summaryrefslogblamecommitdiffstats
path: root/server/lib/permissions/index.js
blob: f891004a06e15e8f5febd1ec35ded082114706e8 (plain) (tree)
1
2
3
4
5
6
7
8
9

                            

                                                         


                                                   

                          
  

                                                                     

                                      






                                                                                                                                                                                         
                        
                                                         
   

                                                                                                                         

 
  






                                                                       

                                         
                              



                                
                                                                         


                  

                                                                        
      
 
/* global __appdir */
const path = require('path')
var db = require(path.join(__appdir, 'lib', 'sequelize'))

var requireDirectory = require('require-directory')
var data = requireDirectory(module, './modules')

updatePermissionDatabase()

/*
 * Update the permission-database accordingly to the permission JSONs
 */
function updatePermissionDatabase () {
  var permissionNames = []
  for (let module in data) {
    data[module].forEach(function (permission) {
      permissionNames.push(module + '.' + permission.name)
      upsert(db.permission, { name: module + '.' + permission.name, descr: permission.description, groupdependent: permission.groupdependent }, { name: module + '.' + permission.name })
    })
  }
  // Delete entries from DB which are not in the JSON files
  db.permission.destroy(
    { where: { [db.Op.not]: { name: permissionNames } } }
  )
  // (Re-)Create Superadmin Permission
  upsert(db.permission, { name: 'superadmin', descr: 'Can do anything.', groupdependent: false }, { name: 'superadmin' })
}

/*
 * model: <DB_MODEL>
 * newItem: <DB_OBJECT>
 * where: <DB_WHERECLAUSE>
 *
 * Updates or inserts the given newItem in the given model according to
 * the where-clause.
 */
function upsert (model, newItem, where) {
  return model
    .findOne({ where: where })
    .then(function (foundItem) {
      if (!foundItem) {
        return model
          .create(newItem)
          .then(function (item) { return { item: item, created: true } })
      }

      return model
        .update(newItem, { where: where })
        .then(function (item) { return { item: item, created: false } })
    })
}