summaryrefslogtreecommitdiffstats
path: root/server/lib/permissions/index.js
blob: a29782d07bbde5d07ecbfbcf973a0759c07180a8 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
/* global __appdir */
const path = require('path')
var db = require(path.join(__appdir, 'lib', 'sequelize'))

var requireDirectory = require('require-directory')
var data = requireDirectory(module, './modules')

updatePermissionDatabase()

/*
 * Update the permission-database accordingly to the permission JSONs
 */
function updatePermissionDatabase () {
  var permissionNames = []
  for (let module in data) {
    data[module].forEach(function (permission) {
      permissionNames.push(module + '.' + permission.name)
      upsert(db.permission, { name: module + '.' + permission.name, descr: permission.description, groupdependent: permission.groupdependent }, { name: module + '.' + permission.name })
    })
  }
  // (Re-)Create Superadmin Permission
  permissionNames.push('superadmin')
  upsert(db.permission, { name: 'superadmin', descr: 'Can do anything.', groupdependent: false }, { name: 'superadmin' })

  // Delete entries from DB which are not in the JSON files
  db.permission.destroy(
    { where: { [db.Op.not]: { name: permissionNames } } }
  )
}

/*
 * model: <DB_MODEL>
 * newItem: <DB_OBJECT>
 * where: <DB_WHERECLAUSE>
 *
 * Updates or inserts the given newItem in the given model according to
 * the where-clause.
 */
function upsert (model, newItem, where) {
  return model
    .findOne({ where: where })
    .then(function (foundItem) {
      if (!foundItem) {
        return model
          .create(newItem)
          .then(function (item) { return { item: item, created: true } })
      }

      return model
        .update(newItem, { where: where })
        .then(function (item) { return { item: item, created: false } })
    })
}