npm - @robertraaijmakers/pptb-securityplugin - Versions diffs - 0.1.0 → 0.1.2-beta.1 - Mend

@robertraaijmakers/pptb-securityplugin 0.1.0 → 0.1.2-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md +6 -22
package/dist/README.md +62 -0
package/dist/app.js +88 -41
package/dist/app.js.map +2 -2
package/dist/index.css +11 -1
package/dist/index.html +9 -1
package/dist/npm-shrinkwrap.json +490 -0
package/package.json +14 -4
package/docs/index.md +0 -56

package/README.md CHANGED Viewed

@@ -1,13 +1,7 @@
 # Security Roles Explorer
-Power Platform ToolBox tool for inspecting and managing Dataverse security roles, table privileges, and user assignments.
-## Overview
-Security Roles Explorer helps you quickly understand which roles grant access to which tables and lets you update privileges or user-role assignments in one place.
+Power Platform ToolBox tool for inspecting and managing Dataverse security roles, table privileges, and user assignments. Helps you quickly understand which roles grant access to which tables and lets you update privileges or user-role assignments in one place.
 ## Features
 - View role privileges by role or by table
 - Batch cache of role privilege data for faster loading
 - Sort and filter by privilege level
@@ -19,12 +13,10 @@ Security Roles Explorer helps you quickly understand which roles grant access to
 - Light/dark theme support with a manual toggle
 ## Requirements
 - Power Platform ToolBox (desktop app)
 - Node.js 18+ (recommended)
 ## Development
 Install dependencies:
 ```bash
@@ -43,24 +35,18 @@ Watch mode:
 npm run build:watch
 ```
-## Loading in ToolBox
+## Loading in ToolBox (for developers)
 1. Enable Debug Menu in ToolBox settings.
 2. Use Debug > Load Local Tool and select this folder.
 3. Close and reopen the tool to refresh changes.
 ## Usage
 1. Select a connection in ToolBox.
-2. Choose a filter mode:
-	- By role: review privileges for a single role.
-	- By entity: compare multiple roles for a single table.
-3. Use the filters and sort controls to narrow results.
-4. Change privilege levels in the grid and click Apply changes.
-5. Use the Assign security roles tab to add/remove roles for users.
+2. Use the filters and sort controls to narrow results.
+3. Change privilege levels in the grid and click Apply changes.
+4. Use the Assign security roles tab to add/remove roles for users.
 ## Contributing
 1. Fork the repo.
 2. Create a feature branch.
 3. Make changes with small, focused commits.
@@ -68,11 +54,9 @@ npm run build:watch
 5. Open a pull request with a clear description and screenshots if UI changes.
 ## Troubleshooting
 - If the tool shows "Not connected", select a connection in ToolBox and reload.
 - If role privileges fail to load, verify the connection user has the required security role permissions.
 - If UI changes do not appear, ensure `npm run build` completed and reopen the tool.
 ## License
-MIT
+MIT

package/dist/README.md ADDED Viewed

@@ -0,0 +1,62 @@
+# Security Roles Explorer
+Power Platform ToolBox tool for inspecting and managing Dataverse security roles, table privileges, and user assignments. Helps you quickly understand which roles grant access to which tables and lets you update privileges or user-role assignments in one place.
+## Features
+- View role privileges by role or by table
+- Batch cache of role privilege data for faster loading
+- Sort and filter by privilege level
+- Rights filter (all / with rights / without rights)
+- Role multi-select filter (entity mode)
+- Apply or undo pending privilege changes
+- Assign or remove roles for users (role -> users or user -> roles)
+- Activity log with timestamps
+- Light/dark theme support with a manual toggle
+## Requirements
+- Power Platform ToolBox (desktop app)
+- Node.js 18+ (recommended)
+## Development
+Install dependencies:
+```bash
+npm install
+```
+Build once:
+```bash
+npm run build
+```
+Watch mode:
+```bash
+npm run build:watch
+```
+## Loading in ToolBox (for developers)
+1. Enable Debug Menu in ToolBox settings.
+2. Use Debug > Load Local Tool and select this folder.
+3. Close and reopen the tool to refresh changes.
+## Usage
+1. Select a connection in ToolBox.
+2. Use the filters and sort controls to narrow results.
+3. Change privilege levels in the grid and click Apply changes.
+4. Use the Assign security roles tab to add/remove roles for users.
+## Contributing
+1. Fork the repo.
+2. Create a feature branch.
+3. Make changes with small, focused commits.
+4. Run `npm run build` and verify in ToolBox.
+5. Open a pull request with a clear description and screenshots if UI changes.
+## Troubleshooting
+- If the tool shows "Not connected", select a connection in ToolBox and reload.
+- If role privileges fail to load, verify the connection user has the required security role permissions.
+- If UI changes do not appear, ensure `npm run build` completed and reopen the tool.
+## License
+MIT

package/dist/app.js CHANGED Viewed

@@ -14545,6 +14545,14 @@ ${logTarget.textContent}`;
   // src/services/dataverseService.ts
   var dataverseAPI = window.dataverseAPI;
+  function buildPrivilegeReference(privilegeId) {
+    const apiEndpoint = dataverseAPI?.apiEndpoint;
+    if (!apiEndpoint) {
+      return `privileges(${privilegeId})`;
+    }
+    const separator = apiEndpoint.endsWith("/") ? "" : "/";
+    return `${apiEndpoint}${separator}privileges(${privilegeId})`;
+  }
   async function queryAll(odataQuery) {
     const all = [];
     let response = await dataverseAPI.queryData(odataQuery);
@@ -14675,6 +14683,35 @@ ${logTarget.textContent}`;
     const response = await dataverseAPI.queryData(query);
     return response?.RolePrivileges ?? response?.rolePrivileges ?? response?.value ?? [];
   }
+  async function addPrivilegesToRole(roleId, privileges) {
+    if (privileges.length === 0) {
+      return;
+    }
+    await dataverseAPI.execute({
+      entityName: "role",
+      entityId: roleId,
+      operationName: "AddPrivilegesRole",
+      operationType: "action",
+      parameters: {
+        Privileges: privileges
+      }
+    });
+  }
+  async function removePrivilegesFromRole(roleId, privilegeId) {
+    if (!privilegeId) {
+      return;
+    }
+    const privilegeReference = buildPrivilegeReference(privilegeId);
+    await dataverseAPI.execute({
+      entityName: "role",
+      entityId: roleId,
+      operationName: "RemovePrivilegeRole",
+      operationType: "action",
+      parameters: {
+        Privilege: privilegeReference
+      }
+    });
+  }
   async function associateRoleToUser(userId, roleId) {
     await dataverseAPI.associate(
       "systemuser",
@@ -14741,6 +14778,7 @@ ${logTarget.textContent}`;
     loadingRolesMetadata: "Loading roles and metadata",
     loadingRolePrivileges: "Loading role privileges",
     loadingRefreshingPrivileges: "Refreshing role privileges",
+    loadingApplyingChanges: "Applying privilege changes",
     loadingDashboardData: "Loading dashboard data",
     loadingDashboardRolesTeams: "Loading roles and teams",
     loadingDashboardPeople: "Loading users, business units, and team memberships",
@@ -14791,10 +14829,6 @@ ${logTarget.textContent}`;
       title: "Update failed",
       body: "Failed to apply privilege updates. See console for details."
     },
-    updated: {
-      title: "Privileges updated",
-      body: "Your changes have been queued for update."
-    },
     cacheFailed: {
       title: "Cache failed",
       body: "Could not cache role privileges. See console for details."
@@ -14846,9 +14880,6 @@ ${logTarget.textContent}`;
   function formatMissingPrivilegeId(entityLogicalName, privilege) {
     return `Missing privilege ID for ${entityLogicalName}:${privilege}`;
   }
-  function formatQueuedPrivilegeChange(privilege, entityLogicalName, level) {
-    return `Queued ${privilege} change for ${entityLogicalName}: ${level}`;
-  }
   function formatNoPrivilegesForRole(roleName) {
     return `No privileges returned for role ${roleName}.`;
   }
@@ -14944,6 +14975,7 @@ ${logTarget.textContent}`;
       direction: "asc"
     },
     assignmentFilter: "",
+    assignmentSearch: "",
     sort: {
       column: "label",
       direction: "asc"
@@ -15004,6 +15036,7 @@ ${logTarget.textContent}`;
       document.querySelectorAll("[data-assign-sort]")
     ),
     assignmentFilterAssigned: document.getElementById("assignment-filter-assigned"),
+    assignmentSearch: document.getElementById("assignment-search"),
     controlsPrivileges: document.getElementById("controls-privileges"),
     controlsAssignments: document.getElementById("controls-assignments"),
     controlsDashboard: document.getElementById("controls-dashboard"),
@@ -15424,6 +15457,17 @@ ${logTarget.textContent}`;
       if (state.assignmentFilter === "not-assigned") {
         return !item.assigned;
       }
+      if (state.assignmentSearch) {
+        const rawTerm = state.assignmentSearch.toLowerCase();
+        const term = rawTerm.replace(/\*/g, "").trim();
+        if (term) {
+          const labelMatch = item.label.toLowerCase().includes(term);
+          const subLabelMatch = item.subLabel ? item.subLabel.toLowerCase().includes(term) : false;
+          if (!labelMatch && !subLabelMatch) {
+            return false;
+          }
+        }
+      }
       return true;
     });
     return [...filtered].sort((a, b) => {
@@ -15768,7 +15812,6 @@ ${logTarget.textContent}`;
           const level = select.value;
           const isPending = updatePendingChange(roleId, row.entityLogicalName, privilege, level);
           setPendingClass(select, isPending);
-          logMessage(formatQueuedPrivilegeChange(privilege, row.entityLogicalName, level));
         });
         select.disabled = !isRoleMode && !row.roleId;
         applyLevelClass(select, select.value);
@@ -15929,18 +15972,18 @@ ${logTarget.textContent}`;
     }
     return "none";
   }
-  function mapPrivilegeDepth(level) {
+  function mapPrivilegeDepthLabel(level) {
     switch (level) {
       case "user":
-        return 1;
+        return "Basic";
       case "businessUnit":
-        return 2;
+        return "Local";
       case "parentChild":
-        return 4;
+        return "Deep";
       case "organization":
-        return 8;
+        return "Global";
       default:
-        return 0;
+        return "None";
     }
   }
   function mapOwnershipLabel(raw) {
@@ -17266,42 +17309,44 @@ ${logTarget.textContent}`;
       if (currentLevel === change.level) {
         continue;
       }
-      if (currentLevel !== "none") {
+      if (change.level === "none") {
         if (!removesByRole.has(change.roleId)) {
           removesByRole.set(change.roleId, []);
         }
         removesByRole.get(change.roleId).push(privilegeId);
-      }
-      if (change.level !== "none") {
+      } else {
         if (!addsByRole.has(change.roleId)) {
           addsByRole.set(change.roleId, []);
         }
+        const privilegeInfo = state.privilegeInfoById.get(privilegeId);
         addsByRole.get(change.roleId).push({
           PrivilegeId: privilegeId,
-          Depth: mapPrivilegeDepth(change.level)
+          Depth: mapPrivilegeDepthLabel(change.level),
+          PrivilegeName: privilegeInfo?.name
         });
       }
     }
+    const totalRemoveCalls = Array.from(removesByRole.values()).reduce(
+      (total, privilegeIds) => total + privilegeIds.length,
+      0
+    );
+    const totalAddCalls = addsByRole.size;
+    const totalCalls = totalRemoveCalls + totalAddCalls;
+    let completedCalls = 0;
+    setLoading(true, UI_TEXT.loadingApplyingChanges);
+    updateLoadingProgress(0, totalCalls, UI_TEXT.loadingApplyingChanges);
     try {
       for (const [roleId, privilegeIds] of removesByRole) {
-        await dataverseAPI.execute({
-          operationName: "RemovePrivilegesRole",
-          operationType: "action",
-          parameters: {
-            RoleId: roleId,
-            PrivilegeIds: privilegeIds
-          }
-        });
+        for (const privilegeId of privilegeIds) {
+          await removePrivilegesFromRole(roleId, privilegeId);
+          completedCalls += 1;
+          updateLoadingProgress(completedCalls, totalCalls, UI_TEXT.loadingApplyingChanges);
+        }
       }
       for (const [roleId, privileges] of addsByRole) {
-        await dataverseAPI.execute({
-          operationName: "AddPrivilegesRole",
-          operationType: "action",
-          parameters: {
-            RoleId: roleId,
-            Privileges: privileges
-          }
-        });
+        await addPrivilegesToRole(roleId, privileges);
+        completedCalls += 1;
+        updateLoadingProgress(completedCalls, totalCalls, UI_TEXT.loadingApplyingChanges);
       }
       for (const change of state.pendingChanges) {
         if (!state.rolePrivileges.has(change.roleId)) {
@@ -17320,16 +17365,12 @@ ${logTarget.textContent}`;
         duration: 3500
       });
       return;
+    } finally {
+      setLoading(false);
     }
     state.pendingChanges = [];
-    await toolboxAPI2.utils.showNotification({
-      title: NOTIFICATIONS.updated.title,
-      body: NOTIFICATIONS.updated.body,
-      type: "success",
-      duration: 2500
-    });
     updatePendingUi();
-    renderPrivilegeTable();
+    await refreshPrivilegeView();
   }
   async function refreshData() {
     if (state.refreshInProgress) {
@@ -17618,6 +17659,12 @@ ${logTarget.textContent}`;
         renderAssignmentTable(state.assignmentItems);
       });
     }
+    if (elements2.assignmentSearch) {
+      elements2.assignmentSearch.addEventListener("input", () => {
+        state.assignmentSearch = elements2.assignmentSearch.value.trim();
+        renderAssignmentTable(state.assignmentItems);
+      });
+    }
     for (const button of elements2.sortButtons) {
       button.addEventListener("click", () => {
         const column = button.dataset.sort || "label";