summaryrefslogblamecommitdiffstats
path: root/server/api/roles.js
blob: 5e62443dfb24b05d88942456dc44a4532d70007f (plain) (tree)





































































                                                                                                                              
/* global __appdir */
var path = require('path')
var db = require(path.join(__appdir, 'lib', 'sequelize'))
var express = require('express')
const { decorateApp } = require('@awaitjs/express')
var router = decorateApp(express.Router())

/*
   * ?id=<ROLE_ID>
   *
   * @return: Returns the information about a role and it's permissions and groups.
   */
router.get('/:id', (req, res) => {
  db.role.findOne({ where: { id: req.params.id }, include: ['permissions', 'groups'] }).then(role => {
    if (role) res.send(role)
    else res.status(404).end()
  })
})

/*
   * @return: Returns a list of all roles in the database.
   */
router.get('', (req, res) => {
  db.role.findAll({
    attributes: ['id', 'name', 'descr']
  }).then(function (roles) {
    res.status(200).send(roles)
  })
})

/*
   * id: <ROLE_ID>
   * name: <ROLE_NAME>
   * descr: <ROLE_DESCRIPTION>
   * permissions: <PERMISSION_IDS>
   * groups: <GROUP_IDS>,
   * recursiveMode: < RECURSIVE_MODE>
   *
   * Creates, updates or deletes a role. If recursiveMode is set to true, the <GROUP_IDS> are saved with childs.
   *
   */
router.post(['', '/:id'], (req, res) => {
  // ?delete Delete the roles
  if (req.query.delete !== undefined && req.query.delete !== 'false') {
    db.role.destroy({ where: { id: req.body.ids } }).then(function () {
      res.status(200).send('success')
    })
  } else {
    if (req.params.id === undefined) {
      // Create new role
      db.role.create({ name: req.body.name, descr: req.body.descr, recursiveGroups: req.body.recursiveMode }).then(roleDb => {
        var promises = []
        promises.push(roleDb.addPermissions(req.body.permissions))
        promises.push(roleDb.addGroups(req.body.groups))
        Promise.all(promises).then(() => { res.send({ id: req.body.id }) })
      })
    } else {
      // Update existing role
      db.role.findOne({ where: { id: req.body.id } }).then(roleDb => {
        var promises = []
        promises.push(roleDb.update({ name: req.body.name, descr: req.body.descr, recursiveGroups: req.body.recursiveMode }))
        promises.push(roleDb.setPermissions(req.body.permissions))
        promises.push(roleDb.setGroups(req.body.groups))
        Promise.all(promises).then(() => { res.send({ id: req.body.id }) })
      })
    }
  }
})

module.exports.router = router