CodeMirror/budibase
1
0
Fork 0
mirror of synced 2024-10-04 03:54:37 +13:00
Code Issues Projects Releases Wiki Activity

Change api interfaces

Browse source
This commit is contained in:
Adria Navarro 2023-09-01 11:33:59 +02:00
parent 466f1e6132
commit 5b7756936d
8 changed files with 69 additions and 65 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
packages/builder/src/components/automation/AutomationBuilder/FlowChart/FlowItem.svelte
View file

@ -73,7 +73,7 @@
if (!perms["execute"]) { if (!perms["execute"]) {
role = "BASIC" role = "BASIC"
} else { } else {
role = perms["execute"] role = perms["execute"].role
} }
} }

7
packages/builder/src/components/backend/DataTable/buttons/ManageAccessButton.svelte
View file

@ -5,7 +5,6 @@
export let resourceId export let resourceId
export let disabled = false export let disabled = false
export let requiresLicence
let modal let modal
let resourcePermissions let resourcePermissions
@ -20,9 +19,5 @@
Access Access
</ActionButton> </ActionButton>
<Modal bind:this={modal}> <Modal bind:this={modal}>
<ManageAccessModal <ManageAccessModal {resourceId} permissions={resourcePermissions} />
{resourceId}
{requiresLicence}
permissions={resourcePermissions}
/>
</Modal> </Modal>

14
packages/builder/src/components/backend/DataTable/buttons/grid/GridManageAccessButton.svelte
View file

@ -1,5 +1,4 @@
<script> <script>
import { licensing, admin } from "stores/portal"
import ManageAccessButton from "../ManageAccessButton.svelte" import ManageAccessButton from "../ManageAccessButton.svelte"
import { getContext } from "svelte" import { getContext } from "svelte"
@ -13,17 +12,6 @@
} }
return datasource.type === "table" ? datasource.tableId : datasource.id return datasource.type === "table" ? datasource.tableId : datasource.id
} }
var requiresLicence
$: {
if ($datasource.type === "viewV2" && !$licensing.isViewPermissionsEnabled) {
const requiredLicense = $admin?.cloud ? "Premium" : "Business"
requiresLicence = {
tier: requiredLicense,
message: `A ${requiredLicense} subscription is required to specify access level roles for this view.`,
}
}
}
</script> </script>
<ManageAccessButton {resourceId} {requiresLicence} /> <ManageAccessButton {resourceId} />

35
packages/builder/src/components/backend/DataTable/modals/ManageAccessModal.svelte
View file

@ -15,7 +15,6 @@
export let resourceId export let resourceId
export let permissions export let permissions
export let requiresLicence
async function changePermission(level, role) { async function changePermission(level, role) {
try { try {
@ -41,24 +40,20 @@
} }
} }
$: computedPermissions = Object.keys(permissions.permissions).reduce( $: computedPermissions = Object.entries(permissions.permissions).reduce(
(p, c) => { (p, [level, roleInfo]) => {
p[c] = { p[level] = {
selected: selectedValue:
permissions.permissionType[c] === "INHERITED" roleInfo.permissionType === "INHERITED" ? "inherited" : roleInfo.role,
? "inherited"
: permissions.permissions[c],
options: [...get(roles)], options: [...get(roles)],
} }
if (permissions.inheritablePermissions) { if (roleInfo.inheritablePermission) {
p[c].inheritOption = permissions.inheritablePermissions[c] p[level].inheritOption = roleInfo.inheritablePermission
p[c].options.unshift({ p[level].options.unshift({
_id: "inherited", _id: "inherited",
name: `Inherit (${ name: `Inherit (${
get(roles).find( get(roles).find(x => x._id === roleInfo.inheritablePermission).name
x => x._id === permissions.inheritablePermissions[c]
).name
})`, })`,
}) })
} }
@ -66,21 +61,23 @@
}, },
{} {}
) )
$: requiresPlanToModify = permissions.requiresPlanToModify
</script> </script>
<ModalContent showCancelButton={false} confirmText="Done"> <ModalContent showCancelButton={false} confirmText="Done">
<span slot="header"> <span slot="header">
Manage Access Manage Access
{#if requiresLicence} {#if requiresPlanToModify}
<span class="lock-tag"> <span class="lock-tag">
<Tags> <Tags>
<Tag icon="LockClosed">{requiresLicence.tier}</Tag> <Tag icon="LockClosed">{requiresPlanToModify}</Tag>
</Tags> </Tags>
</span> </span>
{/if} {/if}
</span> </span>
{#if requiresLicence} {#if requiresPlanToModify}
<Body size="S">{requiresLicence.message}</Body> <Body size="S">{requiresPlanToModify}</Body>
{:else} {:else}
<Body size="S">Specify the minimum access level role for this data.</Body> <Body size="S">Specify the minimum access level role for this data.</Body>
<div class="row"> <div class="row">
@ -90,7 +87,7 @@
<Input value={capitalise(level)} disabled /> <Input value={capitalise(level)} disabled />
<Select <Select
placeholder={false} placeholder={false}
value={computedPermissions[level].selected} value={computedPermissions[level].selectedValue}
on:change={e => changePermission(level, e.detail)} on:change={e => changePermission(level, e.detail)}
options={computedPermissions[level].options} options={computedPermissions[level].options}
getOptionLabel={x => x.name} getOptionLabel={x => x.name}

2
packages/builder/src/components/integration/AccessLevelSelect.svelte
View file

@ -40,7 +40,7 @@
return return
} }
try { try {
roleId = (await permissions.forResource(queryToFetch._id))["read"] roleId = (await permissions.forResource(queryToFetch._id))["read"].role
} catch (err) { } catch (err) {
roleId = Constants.Roles.BASIC roleId = Constants.Roles.BASIC
} }

26
packages/server/src/api/controllers/permission.ts
View file

@ -5,6 +5,7 @@ import {
Role, Role,
PermissionLevel, PermissionLevel,
GetResourcePermsResponse, GetResourcePermsResponse,
ResourcePermissionInfo,
} from "@budibase/types" } from "@budibase/types"
import { getRoleParams } from "../../db/utils" import { getRoleParams } from "../../db/utils"
import { import {
@ -162,24 +163,19 @@ export async function getResourcePerms(
ctx.body = { ctx.body = {
permissions: Object.entries(resourcePermissions).reduce( permissions: Object.entries(resourcePermissions).reduce(
(p, [level, role]) => { (p, [level, role]) => {
p[level] = role.role p[level] = {
role: role.role,
permissionType: role.type,
inheritablePermission:
inheritablePermissions && inheritablePermissions[level].role,
}
return p return p
}, },
{} as Record<string, string> {} as Record<string, ResourcePermissionInfo>
), ),
permissionType: Object.entries(resourcePermissions).reduce( requiresPlanToModify: (
(p, [level, role]) => { await sdk.permissions.allowsExplicitPermissions(resourceId)
p[level] = role.type ).minPlan,
return p
},
{} as Record<string, string>
),
inheritablePermissions:
inheritablePermissions &&
Object.entries(inheritablePermissions).reduce((p, [level, role]) => {
p[level] = role.role
return p
}, {} as Record<string, string>),
} }
} }

33
packages/server/src/sdk/app/permissions/index.ts
View file

@ -1,8 +1,9 @@
import { context, roles } from "@budibase/backend-core" import { context, env, roles } from "@budibase/backend-core"
import { features } from "@budibase/pro" import { features } from "@budibase/pro"
import { import {
DocumentType, DocumentType,
PermissionLevel, PermissionLevel,
PlanType,
Role, Role,
VirtualDocumentType, VirtualDocumentType,
} from "@budibase/types" } from "@budibase/types"
@ -60,11 +61,29 @@ type ResourcePermissions = Record<
export async function getInheritablePermissions( export async function getInheritablePermissions(
resourceId: string resourceId: string
): Promise<ResourcePermissions | undefined> { ): Promise<ResourcePermissions | undefined> {
if (isViewID(resourceId) && (await features.isViewPermissionEnabled())) { if (isViewID(resourceId)) {
return await getResourcePerms(extractViewInfoFromID(resourceId).tableId) return await getResourcePerms(extractViewInfoFromID(resourceId).tableId)
} }
} }
export async function allowsExplicitPermissions(resourceId: string) {
if (isViewID(resourceId)) {
const allowed = await features.isViewPermissionEnabled()
const minPlan = !allowed
? env.SELF_HOSTED
? PlanType.BUSINESS
: PlanType.PREMIUM
: undefined
return {
allowed,
minPlan,
}
}
return { allowed: true }
}
export async function getResourcePerms( export async function getResourcePerms(
resourceId: string resourceId: string
): Promise<ResourcePermissions> { ): Promise<ResourcePermissions> {
@ -79,13 +98,15 @@ export async function getResourcePerms(
const permsToInherit = await getInheritablePermissions(resourceId) const permsToInherit = await getInheritablePermissions(resourceId)
const allowsExplicitPerm = (await allowsExplicitPermissions(resourceId))
.allowed
for (let level of CURRENTLY_SUPPORTED_LEVELS) { for (let level of CURRENTLY_SUPPORTED_LEVELS) {
// update the various roleIds in the resource permissions // update the various roleIds in the resource permissions
for (let role of rolesList) { for (let role of rolesList) {
const rolePerms = roles.checkForRoleResourceArray( const rolePerms = allowsExplicitPerm
role.permissions, ? roles.checkForRoleResourceArray(role.permissions, resourceId)
resourceId : {}
)
if (rolePerms[resourceId]?.indexOf(level) > -1) { if (rolePerms[resourceId]?.indexOf(level) > -1) {
permissions[level] = { permissions[level] = {
role: roles.getExternalRoleID(role._id!, role.version), role: roles.getExternalRoleID(role._id!, role.version),

15
packages/types/src/api/web/app/permission.ts
View file

@ -1,5 +1,12 @@
export interface GetResourcePermsResponse { import { PlanType } from "../../../sdk"
permissions: Record<string, string>
permissionType: Record<string, string> export interface ResourcePermissionInfo {
inheritablePermissions?: Record<string, string> role: string
permissionType: string
inheritablePermission?: string
}
export interface GetResourcePermsResponse {
permissions: Record<string, ResourcePermissionInfo>
requiresPlanToModify?: PlanType
} }