@budibase/backend-core 2.21.2 → 2.21.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +16 -21
- package/dist/index.js.map +2 -2
- package/dist/index.js.meta.json +1 -1
- package/dist/package.json +4 -4
- package/dist/plugins.js.meta.json +1 -1
- package/dist/src/security/roles.d.ts +8 -9
- package/dist/src/security/roles.js +15 -15
- package/dist/src/security/roles.js.map +1 -1
- package/package.json +4 -4
- package/src/security/roles.ts +26 -31
package/src/security/roles.ts
CHANGED
|
@@ -84,16 +84,18 @@ export function getBuiltinRoles(): { [key: string]: RoleDoc } {
|
|
|
84
84
|
return cloneDeep(BUILTIN_ROLES)
|
|
85
85
|
}
|
|
86
86
|
|
|
87
|
-
export
|
|
88
|
-
role
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
export const BUILTIN_ROLE_NAME_ARRAY = Object.values(BUILTIN_ROLES).map(
|
|
92
|
-
role => role.name
|
|
93
|
-
)
|
|
87
|
+
export function isBuiltin(role: string) {
|
|
88
|
+
return getBuiltinRole(role) !== undefined
|
|
89
|
+
}
|
|
94
90
|
|
|
95
|
-
export function
|
|
96
|
-
|
|
91
|
+
export function getBuiltinRole(roleId: string): Role | undefined {
|
|
92
|
+
const role = Object.values(BUILTIN_ROLES).find(role =>
|
|
93
|
+
roleId.includes(role._id)
|
|
94
|
+
)
|
|
95
|
+
if (!role) {
|
|
96
|
+
return undefined
|
|
97
|
+
}
|
|
98
|
+
return cloneDeep(role)
|
|
97
99
|
}
|
|
98
100
|
|
|
99
101
|
/**
|
|
@@ -123,7 +125,7 @@ export function builtinRoleToNumber(id?: string) {
|
|
|
123
125
|
/**
|
|
124
126
|
* Converts any role to a number, but has to be async to get the roles from db.
|
|
125
127
|
*/
|
|
126
|
-
export async function roleToNumber(id
|
|
128
|
+
export async function roleToNumber(id: string) {
|
|
127
129
|
if (isBuiltin(id)) {
|
|
128
130
|
return builtinRoleToNumber(id)
|
|
129
131
|
}
|
|
@@ -131,7 +133,7 @@ export async function roleToNumber(id?: string) {
|
|
|
131
133
|
defaultPublic: true,
|
|
132
134
|
})) as RoleDoc[]
|
|
133
135
|
for (let role of hierarchy) {
|
|
134
|
-
if (isBuiltin(role
|
|
136
|
+
if (role?.inherits && isBuiltin(role.inherits)) {
|
|
135
137
|
return builtinRoleToNumber(role.inherits) + 1
|
|
136
138
|
}
|
|
137
139
|
}
|
|
@@ -161,35 +163,28 @@ export function lowerBuiltinRoleID(roleId1?: string, roleId2?: string): string {
|
|
|
161
163
|
* @returns The role object, which may contain an "inherits" property.
|
|
162
164
|
*/
|
|
163
165
|
export async function getRole(
|
|
164
|
-
roleId
|
|
166
|
+
roleId: string,
|
|
165
167
|
opts?: { defaultPublic?: boolean }
|
|
166
|
-
): Promise<RoleDoc
|
|
167
|
-
if (!roleId) {
|
|
168
|
-
return undefined
|
|
169
|
-
}
|
|
170
|
-
let role: any = {}
|
|
168
|
+
): Promise<RoleDoc> {
|
|
171
169
|
// built in roles mostly come from the in-code implementation,
|
|
172
170
|
// but can be extended by a doc stored about them (e.g. permissions)
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
Object.values(BUILTIN_ROLES).find(role => role._id === roleId)
|
|
176
|
-
)
|
|
177
|
-
} else {
|
|
171
|
+
let role: RoleDoc | undefined = getBuiltinRole(roleId)
|
|
172
|
+
if (!role) {
|
|
178
173
|
// make sure has the prefix (if it has it then it won't be added)
|
|
179
174
|
roleId = prefixRoleID(roleId)
|
|
180
175
|
}
|
|
181
176
|
try {
|
|
182
177
|
const db = getAppDB()
|
|
183
|
-
const dbRole = await db.get(getDBRoleID(roleId))
|
|
184
|
-
role = Object.assign(role, dbRole)
|
|
178
|
+
const dbRole = await db.get<RoleDoc>(getDBRoleID(roleId))
|
|
179
|
+
role = Object.assign(role || {}, dbRole)
|
|
185
180
|
// finalise the ID
|
|
186
|
-
role._id = getExternalRoleID(role._id
|
|
181
|
+
role._id = getExternalRoleID(role._id!, role.version)
|
|
187
182
|
} catch (err) {
|
|
188
183
|
if (!isBuiltin(roleId) && opts?.defaultPublic) {
|
|
189
184
|
return cloneDeep(BUILTIN_ROLES.PUBLIC)
|
|
190
185
|
}
|
|
191
186
|
// only throw an error if there is no role at all
|
|
192
|
-
if (Object.keys(role).length === 0) {
|
|
187
|
+
if (!role || Object.keys(role).length === 0) {
|
|
193
188
|
throw err
|
|
194
189
|
}
|
|
195
190
|
}
|
|
@@ -200,7 +195,7 @@ export async function getRole(
|
|
|
200
195
|
* Simple function to get all the roles based on the top level user role ID.
|
|
201
196
|
*/
|
|
202
197
|
async function getAllUserRoles(
|
|
203
|
-
userRoleId
|
|
198
|
+
userRoleId: string,
|
|
204
199
|
opts?: { defaultPublic?: boolean }
|
|
205
200
|
): Promise<RoleDoc[]> {
|
|
206
201
|
// admins have access to all roles
|
|
@@ -226,7 +221,7 @@ async function getAllUserRoles(
|
|
|
226
221
|
}
|
|
227
222
|
|
|
228
223
|
export async function getUserRoleIdHierarchy(
|
|
229
|
-
userRoleId
|
|
224
|
+
userRoleId: string
|
|
230
225
|
): Promise<string[]> {
|
|
231
226
|
const roles = await getUserRoleHierarchy(userRoleId)
|
|
232
227
|
return roles.map(role => role._id!)
|
|
@@ -241,7 +236,7 @@ export async function getUserRoleIdHierarchy(
|
|
|
241
236
|
* highest level of access and the last being the lowest level.
|
|
242
237
|
*/
|
|
243
238
|
export async function getUserRoleHierarchy(
|
|
244
|
-
userRoleId
|
|
239
|
+
userRoleId: string,
|
|
245
240
|
opts?: { defaultPublic?: boolean }
|
|
246
241
|
) {
|
|
247
242
|
// special case, if they don't have a role then they are a public user
|
|
@@ -265,9 +260,9 @@ export function checkForRoleResourceArray(
|
|
|
265
260
|
return rolePerms
|
|
266
261
|
}
|
|
267
262
|
|
|
268
|
-
export async function getAllRoleIds(appId
|
|
263
|
+
export async function getAllRoleIds(appId: string): Promise<string[]> {
|
|
269
264
|
const roles = await getAllRoles(appId)
|
|
270
|
-
return roles.map(role => role._id)
|
|
265
|
+
return roles.map(role => role._id!)
|
|
271
266
|
}
|
|
272
267
|
|
|
273
268
|
/**
|