npm - @intranefr/superbackend - Versions diffs - 1.5.0 → 1.5.1 - Mend

@intranefr/superbackend 1.5.0 → 1.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (171) hide show

package/.env.example +5 -0
package/README.md +11 -0
package/index.js +23 -0
package/package.json +7 -2
package/src/admin/endpointRegistry.js +120 -0
package/src/controllers/admin.controller.js +22 -5
package/src/controllers/adminBlockDefinitions.controller.js +127 -0
package/src/controllers/adminBlockDefinitionsAi.controller.js +54 -0
package/src/controllers/adminCache.controller.js +342 -0
package/src/controllers/adminContextBlockDefinitions.controller.js +141 -0
package/src/controllers/adminCrons.controller.js +388 -0
package/src/controllers/adminDbBrowser.controller.js +124 -0
package/src/controllers/adminEjsVirtual.controller.js +13 -3
package/src/controllers/adminHeadless.controller.js +9 -2
package/src/controllers/adminHealthChecks.controller.js +570 -0
package/src/controllers/adminI18n.controller.js +51 -29
package/src/controllers/adminLlm.controller.js +126 -2
package/src/controllers/adminPages.controller.js +720 -0
package/src/controllers/adminPagesContextBlocksAi.controller.js +54 -0
package/src/controllers/adminProxy.controller.js +113 -0
package/src/controllers/adminRateLimits.controller.js +138 -0
package/src/controllers/adminRbac.controller.js +803 -0
package/src/controllers/adminScripts.controller.js +93 -2
package/src/controllers/adminSeoConfig.controller.js +71 -48
package/src/controllers/blogAdmin.controller.js +279 -0
package/src/controllers/blogAiAdmin.controller.js +224 -0
package/src/controllers/blogAutomationAdmin.controller.js +141 -0
package/src/controllers/blogInternal.controller.js +26 -0
package/src/controllers/blogPublic.controller.js +89 -0
package/src/controllers/fileManager.controller.js +190 -0
package/src/controllers/fileManagerStoragePolicy.controller.js +23 -0
package/src/controllers/healthChecksPublic.controller.js +196 -0
package/src/controllers/metrics.controller.js +64 -4
package/src/controllers/orgAdmin.controller.js +80 -0
package/src/middleware/internalCronAuth.js +29 -0
package/src/middleware/rbac.js +62 -0
package/src/middleware.js +756 -48
package/src/models/BlockDefinition.js +27 -0
package/src/models/BlogAutomationLock.js +14 -0
package/src/models/BlogAutomationRun.js +39 -0
package/src/models/BlogPost.js +42 -0
package/src/models/CacheEntry.js +26 -0
package/src/models/ConsoleEntry.js +32 -0
package/src/models/ConsoleLog.js +23 -0
package/src/models/ContextBlockDefinition.js +33 -0
package/src/models/CronExecution.js +47 -0
package/src/models/CronJob.js +70 -0
package/src/models/ExternalDbConnection.js +49 -0
package/src/models/FileEntry.js +22 -0
package/src/models/HealthAutoHealAttempt.js +57 -0
package/src/models/HealthCheck.js +132 -0
package/src/models/HealthCheckRun.js +51 -0
package/src/models/HealthIncident.js +49 -0
package/src/models/Page.js +95 -0
package/src/models/PageCollection.js +42 -0
package/src/models/ProxyEntry.js +66 -0
package/src/models/RateLimitCounter.js +19 -0
package/src/models/RateLimitMetricBucket.js +20 -0
package/src/models/RbacGrant.js +25 -0
package/src/models/RbacGroup.js +16 -0
package/src/models/RbacGroupMember.js +13 -0
package/src/models/RbacGroupRole.js +13 -0
package/src/models/RbacRole.js +25 -0
package/src/models/RbacUserRole.js +13 -0
package/src/routes/adminBlog.routes.js +21 -0
package/src/routes/adminBlogAi.routes.js +16 -0
package/src/routes/adminBlogAutomation.routes.js +27 -0
package/src/routes/adminCache.routes.js +20 -0
package/src/routes/adminConsoleManager.routes.js +302 -0
package/src/routes/adminCrons.routes.js +25 -0
package/src/routes/adminDbBrowser.routes.js +65 -0
package/src/routes/adminEjsVirtual.routes.js +2 -1
package/src/routes/adminHeadless.routes.js +2 -1
package/src/routes/adminHealthChecks.routes.js +28 -0
package/src/routes/adminI18n.routes.js +4 -3
package/src/routes/adminLlm.routes.js +4 -2
package/src/routes/adminPages.routes.js +55 -0
package/src/routes/adminProxy.routes.js +15 -0
package/src/routes/adminRateLimits.routes.js +17 -0
package/src/routes/adminRbac.routes.js +38 -0
package/src/routes/adminSeoConfig.routes.js +5 -4
package/src/routes/adminUiComponents.routes.js +2 -1
package/src/routes/blogInternal.routes.js +14 -0
package/src/routes/blogPublic.routes.js +9 -0
package/src/routes/fileManager.routes.js +62 -0
package/src/routes/fileManagerStoragePolicy.routes.js +9 -0
package/src/routes/healthChecksPublic.routes.js +9 -0
package/src/routes/log.routes.js +43 -60
package/src/routes/metrics.routes.js +4 -2
package/src/routes/orgAdmin.routes.js +1 -0
package/src/routes/pages.routes.js +123 -0
package/src/routes/proxy.routes.js +46 -0
package/src/routes/rbac.routes.js +47 -0
package/src/routes/webhook.routes.js +2 -1
package/src/routes/workflows.routes.js +4 -0
package/src/services/blockDefinitionsAi.service.js +247 -0
package/src/services/blog.service.js +99 -0
package/src/services/blogAutomation.service.js +978 -0
package/src/services/blogCronsBootstrap.service.js +184 -0
package/src/services/blogPublishing.service.js +58 -0
package/src/services/cacheLayer.service.js +696 -0
package/src/services/consoleManager.service.js +700 -0
package/src/services/consoleOverride.service.js +6 -1
package/src/services/cronScheduler.service.js +350 -0
package/src/services/dbBrowser.service.js +536 -0
package/src/services/ejsVirtual.service.js +102 -32
package/src/services/fileManager.service.js +475 -0
package/src/services/fileManagerStoragePolicy.service.js +285 -0
package/src/services/healthChecks.service.js +650 -0
package/src/services/healthChecksBootstrap.service.js +109 -0
package/src/services/healthChecksScheduler.service.js +106 -0
package/src/services/llmDefaults.service.js +190 -0
package/src/services/migrationAssets/s3.js +2 -2
package/src/services/pages.service.js +602 -0
package/src/services/pagesContext.service.js +331 -0
package/src/services/pagesContextBlocksAi.service.js +349 -0
package/src/services/proxy.service.js +535 -0
package/src/services/rateLimiter.service.js +623 -0
package/src/services/rbac.service.js +212 -0
package/src/services/scriptsRunner.service.js +1 -1
package/src/services/uiComponentsAi.service.js +6 -19
package/src/services/workflow.service.js +23 -8
package/src/utils/orgRoles.js +14 -0
package/src/utils/rbac/engine.js +60 -0
package/src/utils/rbac/rightsRegistry.js +29 -0
package/views/admin-blog-automation.ejs +877 -0
package/views/admin-blog-edit.ejs +542 -0
package/views/admin-blog.ejs +399 -0
package/views/admin-cache.ejs +681 -0
package/views/admin-console-manager.ejs +680 -0
package/views/admin-crons.ejs +645 -0
package/views/admin-db-browser.ejs +445 -0
package/views/admin-ejs-virtual.ejs +16 -10
package/views/admin-file-manager.ejs +942 -0
package/views/admin-health-checks.ejs +725 -0
package/views/admin-i18n.ejs +59 -5
package/views/admin-llm.ejs +99 -1
package/views/admin-organizations.ejs +163 -1
package/views/admin-pages.ejs +2424 -0
package/views/admin-proxy.ejs +491 -0
package/views/admin-rate-limiter.ejs +625 -0
package/views/admin-rbac.ejs +1331 -0
package/views/admin-scripts.ejs +1 -1
package/views/admin-seo-config.ejs +61 -7
package/views/admin-ui-components.ejs +57 -25
package/views/admin-workflows.ejs +7 -7
package/views/file-manager.ejs +866 -0
package/views/pages/blocks/contact.ejs +27 -0
package/views/pages/blocks/cta.ejs +18 -0
package/views/pages/blocks/faq.ejs +20 -0
package/views/pages/blocks/features.ejs +19 -0
package/views/pages/blocks/hero.ejs +13 -0
package/views/pages/blocks/html.ejs +5 -0
package/views/pages/blocks/image.ejs +14 -0
package/views/pages/blocks/testimonials.ejs +26 -0
package/views/pages/blocks/text.ejs +10 -0
package/views/pages/layouts/default.ejs +51 -0
package/views/pages/layouts/minimal.ejs +42 -0
package/views/pages/layouts/sidebar.ejs +54 -0
package/views/pages/partials/footer.ejs +13 -0
package/views/pages/partials/header.ejs +12 -0
package/views/pages/partials/sidebar.ejs +8 -0
package/views/pages/runtime/page.ejs +10 -0
package/views/pages/templates/article.ejs +20 -0
package/views/pages/templates/default.ejs +12 -0
package/views/pages/templates/landing.ejs +14 -0
package/views/pages/templates/listing.ejs +15 -0
package/views/partials/admin-image-upload-modal.ejs +221 -0
package/views/partials/dashboard/nav-items.ejs +11 -0
package/views/partials/llm-provider-model-picker.ejs +183 -0
package/src/routes/llmUi.routes.js +0 -26

package/src/services/rbac.service.js ADDED Viewed

@@ -0,0 +1,212 @@
+const mongoose = require('mongoose');
+const OrganizationMember = require('../models/OrganizationMember');
+const RbacUserRole = require('../models/RbacUserRole');
+const RbacGroup = require('../models/RbacGroup');
+const RbacGroupMember = require('../models/RbacGroupMember');
+const RbacGroupRole = require('../models/RbacGroupRole');
+const RbacGrant = require('../models/RbacGrant');
+const { matches } = require('../utils/rbac/engine');
+function normalizeId(input) {
+  if (!input) return null;
+  const str = String(input);
+  if (!mongoose.Types.ObjectId.isValid(str)) return null;
+  return new mongoose.Types.ObjectId(str);
+}
+function normalizeRight(input) {
+  return String(input || '').trim();
+}
+function buildExplainItem(grant, source) {
+  if (!grant) return null;
+  return {
+    source,
+    effect: grant.effect,
+    right: grant.right,
+    subjectType: grant.subjectType,
+    subjectId: String(grant.subjectId),
+    scopeType: grant.scopeType,
+    scopeId: grant.scopeId ? String(grant.scopeId) : null,
+    id: String(grant._id),
+  };
+}
+function extractMatches(grants, requiredRight) {
+  const denies = [];
+  const allows = [];
+  for (const g of grants || []) {
+    if (!g) continue;
+    if (!matches(requiredRight, g.right)) continue;
+    if (g.effect === 'deny') {
+      denies.push(g);
+    } else {
+      allows.push(g);
+    }
+  }
+  return { denies, allows };
+}
+async function getUserOrgIds(userId) {
+  const uid = normalizeId(userId);
+  if (!uid) return [];
+  const rows = await OrganizationMember.find({ userId: uid, status: 'active' }).select('orgId').lean();
+  return rows.map((r) => String(r.orgId));
+}
+async function getEffectiveGrants({ userId, orgId }) {
+  const uid = normalizeId(userId);
+  const oid = normalizeId(orgId);
+  if (!uid || !oid) {
+    return {
+      grants: [],
+      layers: { org: [], group: [], role: [], user: [] },
+      explain: [],
+      context: { roles: [], groups: [] },
+      orgMember: null,
+    };
+  }
+  const orgMember = await OrganizationMember.findOne({ userId: uid, orgId: oid, status: 'active' }).lean();
+  if (!orgMember) {
+    return {
+      grants: [],
+      layers: { org: [], group: [], role: [], user: [] },
+      explain: [],
+      context: { roles: [], groups: [] },
+      orgMember: null,
+    };
+  }
+  const [userRoleLinks, groupLinks, orgGrantsGlobal, orgGrantsOrg] = await Promise.all([
+    RbacUserRole.find({ userId: uid }).select('roleId').lean(),
+    RbacGroupMember.find({ userId: uid }).select('groupId').lean(),
+    RbacGrant.find({ subjectType: 'org', subjectId: oid, scopeType: 'global' }).lean(),
+    RbacGrant.find({ subjectType: 'org', subjectId: oid, scopeType: 'org', scopeId: oid }).lean(),
+  ]);
+  const directRoleIds = userRoleLinks.map((r) => r.roleId).filter(Boolean);
+  const groupIds = groupLinks.map((g) => g.groupId).filter(Boolean);
+  const groups = groupIds.length
+    ? await RbacGroup.find({ _id: { $in: groupIds }, status: 'active' }).select('_id isGlobal orgId').lean()
+    : [];
+  const allowedGroupIds = [];
+  for (const g of groups) {
+    if (g.isGlobal) {
+      allowedGroupIds.push(g._id);
+      continue;
+    }
+    if (g.orgId && String(g.orgId) === String(oid)) {
+      allowedGroupIds.push(g._id);
+    }
+  }
+  const groupRoleLinks = allowedGroupIds.length
+    ? await RbacGroupRole.find({ groupId: { $in: allowedGroupIds } }).select('groupId roleId').lean()
+    : [];
+  const groupRoleIds = groupRoleLinks.map((l) => l.roleId).filter(Boolean);
+  const effectiveRoleIds = Array.from(new Set([...directRoleIds, ...groupRoleIds]));
+  const [userGrantsGlobal, userGrantsOrg, roleGrantsGlobal, roleGrantsOrg, groupGrantsGlobal, groupGrantsOrg] = await Promise.all([
+    RbacGrant.find({ subjectType: 'user', subjectId: uid, scopeType: 'global' }).lean(),
+    RbacGrant.find({ subjectType: 'user', subjectId: uid, scopeType: 'org', scopeId: oid }).lean(),
+    effectiveRoleIds.length ? RbacGrant.find({ subjectType: 'role', subjectId: { $in: effectiveRoleIds }, scopeType: 'global' }).lean() : [],
+    effectiveRoleIds.length ? RbacGrant.find({ subjectType: 'role', subjectId: { $in: effectiveRoleIds }, scopeType: 'org', scopeId: oid }).lean() : [],
+    allowedGroupIds.length ? RbacGrant.find({ subjectType: 'group', subjectId: { $in: allowedGroupIds }, scopeType: 'global' }).lean() : [],
+    allowedGroupIds.length ? RbacGrant.find({ subjectType: 'group', subjectId: { $in: allowedGroupIds }, scopeType: 'org', scopeId: oid }).lean() : [],
+  ]);
+  const layers = {
+    org: [...orgGrantsGlobal, ...orgGrantsOrg],
+    group: [...groupGrantsGlobal, ...groupGrantsOrg],
+    role: [...roleGrantsGlobal, ...roleGrantsOrg],
+    user: [...userGrantsGlobal, ...userGrantsOrg],
+  };
+  const all = [...layers.org, ...layers.group, ...layers.role, ...layers.user];
+  const explain = [];
+  for (const g of userGrantsGlobal) explain.push(buildExplainItem(g, 'user:global'));
+  for (const g of userGrantsOrg) explain.push(buildExplainItem(g, 'user:org'));
+  for (const g of roleGrantsGlobal) explain.push(buildExplainItem(g, 'role:global'));
+  for (const g of roleGrantsOrg) explain.push(buildExplainItem(g, 'role:org'));
+  for (const g of groupGrantsGlobal) explain.push(buildExplainItem(g, 'group:global'));
+  for (const g of groupGrantsOrg) explain.push(buildExplainItem(g, 'group:org'));
+  for (const g of orgGrantsGlobal) explain.push(buildExplainItem(g, 'org:global'));
+  for (const g of orgGrantsOrg) explain.push(buildExplainItem(g, 'org:org'));
+  const context = {
+    groups: groups.map((g) => ({
+      id: String(g._id),
+      isGlobal: !!g.isGlobal,
+      orgId: g.orgId ? String(g.orgId) : null,
+    })),
+    roles: [
+      ...directRoleIds.map((rid) => ({ roleId: String(rid), source: 'user' })),
+      ...groupRoleLinks.map((l) => ({ roleId: String(l.roleId), source: 'group', groupId: String(l.groupId) })),
+    ],
+  };
+  return { grants: all, layers, explain: explain.filter(Boolean), context, orgMember };
+}
+async function checkRight({ userId, orgId, right }) {
+  const r = normalizeRight(right);
+  if (!r) {
+    return { allowed: false, reason: 'invalid_right', explain: [], context: null, decisionLayer: null };
+  }
+  const { layers, explain, context, orgMember } = await getEffectiveGrants({ userId, orgId });
+  if (!orgMember) {
+    return { allowed: false, reason: 'not_org_member', explain: [], context: null, decisionLayer: null };
+  }
+  const denyMatches = [];
+  for (const [layerName, grants] of Object.entries(layers || {})) {
+    const { denies } = extractMatches(grants, r);
+    for (const d of denies) denyMatches.push({ layerName, grant: d });
+  }
+  if (denyMatches.length) {
+    const matchedIds = new Set(denyMatches.map((m) => String(m.grant._id)));
+    const filteredExplain = explain.filter((e) => matchedIds.has(String(e.id)));
+    return {
+      allowed: false,
+      reason: 'denied',
+      decisionLayer: 'deny',
+      explain: filteredExplain,
+      context,
+    };
+  }
+  const allowPriority = ['org', 'group', 'role', 'user'];
+  for (const layer of allowPriority) {
+    const { allows } = extractMatches(layers?.[layer] || [], r);
+    if (!allows.length) continue;
+    const matchedIds = new Set(allows.map((a) => String(a._id)));
+    const filteredExplain = explain.filter((e) => matchedIds.has(String(e.id)));
+    return {
+      allowed: true,
+      reason: 'allowed',
+      decisionLayer: layer,
+      explain: filteredExplain,
+      context,
+    };
+  }
+  return { allowed: false, reason: 'no_match', explain: [], context, decisionLayer: null };
+}
+module.exports = {
+  getUserOrgIds,
+  getEffectiveGrants,
+  checkRight,
+};

package/src/services/scriptsRunner.service.js CHANGED Viewed

@@ -171,7 +171,7 @@ async function startRun(scriptDef, options) {
     }
   });
-  return { runId: String(runDoc._id) };
+  return runDoc;
 }
 async function runSpawned({ runId, bus, command, args, env, cwd, timeoutMs }) {

package/src/services/uiComponentsAi.service.js CHANGED Viewed

@@ -1,6 +1,6 @@
 const UiComponent = require('../models/UiComponent');
-const { getSettingValue } = require('./globalSettings.service');
 const llmService = require('./llm.service');
+const { resolveLlmProviderModel } = require('./llmDefaults.service');
 const { createAuditEvent } = require('./audit.service');
 const ALLOWED_FIELDS = new Set(['html', 'css', 'js', 'usageMarkdown']);
@@ -94,24 +94,11 @@ function computeWarnings(nextFields) {
 }
 async function resolveLlmDefaults({ providerKey, model }) {
-  const uiProvider = String(providerKey || '').trim();
-  const uiModel = String(model || '').trim();
-  const settingProvider = String(await getSettingValue('uiComponents.ai.providerKey', '') || '').trim();
-  const settingModel = String(await getSettingValue('uiComponents.ai.model', '') || '').trim();
-  const envProvider = String(process.env.DEFAULT_LLM_PROVIDER_KEY || '').trim();
-  const envModel = String(process.env.DEFAULT_LLM_MODEL || '').trim();
-  const resolvedProviderKey = uiProvider || settingProvider || envProvider;
-  if (!resolvedProviderKey) {
-    const err = new Error('Missing LLM providerKey (configure uiComponents.ai.providerKey or DEFAULT_LLM_PROVIDER_KEY, or send from UI)');
-    err.code = 'VALIDATION';
-    throw err;
-  }
-  const resolvedModel = uiModel || settingModel || envModel || 'x-ai/grok-code-fast-1';
-  return { providerKey: resolvedProviderKey, model: resolvedModel };
+  return resolveLlmProviderModel({
+    systemKey: 'uiComponents.proposeEdit',
+    providerKey,
+    model,
+  });
 }
 function buildSystemPrompt({ targets }) {

package/src/services/workflow.service.js CHANGED Viewed

@@ -1,7 +1,8 @@
 const Workflow = require('../models/Workflow');
 const WorkflowExecution = require('../models/WorkflowExecution');
-const llmService = require('./llm.service');
 const { NodeVM } = require('vm2');
+const llmService = require('./llm.service');
+const { resolveLlmProviderModel } = require('./llmDefaults.service');
 /**
  * Workflow Service
@@ -163,13 +164,27 @@ class WorkflowService {
   async handleLLM(node) {
     const prompt = this.interpolate(node.prompt);
-    const response = await llmService.callAdhoc({
-      providerKey: node.provider || 'openrouter',
-      messages: [{ role: 'user', content: prompt }]
-    }, {
-      model: node.model || 'minimax/minimax-m2.1',
-      temperature: node.temperature !== undefined ? parseFloat(node.temperature) : 0.7
-    });
+    const providerKeyRaw = node.provider;
+    const modelRaw = node.model;
+    const resolved = (!providerKeyRaw || !String(providerKeyRaw).trim() || !modelRaw || !String(modelRaw).trim())
+      ? await resolveLlmProviderModel({
+        systemKey: 'workflow.node.llm',
+        providerKey: providerKeyRaw,
+        model: modelRaw,
+      })
+      : { providerKey: String(providerKeyRaw).trim(), model: String(modelRaw || '').trim() };
+    const response = await llmService.callAdhoc(
+      {
+        providerKey: resolved.providerKey,
+        messages: [{ role: 'user', content: prompt }],
+      },
+      {
+        model: resolved.model || undefined,
+        temperature: node.temperature !== undefined ? parseFloat(node.temperature) : 0.7,
+      },
+    );
     return response.content;
   }

package/src/utils/orgRoles.js CHANGED Viewed

@@ -142,6 +142,18 @@ async function getOrgRoleLevel(role) {
   return hierarchy[r] || 0;
 }
+async function isRoleAtLeast(role, requiredRole) {
+  const level = await getOrgRoleLevel(role);
+  const requiredLevel = await getOrgRoleLevel(requiredRole);
+  return level >= requiredLevel;
+}
+async function isRoleHigherThan(role, otherRole) {
+  const level = await getOrgRoleLevel(role);
+  const otherLevel = await getOrgRoleLevel(otherRole);
+  return level > otherLevel;
+}
 function clearOrgRolesCache() {
   cached = null;
 }
@@ -152,5 +164,7 @@ module.exports = {
   getDefaultOrgRole,
   isValidOrgRole,
   getOrgRoleLevel,
+  isRoleAtLeast,
+  isRoleHigherThan,
   clearOrgRolesCache,
 };

package/src/utils/rbac/engine.js ADDED Viewed

@@ -0,0 +1,60 @@
+function normalizeRight(input) {
+  return String(input || '').trim();
+}
+function escapeRegex(str) {
+  return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+function patternToRegex(pattern) {
+  const parts = normalizeRight(pattern).split('*').map(escapeRegex);
+  return new RegExp('^' + parts.join('.*') + '$');
+}
+function matches(requiredRight, grantedPattern) {
+  const required = normalizeRight(requiredRight);
+  const pattern = normalizeRight(grantedPattern);
+  if (!required || !pattern) return false;
+  if (pattern === required) return true;
+  if (!pattern.includes('*')) return false;
+  return patternToRegex(pattern).test(required);
+}
+function evaluateEffects(entries, requiredRight) {
+  const required = normalizeRight(requiredRight);
+  if (!required) {
+    return { allowed: false, reason: 'invalid_required_right' };
+  }
+  const denies = [];
+  const allows = [];
+  for (const e of entries || []) {
+    if (!e) continue;
+    const right = normalizeRight(e.right);
+    const effect = normalizeRight(e.effect || 'allow');
+    if (!right) continue;
+    if (!matches(required, right)) continue;
+    if (effect === 'deny') {
+      denies.push(e);
+    } else {
+      allows.push(e);
+    }
+  }
+  if (denies.length) {
+    return { allowed: false, reason: 'denied', matched: denies };
+  }
+  if (allows.length) {
+    return { allowed: true, reason: 'allowed', matched: allows };
+  }
+  return { allowed: false, reason: 'no_match' };
+}
+module.exports = {
+  matches,
+  evaluateEffects,
+};

package/src/utils/rbac/rightsRegistry.js ADDED Viewed

@@ -0,0 +1,29 @@
+const DEFAULT_RIGHTS = [
+  'rbac:roles:read',
+  'rbac:roles:write',
+  'rbac:groups:read',
+  'rbac:groups:write',
+  'rbac:grants:read',
+  'rbac:grants:write',
+  'rbac:test',
+  'file_manager:*',
+  'file_manager:access',
+  'file_manager:drives:read',
+  'file_manager:files:read',
+  'file_manager:files:upload',
+  'file_manager:files:download',
+  'file_manager:files:update',
+  'file_manager:files:delete',
+  'file_manager:files:share',
+  'backoffice:*',
+  'backoffice:dashboard:access',
+  '*',
+];
+function listRights() {
+  return Array.from(new Set(DEFAULT_RIGHTS)).sort();
+}
+module.exports = {
+  listRights,
+};