/* global __appdir */ var path = require('path') var db = require(path.join(__appdir, 'lib', 'sequelize')) var express = require('express') const { decorateApp } = require('@awaitjs/express') var router = decorateApp(express.Router()) /* * / * * @return: Returns the information about a role and it's permissions and groups. */ router.getAsync('/:id', async (req, res) => { // if (!await req.user.hasPermission('permissions.*')) return res.status(403).end() var role = await db.role.findOne({ where: { id: req.params.id }, include: ['permissions', 'groups'] }) if (role) res.send(role) else res.status(404).end() }) /* * @return: Returns a list of all roles in the database. */ router.getAsync('', async (req, res) => { // if (!await req.user.hasPermission('permissions.*')) return res.status(403).end() var roles = await db.role.findAll({ include: ['permissions', 'groups'] }) if (roles) res.status(200).send(roles) else res.status(404).end() }) /* * name: * descr: * permissions: * groups: , * blacklist: * * Creates, updates or deletes a role. * */ router.postAsync(['', '/:id'], async (req, res) => { // if (!await req.user.hasPermission('permissions.editrole')) return res.status(403).end() // ?delete Delete the roles if (req.query.delete !== undefined && req.query.delete !== 'false') { await db.role.destroy({ where: { id: req.body.ids } }) res.status(200).send('success') } else { var promises = [] var roleDb if (req.params.id === undefined) { // Create new role roleDb = await db.role.create({ name: req.body.name, descr: req.body.description }) promises.push(roleDb.addPermissions(req.body.permissions)) promises.push(roleDb.addGroups(req.body.groups, { through: { blacklist: 0 } })) promises.push(roleDb.addGroups(req.body.blacklist, { through: { blacklist: 1 } })) await Promise.all(promises) res.send({ id: req.body.id }) } else if (req.params.id > 0) { // Update existing role roleDb = await db.role.findOne({ where: { id: req.params.id } }) if (roleDb !== null) { promises.push(roleDb.update({ name: req.body.name, descr: req.body.description })) promises.push(roleDb.setPermissions(req.body.permissions)) promises.push(roleDb.setGroups(req.body.groups, { through: { blacklist: 0 } })) promises.push(roleDb.addGroups(req.body.blacklist, { through: { blacklist: 1 } })) await Promise.all(promises) res.send({ id: req.params.id }) } else { res.status(404).end() } } } }) module.exports.router = router