mirror of
https://github.com/versia-pub/server.git
synced 2026-01-26 20:26:01 +01:00
fix(api): 🐛 Add default role with default permissions in roles API
This commit is contained in:
Jesse Wierzbinski
parent
11369649c0
commit
d2f5aaf114
|
|
@ -1,3 +1,4 @@
|
||||||
|
import { config } from "config-manager";
|
||||||
import {
|
import {
|
||||||
type InferInsertModel,
|
type InferInsertModel,
|
||||||
type InferSelectModel,
|
type InferSelectModel,
|
||||||
|
|
@ -36,15 +37,48 @@ export class Role {
|
||||||
return new Role(found);
|
return new Role(found);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static async getUserRoles(userId: string) {
|
public static async getUserRoles(userId: string, isAdmin: boolean) {
|
||||||
return (
|
return (
|
||||||
await db.query.RoleToUsers.findMany({
|
await db.query.RoleToUsers.findMany({
|
||||||
where: (role, { eq }) => eq(role.userId, userId),
|
where: (role, { eq }) => eq(role.userId, userId),
|
||||||
with: {
|
with: {
|
||||||
role: true,
|
role: true,
|
||||||
|
user: {
|
||||||
|
columns: {
|
||||||
|
isAdmin: true,
|
||||||
|
},
|
||||||
|
},
|
||||||
},
|
},
|
||||||
})
|
})
|
||||||
).map((r) => new Role(r.role));
|
)
|
||||||
|
.map((r) => new Role(r.role))
|
||||||
|
.concat(
|
||||||
|
new Role({
|
||||||
|
id: "default",
|
||||||
|
name: "Default",
|
||||||
|
permissions: config.permissions.default,
|
||||||
|
priority: 0,
|
||||||
|
description: "Default role for all users",
|
||||||
|
visible: false,
|
||||||
|
icon: null,
|
||||||
|
}),
|
||||||
|
)
|
||||||
|
.concat(
|
||||||
|
isAdmin
|
||||||
|
? [
|
||||||
|
new Role({
|
||||||
|
id: "admin",
|
||||||
|
name: "Admin",
|
||||||
|
permissions: config.permissions.admin,
|
||||||
|
priority: 2 ** 31 - 1,
|
||||||
|
description:
|
||||||
|
"Default role for all administrators",
|
||||||
|
visible: false,
|
||||||
|
icon: null,
|
||||||
|
}),
|
||||||
|
]
|
||||||
|
: [],
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static async manyFromSql(
|
public static async manyFromSql(
|
||||||
|
|
|
||||||
|
|
@ -182,7 +182,8 @@ describe(meta.route, () => {
|
||||||
|
|
||||||
expect(response2.ok).toBe(true);
|
expect(response2.ok).toBe(true);
|
||||||
const roles = await response2.json();
|
const roles = await response2.json();
|
||||||
expect(roles).toHaveLength(2);
|
// The default role will still be there
|
||||||
|
expect(roles).toHaveLength(3);
|
||||||
expect(roles).toContainEqual({
|
expect(roles).toContainEqual({
|
||||||
id: roleNotLinked.id,
|
id: roleNotLinked.id,
|
||||||
name: "test2",
|
name: "test2",
|
||||||
|
|
@ -228,7 +229,8 @@ describe(meta.route, () => {
|
||||||
|
|
||||||
expect(response2.ok).toBe(true);
|
expect(response2.ok).toBe(true);
|
||||||
const roles = await response2.json();
|
const roles = await response2.json();
|
||||||
expect(roles).toHaveLength(1);
|
// The default role will still be there
|
||||||
|
expect(roles).toHaveLength(2);
|
||||||
expect(roles).not.toContainEqual({
|
expect(roles).not.toContainEqual({
|
||||||
name: "test",
|
name: "test",
|
||||||
permissions: ADMIN_ROLES,
|
permissions: ADMIN_ROLES,
|
||||||
|
|
|
||||||
|
|
@ -45,7 +45,10 @@ export default (app: Hono) =>
|
||||||
return errorResponse("Unauthorized", 401);
|
return errorResponse("Unauthorized", 401);
|
||||||
}
|
}
|
||||||
|
|
||||||
const userRoles = await Role.getUserRoles(user.id);
|
const userRoles = await Role.getUserRoles(
|
||||||
|
user.id,
|
||||||
|
user.getUser().isAdmin,
|
||||||
|
);
|
||||||
const role = await Role.fromId(id);
|
const role = await Role.fromId(id);
|
||||||
|
|
||||||
if (!role) {
|
if (!role) {
|
||||||
|
|
|
||||||
|
|
@ -49,7 +49,7 @@ describe(meta.route, () => {
|
||||||
|
|
||||||
expect(response.ok).toBe(true);
|
expect(response.ok).toBe(true);
|
||||||
const roles = await response.json();
|
const roles = await response.json();
|
||||||
expect(roles).toHaveLength(1);
|
expect(roles).toHaveLength(2);
|
||||||
expect(roles[0]).toMatchObject({
|
expect(roles[0]).toMatchObject({
|
||||||
name: "test",
|
name: "test",
|
||||||
permissions: ADMIN_ROLES,
|
permissions: ADMIN_ROLES,
|
||||||
|
|
@ -58,5 +58,14 @@ describe(meta.route, () => {
|
||||||
visible: true,
|
visible: true,
|
||||||
icon: "test",
|
icon: "test",
|
||||||
});
|
});
|
||||||
|
|
||||||
|
expect(roles[1]).toMatchObject({
|
||||||
|
name: "Default",
|
||||||
|
permissions: config.permissions.default,
|
||||||
|
priority: 0,
|
||||||
|
description: "Default role for all users",
|
||||||
|
visible: false,
|
||||||
|
icon: null,
|
||||||
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
|
||||||
|
|
@ -27,7 +27,10 @@ export default (app: Hono) =>
|
||||||
return errorResponse("Unauthorized", 401);
|
return errorResponse("Unauthorized", 401);
|
||||||
}
|
}
|
||||||
|
|
||||||
const userRoles = await Role.getUserRoles(user.id);
|
const userRoles = await Role.getUserRoles(
|
||||||
|
user.id,
|
||||||
|
user.getUser().isAdmin,
|
||||||
|
);
|
||||||
|
|
||||||
return jsonResponse(userRoles.map((r) => r.toAPI()));
|
return jsonResponse(userRoles.map((r) => r.toAPI()));
|
||||||
},
|
},
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue