@budibase/backend-core 2.32.2 → 2.32.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +43 -9
- package/dist/index.js.map +2 -2
- package/dist/index.js.meta.json +1 -1
- package/dist/package.json +4 -4
- package/dist/plugins.js.meta.json +1 -1
- package/dist/src/security/roles.d.ts +6 -8
- package/dist/src/security/roles.js +28 -6
- package/dist/src/security/roles.js.map +1 -1
- package/dist/tests/core/utilities/mocks/licenses.d.ts +0 -1
- package/dist/tests/core/utilities/mocks/licenses.js +1 -5
- package/dist/tests/core/utilities/mocks/licenses.js.map +1 -1
- package/package.json +4 -4
- package/src/security/roles.ts +54 -13
- package/tests/core/utilities/mocks/licenses.ts +0 -4
package/src/security/roles.ts
CHANGED
|
@@ -7,8 +7,9 @@ import {
|
|
|
7
7
|
doWithDB,
|
|
8
8
|
} from "../db"
|
|
9
9
|
import { getAppDB } from "../context"
|
|
10
|
-
import { Screen, Role as RoleDoc } from "@budibase/types"
|
|
10
|
+
import { Screen, Role as RoleDoc, RoleUIMetadata } from "@budibase/types"
|
|
11
11
|
import cloneDeep from "lodash/fp/cloneDeep"
|
|
12
|
+
import { RoleColor } from "@budibase/shared-core"
|
|
12
13
|
|
|
13
14
|
export const BUILTIN_ROLE_IDS = {
|
|
14
15
|
ADMIN: "ADMIN",
|
|
@@ -44,11 +45,18 @@ export class Role implements RoleDoc {
|
|
|
44
45
|
permissionId: string
|
|
45
46
|
inherits?: string
|
|
46
47
|
version?: string
|
|
47
|
-
permissions = {}
|
|
48
|
+
permissions: Record<string, PermissionLevel[]> = {}
|
|
49
|
+
uiMetadata?: RoleUIMetadata
|
|
48
50
|
|
|
49
|
-
constructor(
|
|
51
|
+
constructor(
|
|
52
|
+
id: string,
|
|
53
|
+
name: string,
|
|
54
|
+
permissionId: string,
|
|
55
|
+
uiMetadata?: RoleUIMetadata
|
|
56
|
+
) {
|
|
50
57
|
this._id = id
|
|
51
58
|
this.name = name
|
|
59
|
+
this.uiMetadata = uiMetadata
|
|
52
60
|
this.permissionId = permissionId
|
|
53
61
|
// version for managing the ID - removing the role_ when responding
|
|
54
62
|
this.version = RoleIDVersion.NAME
|
|
@@ -63,21 +71,54 @@ export class Role implements RoleDoc {
|
|
|
63
71
|
const BUILTIN_ROLES = {
|
|
64
72
|
ADMIN: new Role(
|
|
65
73
|
BUILTIN_IDS.ADMIN,
|
|
66
|
-
|
|
67
|
-
BuiltinPermissionID.ADMIN
|
|
74
|
+
BUILTIN_IDS.ADMIN,
|
|
75
|
+
BuiltinPermissionID.ADMIN,
|
|
76
|
+
{
|
|
77
|
+
displayName: "App admin",
|
|
78
|
+
description: "Can do everything",
|
|
79
|
+
color: RoleColor.ADMIN,
|
|
80
|
+
}
|
|
68
81
|
).addInheritance(BUILTIN_IDS.POWER),
|
|
69
82
|
POWER: new Role(
|
|
70
83
|
BUILTIN_IDS.POWER,
|
|
71
|
-
|
|
72
|
-
BuiltinPermissionID.POWER
|
|
84
|
+
BUILTIN_IDS.POWER,
|
|
85
|
+
BuiltinPermissionID.POWER,
|
|
86
|
+
{
|
|
87
|
+
displayName: "App power user",
|
|
88
|
+
description: "An app user with more access",
|
|
89
|
+
color: RoleColor.POWER,
|
|
90
|
+
}
|
|
73
91
|
).addInheritance(BUILTIN_IDS.BASIC),
|
|
74
92
|
BASIC: new Role(
|
|
75
93
|
BUILTIN_IDS.BASIC,
|
|
76
|
-
|
|
77
|
-
BuiltinPermissionID.WRITE
|
|
94
|
+
BUILTIN_IDS.BASIC,
|
|
95
|
+
BuiltinPermissionID.WRITE,
|
|
96
|
+
{
|
|
97
|
+
displayName: "App user",
|
|
98
|
+
description: "Any logged in user",
|
|
99
|
+
color: RoleColor.BASIC,
|
|
100
|
+
}
|
|
78
101
|
).addInheritance(BUILTIN_IDS.PUBLIC),
|
|
79
|
-
PUBLIC: new Role(
|
|
80
|
-
|
|
102
|
+
PUBLIC: new Role(
|
|
103
|
+
BUILTIN_IDS.PUBLIC,
|
|
104
|
+
BUILTIN_IDS.PUBLIC,
|
|
105
|
+
BuiltinPermissionID.PUBLIC,
|
|
106
|
+
{
|
|
107
|
+
displayName: "Public user",
|
|
108
|
+
description: "Accessible to anyone",
|
|
109
|
+
color: RoleColor.PUBLIC,
|
|
110
|
+
}
|
|
111
|
+
),
|
|
112
|
+
BUILDER: new Role(
|
|
113
|
+
BUILTIN_IDS.BUILDER,
|
|
114
|
+
BUILTIN_IDS.BUILDER,
|
|
115
|
+
BuiltinPermissionID.ADMIN,
|
|
116
|
+
{
|
|
117
|
+
displayName: "Builder user",
|
|
118
|
+
description: "Users that can edit this app",
|
|
119
|
+
color: RoleColor.BUILDER,
|
|
120
|
+
}
|
|
121
|
+
),
|
|
81
122
|
}
|
|
82
123
|
|
|
83
124
|
export function getBuiltinRoles(): { [key: string]: RoleDoc } {
|
|
@@ -244,9 +285,9 @@ export async function getUserRoleHierarchy(
|
|
|
244
285
|
// some templates/older apps will use a simple string instead of array for roles
|
|
245
286
|
// convert the string to an array using the theory that write is higher than read
|
|
246
287
|
export function checkForRoleResourceArray(
|
|
247
|
-
rolePerms:
|
|
288
|
+
rolePerms: Record<string, PermissionLevel[]>,
|
|
248
289
|
resourceId: string
|
|
249
|
-
) {
|
|
290
|
+
): Record<string, PermissionLevel[]> {
|
|
250
291
|
if (rolePerms && !Array.isArray(rolePerms[resourceId])) {
|
|
251
292
|
const permLevel = rolePerms[resourceId] as any
|
|
252
293
|
rolePerms[resourceId] = [permLevel]
|
|
@@ -102,10 +102,6 @@ export const useAppBuilders = () => {
|
|
|
102
102
|
return useFeature(Feature.APP_BUILDERS)
|
|
103
103
|
}
|
|
104
104
|
|
|
105
|
-
export const useViewPermissions = () => {
|
|
106
|
-
return useFeature(Feature.VIEW_PERMISSIONS)
|
|
107
|
-
}
|
|
108
|
-
|
|
109
105
|
export const useViewReadonlyColumns = () => {
|
|
110
106
|
return useFeature(Feature.VIEW_READONLY_COLUMNS)
|
|
111
107
|
}
|