PermissionTypes.QUERY, PermissionLevels.ADMIN),
+      new Permission(PermissionType.QUERY, PermissionLevel.ADMIN),
     ],
   },
 }
@@ -143,8 +143,8 @@ export function getBuiltinPermissionByID(id: string) {
 }
 
 export function doesHaveBasePermission(
-  permType: PermissionTypes,
+  permType: PermissionType,
-  permLevel: PermissionLevels,
+  permLevel: PermissionLevel,
   rolesHierarchy: RoleHierarchy
 ) {
   const basePermissions = [
@@ -167,9 +167,9 @@ export function doesHaveBasePermission(
   return false
 }
 
-export function isPermissionLevelHigherThanRead(level: PermissionLevels) {
+export function isPermissionLevelHigherThanRead(level: PermissionLevel) {
   return levelToNumber(level) > 1
 }
 
 // utility as a lot of things need simply the builder permission
-export const BUILDER = PermissionTypes.BUILDER
+export const BUILDER = PermissionType.BUILDER

packages/backend-core/src/security/roles.ts

@@ -1,4 +1,4 @@
-import { BUILTIN_PERMISSION_IDS, PermissionLevels } from "./permissions"
+import { BuiltinPermissionID, PermissionLevel } from "./permissions"
 import {
   generateRoleID,
   getRoleParams,
@@ -54,19 +54,19 @@ export class Role {
 
 const BUILTIN_ROLES = {
   ADMIN: new Role(BUILTIN_IDS.ADMIN, "Admin")
-    .addPermission(BUILTIN_PERMISSION_IDS.ADMIN)
+    .addPermission(BuiltinPermissionID.ADMIN)
     .addInheritance(BUILTIN_IDS.POWER),
   POWER: new Role(BUILTIN_IDS.POWER, "Power")
-    .addPermission(BUILTIN_PERMISSION_IDS.POWER)
+    .addPermission(BuiltinPermissionID.POWER)
     .addInheritance(BUILTIN_IDS.BASIC),
   BASIC: new Role(BUILTIN_IDS.BASIC, "Basic")
-    .addPermission(BUILTIN_PERMISSION_IDS.WRITE)
+    .addPermission(BuiltinPermissionID.WRITE)
     .addInheritance(BUILTIN_IDS.PUBLIC),
   PUBLIC: new Role(BUILTIN_IDS.PUBLIC, "Public").addPermission(
-    BUILTIN_PERMISSION_IDS.PUBLIC
+    BuiltinPermissionID.PUBLIC
   ),
   BUILDER: new Role(BUILTIN_IDS.BUILDER, "Builder").addPermission(
-    BUILTIN_PERMISSION_IDS.ADMIN
+    BuiltinPermissionID.ADMIN
   ),
 }
 
@@ -227,8 +227,8 @@ export function checkForRoleResourceArray(
   if (rolePerms && !Array.isArray(rolePerms[resourceId])) {
     const permLevel = rolePerms[resourceId] as any
     rolePerms[resourceId] = [permLevel]
-    if (permLevel === PermissionLevels.WRITE) {
+    if (permLevel === PermissionLevel.WRITE) {
-      rolePerms[resourceId].push(PermissionLevels.READ)
+      rolePerms[resourceId].push(PermissionLevel.READ)
     }
   }
   return rolePerms

packages/server/src/api/routes/automation.js

@@ -3,8 +3,8 @@ const controller = require("../controllers/automation")
 const authorized = require("../../middleware/authorized")
 const {
   BUILDER,
-  PermissionLevels,
+  PermissionLevel,
-  PermissionTypes,
+  PermissionType,
 } = require("@budibase/backend-core/permissions")
 const { bodyResource, paramResource } = require("../../middleware/resourceId")
 const {
@@ -71,14 +71,14 @@ router
     "/api/automations/:id/trigger",
     appInfoMiddleware({ appType: AppType.PROD }),
     paramResource("id"),
-    authorized(PermissionTypes.AUTOMATION, PermissionLevels.EXECUTE),
+    authorized(PermissionType.AUTOMATION, PermissionLevel.EXECUTE),
     controller.trigger
   )
   .post(
     "/api/automations/:id/test",
     appInfoMiddleware({ appType: AppType.DEV }),
     paramResource("id"),
-    authorized(PermissionTypes.AUTOMATION, PermissionLevels.EXECUTE),
+    authorized(PermissionType.AUTOMATION, PermissionLevel.EXECUTE),
     controller.test
   )
 

packages/server/src/api/routes/datasource.js

@@ -3,8 +3,8 @@ const datasourceController = require("../controllers/datasource")
 const authorized = require("../../middleware/authorized")
 const {
   BUILDER,
-  PermissionLevels,
+  PermissionLevel,
-  PermissionTypes,
+  PermissionType,
 } = require("@budibase/backend-core/permissions")
 const {
   datasourceValidator,
@@ -17,17 +17,17 @@ router
   .get("/api/datasources", authorized(BUILDER), datasourceController.fetch)
   .get(
     "/api/datasources/:datasourceId",
-    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
+    authorized(PermissionType.TABLE, PermissionLevel.READ),
     datasourceController.find
   )
   .put(
     "/api/datasources/:datasourceId",
-    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
+    authorized(PermissionType.TABLE, PermissionLevel.READ),
     datasourceController.update
   )
   .post(
     "/api/datasources/query",
-    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
+    authorized(PermissionType.TABLE, PermissionLevel.READ),
     datasourceQueryValidator(),
     datasourceController.query
   )

packages/server/src/api/routes/public/index.ts

@@ -13,8 +13,8 @@ import env from "../../../environment"
 const Router = require("@koa/router")
 const { RateLimit, Stores } = require("koa2-ratelimit")
 const {
-  PermissionLevels,
+  PermissionLevel,
-  PermissionTypes,
+  PermissionType,
 } = require("@budibase/backend-core/permissions")
 const { getRedisOptions } = require("@budibase/backend-core/redis").utils
 
@@ -105,7 +105,7 @@ function applyRoutes(
     : paramResource(resource)
   const publicApiMiddleware = publicApi({
     requiresAppId:
-      permType !== PermissionTypes.APP && permType !== PermissionTypes.USER,
+      permType !== PermissionType.APP && permType !== PermissionType.USER,
   })
   addMiddleware(endpoints.read, publicApiMiddleware)
   addMiddleware(endpoints.write, publicApiMiddleware)
@@ -113,8 +113,8 @@ function applyRoutes(
   addMiddleware(endpoints.read, paramMiddleware)
   addMiddleware(endpoints.write, paramMiddleware)
   // add the authorization middleware, using the correct perm type
-  addMiddleware(endpoints.read, authorized(permType, PermissionLevels.READ))
+  addMiddleware(endpoints.read, authorized(permType, PermissionLevel.READ))
-  addMiddleware(endpoints.write, authorized(permType, PermissionLevels.WRITE))
+  addMiddleware(endpoints.write, authorized(permType, PermissionLevel.WRITE))
   // add the output mapper middleware
   addMiddleware(endpoints.read, mapperMiddleware, { output: true })
   addMiddleware(endpoints.write, mapperMiddleware, { output: true })
@@ -122,12 +122,12 @@ function applyRoutes(
   addToRouter(endpoints.write)
 }
 
-applyRoutes(appEndpoints, PermissionTypes.APP, "appId")
+applyRoutes(appEndpoints, PermissionType.APP, "appId")
-applyRoutes(tableEndpoints, PermissionTypes.TABLE, "tableId")
+applyRoutes(tableEndpoints, PermissionType.TABLE, "tableId")
-applyRoutes(userEndpoints, PermissionTypes.USER, "userId")
+applyRoutes(userEndpoints, PermissionType.USER, "userId")
-applyRoutes(queryEndpoints, PermissionTypes.QUERY, "queryId")
+applyRoutes(queryEndpoints, PermissionType.QUERY, "queryId")
 // needs to be applied last for routing purposes, don't override other endpoints
-applyRoutes(rowEndpoints, PermissionTypes.TABLE, "tableId", "rowId")
+applyRoutes(rowEndpoints, PermissionType.TABLE, "tableId", "rowId")
 
 export default publicRouter
 

packages/server/src/api/routes/query.js

@@ -2,8 +2,8 @@ const Router = require("@koa/router")
 const queryController = require("../controllers/query")
 const authorized = require("../../middleware/authorized")
 const {
-  PermissionLevels,
+  PermissionLevel,
-  PermissionTypes,
+  PermissionType,
   BUILDER,
 } = require("@budibase/backend-core/permissions")
 const {
@@ -38,20 +38,20 @@ router
   .get(
     "/api/queries/:queryId",
     paramResource("queryId"),
-    authorized(PermissionTypes.QUERY, PermissionLevels.READ),
+    authorized(PermissionType.QUERY, PermissionLevel.READ),
     queryController.find
   )
   // DEPRECATED - use new query endpoint for future work
   .post(
     "/api/queries/:queryId",
     paramResource("queryId"),
-    authorized(PermissionTypes.QUERY, PermissionLevels.WRITE),
+    authorized(PermissionType.QUERY, PermissionLevel.WRITE),
     queryController.executeV1
   )
   .post(
     "/api/v2/queries/:queryId",
     paramResource("queryId"),
-    authorized(PermissionTypes.QUERY, PermissionLevels.WRITE),
+    authorized(PermissionType.QUERY, PermissionLevel.WRITE),
     queryController.executeV2
   )
   .delete(

packages/server/src/api/routes/row.ts

@@ -3,8 +3,8 @@ import * as rowController from "../controllers/row"
 import authorized from "../../middleware/authorized"
 import { paramResource, paramSubResource } from "../../middleware/resourceId"
 const {
-  PermissionLevels,
+  PermissionLevel,
-  PermissionTypes,
+  PermissionType,
 } = require("@budibase/backend-core/permissions")
 const { internalSearchValidator } = require("./utils/validators")
 
@@ -28,7 +28,7 @@ router
   .get(
     "/api/:tableId/:rowId/enrich",
     paramSubResource("tableId", "rowId"),
-    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
+    authorized(PermissionType.TABLE, PermissionLevel.READ),
     rowController.fetchEnrichedRow
   )
   /**
@@ -48,7 +48,7 @@ router
   .get(
     "/api/:tableId/rows",
     paramResource("tableId"),
-    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
+    authorized(PermissionType.TABLE, PermissionLevel.READ),
     rowController.fetch
   )
   /**
@@ -67,7 +67,7 @@ router
   .get(
     "/api/:tableId/rows/:rowId",
     paramSubResource("tableId", "rowId"),
-    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
+    authorized(PermissionType.TABLE, PermissionLevel.READ),
     rowController.find
   )
   /**
@@ -137,7 +137,7 @@ router
     "/api/:tableId/search",
     internalSearchValidator(),
     paramResource("tableId"),
-    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
+    authorized(PermissionType.TABLE, PermissionLevel.READ),
     rowController.search
   )
   // DEPRECATED - this is an old API, but for backwards compat it needs to be
@@ -145,7 +145,7 @@ router
   .post(
     "/api/search/:tableId/rows",
     paramResource("tableId"),
-    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
+    authorized(PermissionType.TABLE, PermissionLevel.READ),
     rowController.search
   )
   /**
@@ -175,7 +175,7 @@ router
   .post(
     "/api/:tableId/rows",
     paramResource("tableId"),
-    authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),
+    authorized(PermissionType.TABLE, PermissionLevel.WRITE),
     rowController.save
   )
   /**
@@ -189,7 +189,7 @@ router
   .patch(
     "/api/:tableId/rows",
     paramResource("tableId"),
-    authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),
+    authorized(PermissionType.TABLE, PermissionLevel.WRITE),
     rowController.patch
   )
   /**
@@ -215,7 +215,7 @@ router
   .post(
     "/api/:tableId/rows/validate",
     paramResource("tableId"),
-    authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),
+    authorized(PermissionType.TABLE, PermissionLevel.WRITE),
     rowController.validate
   )
   /**
@@ -241,7 +241,7 @@ router
   .delete(
     "/api/:tableId/rows",
     paramResource("tableId"),
-    authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),
+    authorized(PermissionType.TABLE, PermissionLevel.WRITE),
     rowController.destroy
   )
 
@@ -261,7 +261,7 @@ router
   .post(
     "/api/:tableId/rows/exportRows",
     paramResource("tableId"),
-    authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),
+    authorized(PermissionType.TABLE, PermissionLevel.WRITE),
     rowController.exportRows
   )
 

packages/server/src/api/routes/static.ts

@@ -4,8 +4,8 @@ import { budibaseTempDir } from "../../utilities/budibaseDir"
 import authorized from "../../middleware/authorized"
 import {
   BUILDER,
-  PermissionTypes,
+  PermissionType,
-  PermissionLevels,
+  PermissionLevel,
 } from "@budibase/backend-core/permissions"
 import * as env from "../../environment"
 import { paramResource } from "../../middleware/resourceId"
@@ -47,13 +47,13 @@ router
   .post(
     "/api/attachments/:tableId/upload",
     paramResource("tableId"),
-    authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),
+    authorized(PermissionType.TABLE, PermissionLevel.WRITE),
     controller.uploadFile
   )
   .post(
     "/api/attachments/:tableId/delete",
     paramResource("tableId"),
-    authorized(PermissionTypes.TABLE, PermissionLevels.WRITE),
+    authorized(PermissionType.TABLE, PermissionLevel.WRITE),
     controller.deleteObjects
   )
   .get("/app/preview", authorized(BUILDER), controller.serveBuilderPreview)
@@ -61,7 +61,7 @@ router
   .get("/app/:appUrl/:path*", controller.serveApp)
   .post(
     "/api/attachments/:datasourceId/url",
-    authorized(PermissionTypes.TABLE, PermissionLevels.READ),
+    authorized(PermissionType.TABLE, PermissionLevel.READ),
     controller.getSignedUploadURL
   )
 

packages/server/src/api/routes/table.js

@@ -4,8 +4,8 @@ const authorized = require("../../middleware/authorized")
 const { paramResource, bodyResource } = require("../../middleware/resourceId")
 const {
   BUILDER,
-  PermissionLevels,
+  PermissionLevel,
-  PermissionTypes,
+  PermissionType,
 } = require("@budibase/backend-core/permissions")
 const { tableValidator } = require("./utils/validators")
 
@@ -40,7 +40,7 @@ router
   .get(
     "/api/tables/:tableId",
     paramResource("tableId"),
-    authorized(PermissionTypes.TABLE, PermissionLevels.READ, { schema: true }),
+    authorized(PermissionType.TABLE, PermissionLevel.READ, { schema: true }),
     tableController.find
   )
   /**

packages/server/src/api/routes/tests/role.spec.js

@@ -1,6 +1,6 @@
 const { BUILTIN_ROLE_IDS } = require("@budibase/backend-core/roles")
 const {
-  BUILTIN_PERMISSION_IDS,
+  BuiltinPermissionID,
 } = require("@budibase/backend-core/permissions")
 const setup = require("./utilities")
 const { basicRole } = setup.structures
@@ -76,18 +76,18 @@ describe("/roles", () => {
       const adminRole = res.body.find(r => r._id === BUILTIN_ROLE_IDS.ADMIN)
       expect(adminRole).toBeDefined()
       expect(adminRole.inherits).toEqual(BUILTIN_ROLE_IDS.POWER)
-      expect(adminRole.permissionId).toEqual(BUILTIN_PERMISSION_IDS.ADMIN)
+      expect(adminRole.permissionId).toEqual(BuiltinPermissionID.ADMIN)
 
       const powerUserRole = res.body.find(r => r._id === BUILTIN_ROLE_IDS.POWER)
       expect(powerUserRole).toBeDefined()
       expect(powerUserRole.inherits).toEqual(BUILTIN_ROLE_IDS.BASIC)
-      expect(powerUserRole.permissionId).toEqual(BUILTIN_PERMISSION_IDS.POWER)
+      expect(powerUserRole.permissionId).toEqual(BuiltinPermissionID.POWER)
 
       const customRoleFetched = res.body.find(r => r._id === customRole._id)
       expect(customRoleFetched).toBeDefined()
       expect(customRoleFetched.inherits).toEqual(BUILTIN_ROLE_IDS.BASIC)
       expect(customRoleFetched.permissionId).toEqual(
-        BUILTIN_PERMISSION_IDS.READ_ONLY
+        BuiltinPermissionID.READ_ONLY
       )
     })
 
@@ -109,7 +109,7 @@ describe("/roles", () => {
     it("should delete custom roles", async () => {
       const customRole = await config.createRole({
         name: "user",
-        permissionId: BUILTIN_PERMISSION_IDS.READ_ONLY,
+        permissionId: BuiltinPermissionID.READ_ONLY,
         inherits: BUILTIN_ROLE_IDS.BASIC,
       })
       delete customRole._rev_tree

packages/server/src/api/routes/user.js

@@ -2,8 +2,8 @@ const Router = require("@koa/router")
 const controller = require("../controllers/user")
 const authorized = require("../../middleware/authorized")
 const {
-  PermissionLevels,
+  PermissionLevel,
-  PermissionTypes,
+  PermissionType,
 } = require("@budibase/backend-core/permissions")
 
 const router = new Router()
@@ -11,42 +11,42 @@ const router = new Router()
 router
   .get(
     "/api/users/metadata",
-    authorized(PermissionTypes.USER, PermissionLevels.READ),
+    authorized(PermissionType.USER, PermissionLevel.READ),
     controller.fetchMetadata
   )
   .get(
     "/api/users/metadata/:id",
-    authorized(PermissionTypes.USER, PermissionLevels.READ),
+    authorized(PermissionType.USER, PermissionLevel.READ),
     controller.findMetadata
   )
   .put(
     "/api/users/metadata",
-    authorized(PermissionTypes.USER, PermissionLevels.WRITE),
+    authorized(PermissionType.USER, PermissionLevel.WRITE),
     controller.updateMetadata
   )
   .post(
     "/api/users/metadata/self",
-    authorized(PermissionTypes.USER, PermissionLevels.WRITE),
+    authorized(PermissionType.USER, PermissionLevel.WRITE),
     controller.updateSelfMetadata
   )
   .delete(
     "/api/users/metadata/:id",
-    authorized(PermissionTypes.USER, PermissionLevels.WRITE),
+    authorized(PermissionType.USER, PermissionLevel.WRITE),
     controller.destroyMetadata
   )
   .post(
     "/api/users/metadata/sync/:id",
-    authorized(PermissionTypes.USER, PermissionLevels.WRITE),
+    authorized(PermissionType.USER, PermissionLevel.WRITE),
     controller.syncUser
   )
   .post(
     "/api/users/flags",
-    authorized(PermissionTypes.USER, PermissionLevels.WRITE),
+    authorized(PermissionType.USER, PermissionLevel.WRITE),
     controller.setFlag
   )
   .get(
     "/api/users/flags",
-    authorized(PermissionTypes.USER, PermissionLevels.READ),
+    authorized(PermissionType.USER, PermissionLevel.READ),
     controller.getFlags
   )
 

packages/server/src/api/routes/utils/validators.js

@@ -1,8 +1,8 @@
 const { joiValidator } = require("@budibase/backend-core/auth")
 const { DataSourceOperation } = require("../../../constants")
 const {
-  BUILTIN_PERMISSION_IDS,
+  BuiltinPermissionID,
-  PermissionLevels,
+  PermissionLevel,
 } = require("@budibase/backend-core/permissions")
 const { WebhookActionType } = require("@budibase/types")
 const Joi = require("joi")
@@ -133,14 +133,14 @@ exports.webhookValidator = () => {
 }
 
 exports.roleValidator = () => {
-  const permLevelArray = Object.values(PermissionLevels)
+  const permLevelArray = Object.values(PermissionLevel)
   // prettier-ignore
   return joiValidator.body(Joi.object({
     _id: OPTIONAL_STRING,
     _rev: OPTIONAL_STRING,
     name: Joi.string().required(),
     // this is the base permission ID (for now a built in)
-    permissionId: Joi.string().valid(...Object.values(BUILTIN_PERMISSION_IDS)).required(),
+    permissionId: Joi.string().valid(...Object.values(BuiltinPermissionID)).required(),
     permissions: Joi.object()
       .pattern(/.*/, [Joi.string().valid(...permLevelArray)])
       .optional(),
@@ -149,7 +149,7 @@ exports.roleValidator = () => {
 }
 
 exports.permissionValidator = () => {
-  const permLevelArray = Object.values(PermissionLevels)
+  const permLevelArray = Object.values(PermissionLevel)
   // prettier-ignore
   return joiValidator.params(Joi.object({
     level: Joi.string().valid(...permLevelArray).required(),

packages/server/src/api/routes/view.js

@@ -5,8 +5,8 @@ const authorized = require("../../middleware/authorized")
 const { paramResource } = require("../../middleware/resourceId")
 const {
   BUILDER,
-  PermissionTypes,
+  PermissionType,
-  PermissionLevels,
+  PermissionLevel,
 } = require("@budibase/backend-core/permissions")
 
 const router = new Router()
@@ -16,7 +16,7 @@ router
   .get(
     "/api/views/:viewName",
     paramResource("viewName"),
-    authorized(PermissionTypes.VIEW, PermissionLevels.READ),
+    authorized(PermissionType.VIEW, PermissionLevel.READ),
     rowController.fetchView
   )
   .get("/api/views", authorized(BUILDER), viewController.fetch)

packages/server/src/middleware/authorized.ts

@@ -4,8 +4,8 @@ import {
   BUILTIN_ROLE_IDS,
 } from "@budibase/backend-core/roles"
 const {
-  PermissionTypes,
+  PermissionType,
-  PermissionLevels,
+  PermissionLevel,
   doesHaveBasePermission,
 } = require("@budibase/backend-core/permissions")
 const builderMiddleware = require("./builder")
@@ -33,7 +33,7 @@ const checkAuthorized = async (
 ) => {
   // check if this is a builder api and the user is not a builder
   const isBuilder = ctx.user && ctx.user.builder && ctx.user.builder.global
-  const isBuilderApi = permType === PermissionTypes.BUILDER
+  const isBuilderApi = permType === PermissionType.BUILDER
   if (isBuilderApi && !isBuilder) {
     return ctx.throw(403, "Not Authorized")
   }
@@ -91,9 +91,9 @@ export = (permType: any, permLevel: any = null, opts = { schema: false }) =>
     let resourceRoles: any = []
     let otherLevelRoles: any = []
     const otherLevel =
-      permLevel === PermissionLevels.READ
+      permLevel === PermissionLevel.READ
-        ? PermissionLevels.WRITE
+        ? PermissionLevel.WRITE
-        : PermissionLevels.READ
+        : PermissionLevel.READ
     const appId = getAppId()
     if (appId && hasResource(ctx)) {
       resourceRoles = await getRequiredResourceRole(permLevel, ctx)

packages/server/src/middleware/builder.ts

@@ -70,7 +70,7 @@ export = async function builder(ctx: BBContext, permType: string) {
   if (!appId) {
     return
   }
-  const isBuilderApi = permType === permissions.PermissionTypes.BUILDER
+  const isBuilderApi = permType === permissions.PermissionType.BUILDER
   const referer = ctx.headers["referer"]
 
   const overviewPath = "/builder/portal/overview/"

packages/server/src/middleware/tests/authorized.spec.js

@@ -9,7 +9,7 @@ jest.mock("../../environment", () => ({
 )
 const authorizedMiddleware = require("../authorized")
 const env = require("../../environment")
-const { PermissionTypes, PermissionLevels } = require("@budibase/backend-core/permissions")
+const { PermissionType, PermissionLevel } = require("@budibase/backend-core/permissions")
 const { doInAppContext } = require("@budibase/backend-core/context")
 
 const APP_ID = ""
@@ -113,7 +113,7 @@ describe("Authorization middleware", () => {
     
     it("throws if the user does not have builder permissions", async () => {
       config.setEnvironment(false)
-      config.setMiddlewareRequiredPermission(PermissionTypes.BUILDER)
+      config.setMiddlewareRequiredPermission(PermissionType.BUILDER)
       config.setUser({
         role: {
           _id: ""
@@ -125,13 +125,13 @@ describe("Authorization middleware", () => {
     })
 
     it("passes on to next() middleware if the user has resource permission", async () => {
-      config.setResourceId(PermissionTypes.QUERY)
+      config.setResourceId(PermissionType.QUERY)
       config.setUser({
         role: {
           _id: ""
         }
       })
-      config.setMiddlewareRequiredPermission(PermissionTypes.QUERY)
+      config.setMiddlewareRequiredPermission(PermissionType.QUERY)
 
       await config.executeMiddleware()
       expect(config.next).toHaveBeenCalled()
@@ -155,7 +155,7 @@ describe("Authorization middleware", () => {
           _id: ""
         },
       })
-      config.setMiddlewareRequiredPermission(PermissionTypes.ADMIN, PermissionLevels.BASIC)
+      config.setMiddlewareRequiredPermission(PermissionType.ADMIN, PermissionLevel.BASIC)
       
       await config.executeMiddleware()
       expect(config.throw).toHaveBeenCalledWith(403, "User does not have permission")

packages/server/src/tests/utilities/structures.js

@@ -1,5 +1,5 @@
 const { BUILTIN_ROLE_IDS } = require("@budibase/backend-core/roles")
-const { BUILTIN_PERMISSION_IDS } = require("@budibase/backend-core/permissions")
+const { BuiltinPermissionID } = require("@budibase/backend-core/permissions")
 const { createHomeScreen } = require("../../constants/screens")
 const { EMPTY_LAYOUT } = require("../../constants/layouts")
 const { cloneDeep } = require("lodash/fp")
@@ -135,7 +135,7 @@ exports.basicRole = () => {
   return {
     name: "NewRole",
     inherits: BUILTIN_ROLE_IDS.BASIC,
-    permissionId: BUILTIN_PERMISSION_IDS.READ_ONLY,
+    permissionId: BuiltinPermissionID.READ_ONLY,
   }
 }
 

packages/server/src/utilities/security.js

@@ -1,6 +1,6 @@
 const {
-  PermissionLevels,
+  PermissionLevel,
-  PermissionTypes,
+  PermissionType,
   getBuiltinPermissionByID,
   isPermissionLevelHigherThanRead,
 } = require("@budibase/backend-core/permissions")
@@ -11,9 +11,9 @@ const {
 const { DocumentType } = require("../db/utils")
 
 const CURRENTLY_SUPPORTED_LEVELS = [
-  PermissionLevels.WRITE,
+  PermissionLevel.WRITE,
-  PermissionLevels.READ,
+  PermissionLevel.READ,
-  PermissionLevels.EXECUTE,
+  PermissionLevel.EXECUTE,
 ]
 
 exports.getPermissionType = resourceId => {
@@ -23,17 +23,17 @@ exports.getPermissionType = resourceId => {
   switch (docType) {
     case DocumentType.TABLE:
     case DocumentType.ROW:
-      return PermissionTypes.TABLE
+      return PermissionType.TABLE
     case DocumentType.AUTOMATION:
-      return PermissionTypes.AUTOMATION
+      return PermissionType.AUTOMATION
     case DocumentType.WEBHOOK:
-      return PermissionTypes.WEBHOOK
+      return PermissionType.WEBHOOK
     case DocumentType.QUERY:
     case DocumentType.DATASOURCE:
-      return PermissionTypes.QUERY
+      return PermissionType.QUERY
     default:
       // views don't have an ID, will end up here
-      return PermissionTypes.VIEW
+      return PermissionType.VIEW
   }
 }
 
@@ -58,8 +58,8 @@ exports.getBasePermissions = resourceId => {
       const level = typedPermission.level
       permissions[level] = lowerBuiltinRoleID(permissions[level], roleId)
       if (isPermissionLevelHigherThanRead(level)) {
-        permissions[PermissionLevels.READ] = lowerBuiltinRoleID(
+        permissions[PermissionLevel.READ] = lowerBuiltinRoleID(
-          permissions[PermissionLevels.READ],
+          permissions[PermissionLevel.READ],
           roleId
         )
       }