From 7b098c8b969a1d283a94391d9d8050ad0c5a4d13 Mon Sep 17 00:00:00 2001 From: Christian Hofmaier Date: Mon, 25 Feb 2019 03:25:08 +0000 Subject: [permissionmanager] rework for blacklist system - integrate PM into PM itself - wildcard function for hasPermission() --- server/api/roles.js | 64 +++++++++++++++++++++++++++++------------------------ 1 file changed, 35 insertions(+), 29 deletions(-) (limited to 'server/api/roles.js') diff --git a/server/api/roles.js b/server/api/roles.js index 5e62443..3b86f50 100644 --- a/server/api/roles.js +++ b/server/api/roles.js @@ -10,22 +10,24 @@ var router = decorateApp(express.Router()) * * @return: Returns the information about a role and it's permissions and groups. */ -router.get('/:id', (req, res) => { - db.role.findOne({ where: { id: req.params.id }, include: ['permissions', 'groups'] }).then(role => { - if (role) res.send(role) - else res.status(404).end() - }) +router.getAsync('/:id', async (req, res) => { + if (!await req.user.hasPermission('permissions.*')) { + res.status(403).end() + } + var role = await db.role.findOne({ where: { id: req.params.id }, include: ['permissions', 'groups'] }) + if (role) res.send(role) + else res.status(404).end() }) /* * @return: Returns a list of all roles in the database. */ -router.get('', (req, res) => { - db.role.findAll({ - attributes: ['id', 'name', 'descr'] - }).then(function (roles) { - res.status(200).send(roles) - }) +router.getAsync('', async (req, res) => { + if (!await req.user.hasPermission('permissions.*')) { + res.status(403).end() + } + var roles = await db.role.findAll({ attributes: ['id', 'name', 'descr'] }) + res.status(200).send(roles) }) /* @@ -36,33 +38,37 @@ router.get('', (req, res) => { * groups: , * recursiveMode: < RECURSIVE_MODE> * - * Creates, updates or deletes a role. If recursiveMode is set to true, the are saved with childs. + * Creates, updates or deletes a role. * */ -router.post(['', '/:id'], (req, res) => { +router.postAsync(['', '/:id'], async (req, res) => { + if (!await req.user.hasPermission('permissions.editrole')) { + res.status(403).end() + } // ?delete Delete the roles if (req.query.delete !== undefined && req.query.delete !== 'false') { - db.role.destroy({ where: { id: req.body.ids } }).then(function () { - res.status(200).send('success') - }) + await db.role.destroy({ where: { id: req.body.ids } }) + res.status(200).send('success') } else { + var promises = [] + var roleDb if (req.params.id === undefined) { // Create new role - db.role.create({ name: req.body.name, descr: req.body.descr, recursiveGroups: req.body.recursiveMode }).then(roleDb => { - var promises = [] - promises.push(roleDb.addPermissions(req.body.permissions)) - promises.push(roleDb.addGroups(req.body.groups)) - Promise.all(promises).then(() => { res.send({ id: req.body.id }) }) - }) + roleDb = await db.role.create({ name: req.body.name, descr: req.body.descr }) + promises.push(roleDb.addPermissions(req.body.permissions)) + promises.push(roleDb.addGroups(req.body.groups, { through: { blacklist: 0 } })) + promises.push(roleDb.addGroups(req.body.blacklist, { through: { blacklist: 1 } })) + await Promise.all(promises) + res.send({ id: req.body.id }) } else { // Update existing role - db.role.findOne({ where: { id: req.body.id } }).then(roleDb => { - var promises = [] - promises.push(roleDb.update({ name: req.body.name, descr: req.body.descr, recursiveGroups: req.body.recursiveMode })) - promises.push(roleDb.setPermissions(req.body.permissions)) - promises.push(roleDb.setGroups(req.body.groups)) - Promise.all(promises).then(() => { res.send({ id: req.body.id }) }) - }) + roleDb = await db.role.findOne({ where: { id: req.body.id } }) + promises.push(roleDb.update({ name: req.body.name, descr: req.body.descr })) + promises.push(roleDb.setPermissions(req.body.permissions)) + promises.push(roleDb.setGroups(req.body.groups, { through: { blacklist: 0 } })) + promises.push(roleDb.addGroups(req.body.blacklist, { through: { blacklist: 1 } })) + await Promise.all(promises) + res.send({ id: req.body.id }) } } }) -- cgit v1.2.3-55-g7522