Merge pull request #787 from michael-pattern/feat/763/per-user_permissions_when_using_oauth-follow-up

feat: per-user permissions when using oauth, follow-up

packages/api/src/utility/hasPermission.js

@@ -9,7 +9,8 @@ function hasPermission(tested, req) {
     return true;
   }
   const { user } = (req && req.auth) || {};
-  const key = user || '';
+  const { login } = (process.env.OAUTH_PERMISSIONS && req && req.user) || {};
+  const key = user || login || '';
   const logins = getLogins();
 
   if (!userPermissions[key]) {
@@ -39,7 +40,7 @@ function getLogins() {
       permissions: process.env.PERMISSIONS,
     });
   }
-  if (process.env.LOGINS || process.env.OAUTH_PERMISSIONS) {
+  if (process.env.LOGINS) {
     const logins = _.compact(process.env.LOGINS.split(',').map(x => x.trim()));
     for (const login of logins) {
       const password = process.env[`LOGIN_PASSWORD_${login}`];
@@ -51,13 +52,14 @@ function getLogins() {
           permissions,
         });
       }
-      if (process.env.OAUTH_PERMISSIONS) {
+    }
-        res.push({
+  }
-          login,
+  else if (process.env.OAUTH_PERMISSIONS) {
-          password: null,
+    const login_permission_keys = Object.keys(process.env).filter((key) => _.startsWith(key, 'LOGIN_PERMISSIONS_'))
-          permissions,
+    for (const permissions_key of login_permission_keys) {
-        })
+      const login = permissions_key.replace('LOGIN_PERMISSIONS_', '');
-      }
+      const permissions = process.env[permissions_key];
+      userPermissions[login] = compilePermissions(permissions);
     }
   }