dennii/dbgate
1
0
Fork 0
mirror of https://github.com/DeNNiiInc/dbgate.git synced 2026-04-26 13:16:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
7eb59ad3a033757fcdd0bbed898390d8d5a6a40f
dbgate/packages/api/src/utility/hasPermission.js
Jan Prochazka 3a5301af6b permissions for connections
2022-07-17 10:03:17 +02:00

85 lines
2.0 KiB
JavaScript
Raw Blame History

const { compilePermissions, testPermission } = require('dbgate-tools');
const _ = require('lodash');
const userPermissions = {};
function hasPermission(tested, req) {
if (!req) {
// request object not available, allow all
return true;
}
const { user } = (req && req.auth) || {};
const key = user || '';
const logins = getLogins();
if (!userPermissions[key]) {
if (logins) {
const login = logins.find(x => x.login == user);
userPermissions[key] = compilePermissions(login ? login.permissions : null);
} else {
userPermissions[key] = compilePermissions(process.env.PERMISSIONS);
}
}
return testPermission(tested, userPermissions[key]);
}
let loginsCache = null;
let loginsLoaded = false;
function getLogins() {
if (loginsLoaded) {
return loginsCache;
}
const res = [];
if (process.env.LOGIN && process.env.PASSWORD) {
res.push({
login: process.env.LOGIN,
password: process.env.PASSWORD,
permissions: process.env.PERMISSIONS,
});
}
if (process.env.LOGINS) {
const logins = _.compact(process.env.LOGINS.split(',').map(x => x.trim()));
for (const login of logins) {
const password = process.env[`LOGIN_PASSWORD_${login}`];
const permissions = process.env[`LOGIN_PERMISSIONS_${login}`];
if (password) {
res.push({
login,
password,
permissions,
});
}
}
}
loginsCache = res.length > 0 ? res : null;
loginsLoaded = true;
return loginsCache;
}
function connectionHasPermission(connection, req) {
if (!connection) {
return true;
}
if (_.isString(connection)) {
return hasPermission(`connections/${connection}`, req);
} else {
return hasPermission(`connections/${connection._id}`, req);
}
}
function testConnectionPermission(connection, req) {
if (!connectionHasPermission(connection, req)) {
throw new Error('Connection permission not granted');
}
}
module.exports = {
hasPermission,
getLogins,
connectionHasPermission,
testConnectionPermission,
};
Reference in New Issue View Git Blame Copy Permalink