summaryrefslogtreecommitdiffstats
path: root/server
diff options
context:
space:
mode:
authorChristian Hofmaier2018-08-05 01:42:49 +0200
committerChristian Hofmaier2018-08-05 01:42:49 +0200
commitd236e4c57a7f71589764efccd0cb36337d551055 (patch)
tree6d47dc6deface87f1985ce7daf26692e25838b16 /server
parent[store/global] simplified settings loading (diff)
downloadbas-d236e4c57a7f71589764efccd0cb36337d551055.tar.gz
bas-d236e4c57a7f71589764efccd0cb36337d551055.tar.xz
bas-d236e4c57a7f71589764efccd0cb36337d551055.zip
[permissions] add permission management
Add Roles Table with Delete Roles and Create Roles possibilities Add Users Table with Grant Roles and Revoke Roles possibilities
Diffstat (limited to 'server')
-rw-r--r--server/api/permissions.js52
-rw-r--r--server/api/user.js33
-rw-r--r--server/app.js1
-rw-r--r--server/lib/permissions.js38
-rw-r--r--server/migrations/20180726033100-create-role.js22
-rw-r--r--server/migrations/20180726033400-create-user_x_role.js30
-rw-r--r--server/migrations/20180726171200-create-permission.js25
-rw-r--r--server/migrations/20180726173100-create-role_x_permission.js30
-rw-r--r--server/migrations/20180804234000-create-role_x_group.js30
-rw-r--r--server/models/permission.js21
-rw-r--r--server/models/role.js7
-rw-r--r--server/models/user.js4
-rw-r--r--server/models/user_x_role.js17
13 files changed, 272 insertions, 38 deletions
diff --git a/server/api/permissions.js b/server/api/permissions.js
index 52cd110..d55e7d9 100644
--- a/server/api/permissions.js
+++ b/server/api/permissions.js
@@ -1,28 +1,42 @@
/* global __appdir */
-var path = require('path')
-var db = require(path.join(__appdir, 'lib', 'sequelize'))
+var path = require('path');
+var db = require(path.join(__appdir, 'lib', 'sequelize'));
module.exports = {
// Return ID, Description and Name of a given RoleID
- getRoleById: function (req, res) {
+ getRoleById: function(req, res) {
var roleid = req.params.roleid
- db.role.findById(roleid).then(robeDb => {
- var role = { }
- role.id = robeDb.id
- role.descr = robeDb.descr
- role.name = robeDb.name
+ db.role.findById(roleid, {
+ attributes: ['id', 'name', 'descr']
+ // include: [{model: db.permission, as: 'permissions', attributes: ['id', 'name', 'descr', 'groupdependent'] }]
+ }).then(role => {
res.status(200).send(role)
})
},
- // Return all RoleIDs associated to a given UserID
- getRolesByUserid: function (req, res) {
- // var userid = req.query.userid;
- // the usersxroles (and rolesxpermissions) models first have to get created
- /* db.usersxroles.findAndCountAll({ where: { id: userid }, attributes: ['roleid'] }).then(roles_db => {
- var result = { };
- result.count = roles_db.count;
- result.roles = roles_db.rows;
- res.status(200).send(result);
- }); */
+
+ getRoleList: function(req, res) {
+ db.role.findAll({
+ attributes: ['id', 'name', 'descr']
+ }).then(function (roles) {
+ res.status(200).send(roles)
+ })
+ },
+
+ getPermissionList: function(req, res) {
+ db.permission.findAll().then(function (permissions) {
+ res.status(200).send(permissions)
+ })
+ },
+
+ deleteRoles: function(req, res) {
+ const roleIds = req.body.id
+
+ db.role.destroy({ where: { id: roleIds } }).then(function() {
+ res.status(200).send('success')
+ })
+ },
+
+ saveRole: function(req, res) {
+
}
-}
+} \ No newline at end of file
diff --git a/server/api/user.js b/server/api/user.js
index 0565d58..9aba1fc 100644
--- a/server/api/user.js
+++ b/server/api/user.js
@@ -26,5 +26,38 @@ module.exports = {
user.name = userDb.name
res.status(200).send(user)
})
+ },
+
+ getUserList: function(req, res) {
+ db.user.findAll({
+ attributes: ['id', 'username', 'name'],
+ include: [{model: db.role, as: 'roles', attributes: ['name'] }]
+ }).then(function (users) {
+ res.status(200).send(users)
+ })
+ },
+
+ grantRoles: function(req, res) {
+ const roleIds = req.body.roleIds
+ const userIds = req.body.userIds
+
+ db.user.findAll({ where: { id: userIds } }).then(users => {
+ users.forEach(user => {
+ user.addRoles(roleIds)
+ })
+ res.status(200).send('success')
+ })
+ },
+
+ revokeRoles: function(req, res) {
+ const roleIds = req.body.roleIds
+ const userIds = req.body.userIds
+
+ db.user.findAll({ where: { id: userIds } }).then(users => {
+ users.forEach(user => {
+ user.removeRoles(roleIds)
+ })
+ res.status(200).send('success')
+ })
}
}
diff --git a/server/app.js b/server/app.js
index 8a18b58..d98c0ce 100644
--- a/server/app.js
+++ b/server/app.js
@@ -11,6 +11,7 @@ var app = express()
global.__appdir = __dirname
var tftp = require('./lib/tftp')
+var permissionsDB = require ('./lib/permissions')
// ############################################################################
// ########################### setup middleware ###############################
diff --git a/server/lib/permissions.js b/server/lib/permissions.js
new file mode 100644
index 0000000..431e051
--- /dev/null
+++ b/server/lib/permissions.js
@@ -0,0 +1,38 @@
+/* global __appdir */
+const path = require('path')
+var permissions = require(path.join(__appdir, 'config', 'permissions'))
+var db = require(path.join(__appdir, 'lib', 'sequelize'))
+
+updatePermissionDatabase()
+
+function updatePermissionDatabase () {
+ var permissionNames = []
+
+ // Insert / Update Entries in Database
+ permissions.forEach(function(permission) {
+ permissionNames.push(permission.name)
+ upsert(db.permission, { name: permission.name, descr: permission.descr, groupdependent: permission.groupdependent }, { name: permission.name })
+ })
+
+ // Delete Entries from Database
+ db.permission.destroy(
+ { where: { $not: { name: permissionNames } } }
+ )
+}
+
+// Update or Insert function
+function upsert (model, newItem, where) {
+ return model
+ .findOne({where: where})
+ .then(function (foundItem) {
+ if (!foundItem) {
+ return model
+ .create(newItem)
+ .then(function (item) { return {item: item, created: true} })
+ }
+
+ return model
+ .update(newItem, {where: where})
+ .then(function (item) { return {item: item, created: false} })
+ })
+} \ No newline at end of file
diff --git a/server/migrations/20180726033100-create-role.js b/server/migrations/20180726033100-create-role.js
new file mode 100644
index 0000000..c930148
--- /dev/null
+++ b/server/migrations/20180726033100-create-role.js
@@ -0,0 +1,22 @@
+'use strict'
+module.exports = {
+ up: (queryInterface, Sequelize) => {
+ return queryInterface.createTable('roles', {
+ id: {
+ allowNull: false,
+ autoIncrement: true,
+ primaryKey: true,
+ type: Sequelize.INTEGER
+ },
+ name: {
+ type: Sequelize.STRING
+ },
+ descr: {
+ type: Sequelize.STRING
+ }
+ })
+ },
+ down: (queryInterface, Sequelize) => {
+ return queryInterface.dropTable('roles')
+ }
+}
diff --git a/server/migrations/20180726033400-create-user_x_role.js b/server/migrations/20180726033400-create-user_x_role.js
new file mode 100644
index 0000000..d82bc9a
--- /dev/null
+++ b/server/migrations/20180726033400-create-user_x_role.js
@@ -0,0 +1,30 @@
+'use strict'
+module.exports = {
+ up: (queryInterface, Sequelize) => {
+ return queryInterface.createTable('user_x_role', {
+ userId: {
+ primaryKey: true,
+ allowNull: false,
+ type: Sequelize.INTEGER,
+ onDelete: "cascade",
+ references: {
+ model: 'users',
+ key: 'id'
+ }
+ },
+ roleId: {
+ primaryKey: true,
+ allowNull: false,
+ type: Sequelize.INTEGER,
+ onDelete: "cascade",
+ references: {
+ model: 'roles',
+ key: 'id'
+ }
+ }
+ })
+ },
+ down: (queryInterface, Sequelize) => {
+ return queryInterface.dropTable('user_x_role')
+ }
+} \ No newline at end of file
diff --git a/server/migrations/20180726171200-create-permission.js b/server/migrations/20180726171200-create-permission.js
new file mode 100644
index 0000000..822e47c
--- /dev/null
+++ b/server/migrations/20180726171200-create-permission.js
@@ -0,0 +1,25 @@
+'use strict'
+module.exports = {
+ up: (queryInterface, Sequelize) => {
+ return queryInterface.createTable('permissions', {
+ id: {
+ allowNull: false,
+ autoIncrement: true,
+ primaryKey: true,
+ type: Sequelize.INTEGER
+ },
+ name: {
+ type: Sequelize.STRING
+ },
+ descr: {
+ type: Sequelize.STRING
+ },
+ groupdependent: {
+ type: Sequelize.BOOLEAN
+ }
+ })
+ },
+ down: (queryInterface, Sequelize) => {
+ return queryInterface.dropTable('permissions')
+ }
+}
diff --git a/server/migrations/20180726173100-create-role_x_permission.js b/server/migrations/20180726173100-create-role_x_permission.js
new file mode 100644
index 0000000..edfcb8e
--- /dev/null
+++ b/server/migrations/20180726173100-create-role_x_permission.js
@@ -0,0 +1,30 @@
+'use strict'
+module.exports = {
+ up: (queryInterface, Sequelize) => {
+ return queryInterface.createTable('role_x_permission', {
+ roleId: {
+ primaryKey: true,
+ allowNull: false,
+ type: Sequelize.INTEGER,
+ onDelete: "cascade",
+ references: {
+ model: 'roles',
+ key: 'id'
+ }
+ },
+ permissionId: {
+ primaryKey: true,
+ allowNull: false,
+ type: Sequelize.INTEGER,
+ onDelete: "cascade",
+ references: {
+ model: 'permissions',
+ key: 'id'
+ }
+ }
+ })
+ },
+ down: (queryInterface, Sequelize) => {
+ return queryInterface.dropTable('role_x_permission')
+ }
+} \ No newline at end of file
diff --git a/server/migrations/20180804234000-create-role_x_group.js b/server/migrations/20180804234000-create-role_x_group.js
new file mode 100644
index 0000000..d9024be
--- /dev/null
+++ b/server/migrations/20180804234000-create-role_x_group.js
@@ -0,0 +1,30 @@
+'use strict'
+module.exports = {
+ up: (queryInterface, Sequelize) => {
+ return queryInterface.createTable('role_x_group', {
+ roleId: {
+ primaryKey: true,
+ allowNull: false,
+ type: Sequelize.INTEGER,
+ onDelete: "cascade",
+ references: {
+ model: 'roles',
+ key: 'id'
+ }
+ },
+ groupId: {
+ primaryKey: true,
+ allowNull: false,
+ type: Sequelize.INTEGER,
+ onDelete: "cascade",
+ references: {
+ model: 'groups',
+ key: 'id'
+ }
+ }
+ })
+ },
+ down: (queryInterface, Sequelize) => {
+ return queryInterface.dropTable('role_x_group')
+ }
+} \ No newline at end of file
diff --git a/server/models/permission.js b/server/models/permission.js
new file mode 100644
index 0000000..a1bd5d3
--- /dev/null
+++ b/server/models/permission.js
@@ -0,0 +1,21 @@
+'use strict'
+module.exports = (sequelize, DataTypes) => {
+ var permission = sequelize.define('permission', {
+ id: {
+ allowNull: false,
+ autoIncrement: true,
+ primaryKey: true,
+ type: DataTypes.INTEGER
+ },
+ name: DataTypes.STRING,
+ descr: DataTypes.STRING,
+ groupdependent: DataTypes.BOOLEAN
+ }, {
+ timestamps: false
+ })
+ permission.associate = function (models) {
+
+ }
+
+ return permission
+}
diff --git a/server/models/role.js b/server/models/role.js
index 60fba53..2ce1ad1 100644
--- a/server/models/role.js
+++ b/server/models/role.js
@@ -13,7 +13,12 @@ module.exports = (sequelize, DataTypes) => {
timestamps: false
})
role.associate = function (models) {
- // associations can be defined here
+ var RoleXPermission = sequelize.define('role_x_permission', {}, { timestamps: false, freezeTableName: true })
+ role.belongsToMany(models.permission, { as: 'permissions', through: RoleXPermission, foreignKey: 'roleId', otherKey: 'permissionId'})
+
+ var RoleXGroup = sequelize.define('role_x_group', {}, { timestamps: false, freezeTableName: true })
+ role.belongsToMany(models.group, { as: 'groups', through: RoleXGroup, foreignKey: 'roleId', otherKey: 'groupId'})
}
+
return role
}
diff --git a/server/models/user.js b/server/models/user.js
index 63e87bd..7ef8afc 100644
--- a/server/models/user.js
+++ b/server/models/user.js
@@ -15,7 +15,9 @@ module.exports = (sequelize, DataTypes) => {
timestamps: false
})
user.associate = function (models) {
- // associations can be defined here
+ var UserXRole = sequelize.define('user_x_role', {}, { timestamps: false, freezeTableName: true })
+ user.belongsToMany(models.role, { as: 'roles', through: UserXRole, foreignKey: 'userId', otherKey: 'roleId'})
}
+
return user
}
diff --git a/server/models/user_x_role.js b/server/models/user_x_role.js
deleted file mode 100644
index 96d5883..0000000
--- a/server/models/user_x_role.js
+++ /dev/null
@@ -1,17 +0,0 @@
-'use strict'
-module.exports = (sequelize, DataTypes) => {
- var user_x_role = sequelize.define('user_x_role', {},
- {
- timestamps: false
- })
-
- user_x_role.associate = function (models) {
- // associations can be defined here
- // sequelize.role.belongsToMany(sequelize.user, {through: 'user_x_role', foreignKey: 'userid'});
- // sequelize.user.hasMany(sequelize.role, {
- // through: 'user_x_role',
- // foreignKey: 'roleid'
- // });
- }
- return user_x_role
-}