2022-02-23 07:40:09 +13:00
|
|
|
const appEndpoints = require("./applications")
|
|
|
|
const queryEndpoints = require("./queries")
|
|
|
|
const tableEndpoints = require("./tables")
|
|
|
|
const rowEndpoints = require("./rows")
|
|
|
|
const userEndpoints = require("./users")
|
2022-02-18 07:58:09 +13:00
|
|
|
const Router = require("@koa/router")
|
2022-02-23 06:38:27 +13:00
|
|
|
const usage = require("../../../middleware/usageQuota")
|
2022-02-23 07:40:09 +13:00
|
|
|
const authorized = require("../../../middleware/authorized")
|
|
|
|
const {
|
|
|
|
paramResource,
|
|
|
|
paramSubResource,
|
|
|
|
} = require("../../../middleware/resourceId")
|
|
|
|
const {
|
|
|
|
PermissionLevels,
|
|
|
|
PermissionTypes,
|
|
|
|
} = require("@budibase/backend-core/permissions")
|
2022-02-18 07:58:09 +13:00
|
|
|
|
|
|
|
const PREFIX = "/api/public/v1"
|
|
|
|
|
2022-02-23 07:40:09 +13:00
|
|
|
const publicRouter = new Router({
|
2022-02-18 07:58:09 +13:00
|
|
|
prefix: PREFIX,
|
|
|
|
})
|
2022-02-23 07:40:09 +13:00
|
|
|
|
|
|
|
function addMiddleware(endpoints, middleware) {
|
2022-02-25 01:03:46 +13:00
|
|
|
if (!Array.isArray(endpoints)) {
|
|
|
|
endpoints = [endpoints]
|
|
|
|
}
|
2022-02-23 07:40:09 +13:00
|
|
|
for (let endpoint of endpoints) {
|
|
|
|
endpoint.addMiddleware(middleware)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
function addToRouter(endpoints) {
|
|
|
|
for (let endpoint of endpoints) {
|
|
|
|
endpoint.apply(publicRouter)
|
|
|
|
}
|
2022-02-18 07:58:09 +13:00
|
|
|
}
|
|
|
|
|
2022-02-23 07:40:09 +13:00
|
|
|
function applyRoutes(endpoints, permType, resource, subResource = null) {
|
|
|
|
const paramMiddleware = subResource
|
|
|
|
? paramSubResource(resource, subResource)
|
|
|
|
: paramResource(resource)
|
|
|
|
addMiddleware(endpoints.read, paramMiddleware)
|
|
|
|
addMiddleware(endpoints.write, paramMiddleware)
|
|
|
|
addMiddleware(endpoints.read, authorized(permType, PermissionLevels.READ))
|
|
|
|
addMiddleware(endpoints.write, authorized(permType, PermissionLevels.WRITE))
|
|
|
|
addMiddleware(endpoints.write, usage)
|
|
|
|
addToRouter(endpoints.read)
|
|
|
|
addToRouter(endpoints.write)
|
|
|
|
}
|
|
|
|
|
|
|
|
applyRoutes(appEndpoints, PermissionTypes.APP, "appId")
|
|
|
|
applyRoutes(tableEndpoints, PermissionTypes.TABLE, "tableId")
|
|
|
|
applyRoutes(userEndpoints, PermissionTypes.USER, "userId")
|
|
|
|
applyRoutes(queryEndpoints, PermissionTypes.QUERY, "queryId")
|
2022-02-24 07:31:32 +13:00
|
|
|
//applyRoutes(rowEndpoints, PermissionTypes.TABLE, "tableId", "rowId")
|
2022-02-23 07:40:09 +13:00
|
|
|
|
|
|
|
module.exports = publicRouter
|