summaryrefslogtreecommitdiffstats
path: root/server/api
diff options
context:
space:
mode:
authorChristian Hofmaier2020-07-02 22:04:27 +0200
committerChristian Hofmaier2020-07-02 22:04:27 +0200
commitb0e0665fe2cefb7cfe69d73b338437e03f0b59de (patch)
tree9dd90b168e38b637def9011f0b46b48415cf308a /server/api
parent[permissionmanager] return group objects instead of id list (diff)
downloadbas-b0e0665fe2cefb7cfe69d73b338437e03f0b59de.tar.gz
bas-b0e0665fe2cefb7cfe69d73b338437e03f0b59de.tar.xz
bas-b0e0665fe2cefb7cfe69d73b338437e03f0b59de.zip
[permissionmanager] frontend use own getChilds function
Diffstat (limited to 'server/api')
-rw-r--r--server/api/events.js11
-rw-r--r--server/api/roles.js14
2 files changed, 19 insertions, 6 deletions
diff --git a/server/api/events.js b/server/api/events.js
index 310a64a..4fcbda9 100644
--- a/server/api/events.js
+++ b/server/api/events.js
@@ -19,8 +19,8 @@ router.all(['', '/:x'], async (req, res, next) => {
break
case 'POST':
- // TODO: REMOVE blacklist free pass IF PM uses own blacklist function --> HELPER LIB?!
- if (req.params.x === 'blacklist') break
+ // TODO: Add Group-Permission check
+ if (req.params.x === 'getChilds') break
if (!await req.user.hasPermission('events.edit')) return res.status(403).send({ error: 'Missing permission', permission: 'events.edit' })
break
@@ -58,12 +58,11 @@ router.getAsync('', async (req, res) => {
/*
* @return: Returns a list of all childs of the given groups
- * Is also used by the PermissionManager Frontend to get it's blacklist childs
*/
-router.postAsync('/blacklist', async (req, res) => {
+router.postAsync('/getChilds', async (req, res) => {
if (req.body.groups) {
- var blacklist = await groupHelper.getAllChildren(req.body.groups)
- res.send(blacklist)
+ var childs = await groupHelper.getAllChildren(req.body.groups)
+ res.send(childs)
} else res.status(404).end()
})
diff --git a/server/api/roles.js b/server/api/roles.js
index ba1c2a2..d98811a 100644
--- a/server/api/roles.js
+++ b/server/api/roles.js
@@ -1,6 +1,7 @@
/* global __appdir */
var path = require('path')
var db = require(path.join(__appdir, 'lib', 'sequelize'))
+var groupHelper = require(path.join(__appdir, 'lib', 'grouphelper'))
var express = require('express')
const { decorateApp } = require('@awaitjs/express')
var router = decorateApp(express.Router())
@@ -15,6 +16,9 @@ router.all(['', '/:x'], async (req, res, next) => {
break
case 'POST':
+ // TODO: Add Group-Permission check
+ if (req.params.x === 'getChilds') break
+
if (!await req.user.hasPermission('roles.edit')) return res.status(403).send({ error: 'Missing permission', permission: 'roles.edit' })
break
@@ -165,4 +169,14 @@ router.postAsync(['', '/:id'], async (req, res) => {
}
})
+/*
+ * @return: Returns a list of all childs of the given groups
+ */
+router.postAsync('/getChilds', async (req, res) => {
+ if (req.body.groups) {
+ var childs = await groupHelper.getAllChildren(req.body.groups)
+ res.send(childs)
+ } else res.status(404).end()
+})
+
module.exports.router = router