dennii/dbgate
1
0
Fork 0
mirror of https://github.com/DeNNiiInc/dbgate.git synced 2026-04-24 08:16:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

SYNC: Merge pull request #8 from dbgate/feature/db-table-permissions

Browse Source
This commit is contained in:
Jan Prochazka
2025-08-22 09:45:32 +02:00
committed by Diflow
parent f48b4a6c62
commit d2d6e2f554
28 changed files with 1316 additions and 277 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
packages/api/src/controllers/sessions.js
View File

@@ -12,6 +12,7 @@ const { getLogger, extractErrorLogData } = require('dbgate-tools');
const pipeForkLogs = require('../utility/pipeForkLogs');
const config = require('./config');
const { sendToAuditLog } = require('../utility/auditlog');
const { testStandardPermission, testDatabaseRolePermission } = require('../utility/hasPermission');
const logger = getLogger('sessions');
@@ -94,7 +95,7 @@ module.exports = {
socket.emit(`session-initialize-file-${jslid}`);
},
handle_ping() {},
handle_ping() { },
create_meta: true,
async create({ conid, database }) {
@@ -148,10 +149,12 @@ module.exports = {
executeQuery_meta: true,
async executeQuery({ sesid, sql, autoCommit, autoDetectCharts, limitRows, frontMatter }, req) {
await testStandardPermission('dbops/query', req);
const session = this.opened.find(x => x.sesid == sesid);
if (!session) {
throw new Error('Invalid session');
}
await testDatabaseRolePermission(session.conid, session.database, 'run_script', req);
sendToAuditLog(req, {
category: 'dbop',