permissions for connections

2026-04-19 01:26:01 +00:00 · 2022-07-17 10:03:17 +02:00
parent 55efdef181
commit 3a5301af6b
7 changed files with 119 additions and 43 deletions
--- a/packages/api/src/utility/hasPermission.js
+++ b/packages/api/src/utility/hasPermission.js
@@ -4,12 +4,21 @@ const _ = require('lodash');
 const userPermissions = {};

 function hasPermission(tested, req) {
+  if (!req) {
+    // request object not available, allow all
+    return true;
+  }
  const { user } = (req && req.auth) || {};
  const key = user || '';
  const logins = getLogins();
-  if (!userPermissions[key] && logins) {
-    const login = logins.find(x => x.login == user);
-    userPermissions[key] = compilePermissions(login ? login.permissions : null);
+
+  if (!userPermissions[key]) {
+    if (logins) {
+      const login = logins.find(x => x.login == user);
+      userPermissions[key] = compilePermissions(login ? login.permissions : null);
+    } else {
+      userPermissions[key] = compilePermissions(process.env.PERMISSIONS);
+    }
  }
  return testPermission(tested, userPermissions[key]);
 }
@@ -50,7 +59,26 @@ function getLogins() {
  return loginsCache;
 }

+function connectionHasPermission(connection, req) {
+  if (!connection) {
+    return true;
+  }
+  if (_.isString(connection)) {
+    return hasPermission(`connections/${connection}`, req);
+  } else {
+    return hasPermission(`connections/${connection._id}`, req);
+  }
+}
+
+function testConnectionPermission(connection, req) {
+  if (!connectionHasPermission(connection, req)) {
+    throw new Error('Connection permission not granted');
+  }
+}
+
 module.exports = {
  hasPermission,
  getLogins,
+  connectionHasPermission,
+  testConnectionPermission,
 };
--- a/packages/api/src/utility/useController.js
+++ b/packages/api/src/utility/useController.js
@@ -47,7 +47,6 @@ module.exports = function useController(app, electron, route, controller) {

    let method = 'post';
    let raw = false;
-    let rawParams = false;

    // if (_.isString(meta)) {
    //   method = meta;
@@ -55,7 +54,6 @@ module.exports = function useController(app, electron, route, controller) {
    if (_.isPlainObject(meta)) {
      method = meta.method;
      raw = meta.raw;
-      rawParams = meta.rawParams;
    }

    if (raw) {
@@ -67,9 +65,7 @@ module.exports = function useController(app, electron, route, controller) {
        //   controller._init_called = true;
        // }
        try {
-          let params = [{ ...req.body, ...req.query }, req];
-          if (rawParams) params = [req, res];
-          const data = await controller[key](...params);
+          const data = await controller[key]({ ...req.body, ...req.query }, req);
          res.json(data);
        } catch (e) {
          console.log(e);