@budibase/backend-core 2.32.2 → 2.32.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +28 -19
- package/dist/index.js.map +2 -2
- package/dist/index.js.meta.json +1 -1
- package/dist/package.json +4 -4
- package/dist/plugins.js.meta.json +1 -1
- package/dist/src/security/roles.d.ts +6 -8
- package/dist/src/security/roles.js +29 -7
- package/dist/src/security/roles.js.map +1 -1
- package/dist/tests/core/utilities/mocks/licenses.d.ts +0 -1
- package/dist/tests/core/utilities/mocks/licenses.js +1 -5
- package/dist/tests/core/utilities/mocks/licenses.js.map +1 -1
- package/package.json +4 -4
- package/src/security/roles.ts +34 -23
- package/tests/core/utilities/mocks/licenses.ts +0 -4
package/src/security/roles.ts
CHANGED
|
@@ -7,8 +7,9 @@ import {
|
|
|
7
7
|
doWithDB,
|
|
8
8
|
} from "../db"
|
|
9
9
|
import { getAppDB } from "../context"
|
|
10
|
-
import { Screen, Role as RoleDoc } from "@budibase/types"
|
|
10
|
+
import { Screen, Role as RoleDoc, RoleUIMetadata } from "@budibase/types"
|
|
11
11
|
import cloneDeep from "lodash/fp/cloneDeep"
|
|
12
|
+
import { RoleColor } from "@budibase/shared-core"
|
|
12
13
|
|
|
13
14
|
export const BUILTIN_ROLE_IDS = {
|
|
14
15
|
ADMIN: "ADMIN",
|
|
@@ -44,11 +45,13 @@ export class Role implements RoleDoc {
|
|
|
44
45
|
permissionId: string
|
|
45
46
|
inherits?: string
|
|
46
47
|
version?: string
|
|
47
|
-
permissions = {}
|
|
48
|
+
permissions: Record<string, PermissionLevel[]> = {}
|
|
49
|
+
uiMetadata?: RoleUIMetadata
|
|
48
50
|
|
|
49
|
-
constructor(id: string,
|
|
51
|
+
constructor(id: string, permissionId: string, uiMetadata?: RoleUIMetadata) {
|
|
50
52
|
this._id = id
|
|
51
|
-
this.name =
|
|
53
|
+
this.name = uiMetadata?.displayName || id
|
|
54
|
+
this.uiMetadata = uiMetadata
|
|
52
55
|
this.permissionId = permissionId
|
|
53
56
|
// version for managing the ID - removing the role_ when responding
|
|
54
57
|
this.version = RoleIDVersion.NAME
|
|
@@ -61,23 +64,31 @@ export class Role implements RoleDoc {
|
|
|
61
64
|
}
|
|
62
65
|
|
|
63
66
|
const BUILTIN_ROLES = {
|
|
64
|
-
ADMIN: new Role(
|
|
65
|
-
|
|
66
|
-
"
|
|
67
|
-
|
|
68
|
-
).addInheritance(BUILTIN_IDS.POWER),
|
|
69
|
-
POWER: new Role(
|
|
70
|
-
|
|
71
|
-
"
|
|
72
|
-
|
|
73
|
-
).addInheritance(BUILTIN_IDS.BASIC),
|
|
74
|
-
BASIC: new Role(
|
|
75
|
-
|
|
76
|
-
"
|
|
77
|
-
|
|
78
|
-
).addInheritance(BUILTIN_IDS.PUBLIC),
|
|
79
|
-
PUBLIC: new Role(BUILTIN_IDS.PUBLIC,
|
|
80
|
-
|
|
67
|
+
ADMIN: new Role(BUILTIN_IDS.ADMIN, BuiltinPermissionID.ADMIN, {
|
|
68
|
+
displayName: "App admin",
|
|
69
|
+
description: "Can do everything",
|
|
70
|
+
color: RoleColor.ADMIN,
|
|
71
|
+
}).addInheritance(BUILTIN_IDS.POWER),
|
|
72
|
+
POWER: new Role(BUILTIN_IDS.POWER, BuiltinPermissionID.POWER, {
|
|
73
|
+
displayName: "App power user",
|
|
74
|
+
description: "An app user with more access",
|
|
75
|
+
color: RoleColor.POWER,
|
|
76
|
+
}).addInheritance(BUILTIN_IDS.BASIC),
|
|
77
|
+
BASIC: new Role(BUILTIN_IDS.BASIC, BuiltinPermissionID.WRITE, {
|
|
78
|
+
displayName: "App user",
|
|
79
|
+
description: "Any logged in user",
|
|
80
|
+
color: RoleColor.BASIC,
|
|
81
|
+
}).addInheritance(BUILTIN_IDS.PUBLIC),
|
|
82
|
+
PUBLIC: new Role(BUILTIN_IDS.PUBLIC, BuiltinPermissionID.PUBLIC, {
|
|
83
|
+
displayName: "Public user",
|
|
84
|
+
description: "Accessible to anyone",
|
|
85
|
+
color: RoleColor.PUBLIC,
|
|
86
|
+
}),
|
|
87
|
+
BUILDER: new Role(BUILTIN_IDS.BUILDER, BuiltinPermissionID.ADMIN, {
|
|
88
|
+
displayName: "Builder user",
|
|
89
|
+
description: "Users that can edit this app",
|
|
90
|
+
color: RoleColor.BUILDER,
|
|
91
|
+
}),
|
|
81
92
|
}
|
|
82
93
|
|
|
83
94
|
export function getBuiltinRoles(): { [key: string]: RoleDoc } {
|
|
@@ -244,9 +255,9 @@ export async function getUserRoleHierarchy(
|
|
|
244
255
|
// some templates/older apps will use a simple string instead of array for roles
|
|
245
256
|
// convert the string to an array using the theory that write is higher than read
|
|
246
257
|
export function checkForRoleResourceArray(
|
|
247
|
-
rolePerms:
|
|
258
|
+
rolePerms: Record<string, PermissionLevel[]>,
|
|
248
259
|
resourceId: string
|
|
249
|
-
) {
|
|
260
|
+
): Record<string, PermissionLevel[]> {
|
|
250
261
|
if (rolePerms && !Array.isArray(rolePerms[resourceId])) {
|
|
251
262
|
const permLevel = rolePerms[resourceId] as any
|
|
252
263
|
rolePerms[resourceId] = [permLevel]
|
|
@@ -102,10 +102,6 @@ export const useAppBuilders = () => {
|
|
|
102
102
|
return useFeature(Feature.APP_BUILDERS)
|
|
103
103
|
}
|
|
104
104
|
|
|
105
|
-
export const useViewPermissions = () => {
|
|
106
|
-
return useFeature(Feature.VIEW_PERMISSIONS)
|
|
107
|
-
}
|
|
108
|
-
|
|
109
105
|
export const useViewReadonlyColumns = () => {
|
|
110
106
|
return useFeature(Feature.VIEW_READONLY_COLUMNS)
|
|
111
107
|
}
|