summaryrefslogblamecommitdiffstats
path: root/server/api/permissions.js
blob: 2e1d5bfa83eb3e29b3577b6d27104f6e0e90d50f (plain) (tree)
1
2
3
4
5
6
7
8
9
10
11
                     

                                                         

                                   
 
  



                                                                                   





                                                                                                      
 
  

                                                          






                                                
 
  

                                                                




                                                       
 
  



                                      





                                                                
 
  



                                  

                                     
    
                                                                                                       
     


















                                                                                                                
   


                                          
/* global __appdir */
var path = require('path')
var db = require(path.join(__appdir, 'lib', 'sequelize'))
var express = require('express')
var noAuthRouter = express.Router()

/*
   * ?id=<ROLE_ID>
   *
   * @return: Returns the information about a role and it's permissions and groups.
   */
noAuthRouter.get('/getRoleById/:id', (req, res) => {
  db.role.findOne({ where: { id: req.params.id }, include: ['permissions', 'groups'] }).then(role => {
    if (role) res.send(role)
    else res.status(404).end()
  })
})

/*
   * @return: Returns a list of all roles in the database.
   */
noAuthRouter.get('/getRoleList', (req, res) => {
  db.role.findAll({
    attributes: ['id', 'name', 'descr']
  }).then(function (roles) {
    res.status(200).send(roles)
  })
})

/*
   * @return: Returns a list of all permissions in the database.
   */
noAuthRouter.get('/getPermissionList', (req, res) => {
  db.permission.findAll().then(function (permissions) {
    res.status(200).send(permissions)
  })
})

/*
   * id: <ROLE_ID>
   *
   * Deletes the role to the given id.
   */
noAuthRouter.post('/deleteRoles', (req, res) => {
  const roleIds = req.body.id
  db.role.destroy({ where: { id: roleIds } }).then(function () {
    res.status(200).send('success')
  })
})

/*
   * id: <ROLE_ID>
   * name: <ROLE_NAME>
   * descr: <ROLE_DESCRIPTION>
   * permissions: <PERMISSION_IDS>
   * groups: <GROUP_IDS>,
   * recursiveMode: < RECURSIVE_MODE>
   *
   * Creates or updates a role. If recursiveMode is set to true, the <GROUP_IDS> are saved with childs.
   */
noAuthRouter.post('/saveRole', (req, res) => {
  const role = req.body
  if (role.id === 0) {
    // Insert new role in the db.
    db.role.create({ name: role.name, descr: role.descr, recursiveGroups: role.recursiveMode }).then(roleDb => {
      var promises = []
      promises.push(roleDb.addPermissions(role.permissions))
      promises.push(roleDb.addGroups(role.groups))
      Promise.all(promises).then(() => { res.send({ id: role.id }) })
    })
  } else {
    // Update an existing role in the db.
    db.role.findOne({ where: { id: role.id } }).then(roleDb => {
      var promises = []
      promises.push(roleDb.update({ name: role.name, descr: role.descr, recursiveGroups: role.recursiveMode }))
      promises.push(roleDb.setPermissions(role.permissions))
      promises.push(roleDb.setGroups(role.groups))
      Promise.all(promises).then(() => { res.send({ id: role.id }) })
    })
  }
})

module.exports.noAuthRouter = noAuthRouter