feat: write REST API endpoint to update role
This commit is contained in:
Ali BARIN
@@ -1,4 +1,5 @@
|
||||
import Base from './base.js';
|
||||
import permissionCatalog from '../helpers/permission-catalog.ee.js';
|
||||
|
||||
class Permission extends Base {
|
||||
static tableName = 'permissions';
|
||||
@@ -17,6 +18,26 @@ class Permission extends Base {
|
||||
updatedAt: { type: 'string' },
|
||||
},
|
||||
};
|
||||
|
||||
static sanitize(permissions) {
|
||||
const sanitizedPermissions = permissions.filter((permission) => {
|
||||
const { action, subject, conditions } = permission;
|
||||
|
||||
const relevantAction = permissionCatalog.actions.find(
|
||||
(actionCatalogItem) => actionCatalogItem.key === action
|
||||
);
|
||||
const validSubject = relevantAction.subjects.includes(subject);
|
||||
const validConditions = conditions.every((condition) => {
|
||||
return !!permissionCatalog.conditions.find(
|
||||
(conditionCatalogItem) => conditionCatalogItem.key === condition
|
||||
);
|
||||
});
|
||||
|
||||
return validSubject && validConditions;
|
||||
});
|
||||
|
||||
return sanitizedPermissions;
|
||||
}
|
||||
}
|
||||
|
||||
export default Permission;
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import Base from './base.js';
|
||||
import Permission from './permission.js';
|
||||
import User from './user.js';
|
||||
import NotAuthorizedError from '../errors/not-authorized.js';
|
||||
|
||||
class Role extends Base {
|
||||
static tableName = 'roles';
|
||||
@@ -48,6 +49,42 @@ class Role extends Base {
|
||||
static async findAdmin() {
|
||||
return await this.query().findOne({ name: 'Admin' });
|
||||
}
|
||||
|
||||
async updateWithPermissions(data) {
|
||||
if (this.isAdmin) {
|
||||
throw new NotAuthorizedError('The admin role cannot be altered!');
|
||||
}
|
||||
|
||||
const { name, description, permissions } = data;
|
||||
|
||||
return await Role.transaction(async (trx) => {
|
||||
await this.$relatedQuery('permissions', trx).delete();
|
||||
|
||||
if (permissions?.length) {
|
||||
const sanitizedPermissions = Permission.sanitize(permissions).map(
|
||||
(permission) => ({
|
||||
...permission,
|
||||
roleId: this.id,
|
||||
})
|
||||
);
|
||||
|
||||
await Permission.query().insert(sanitizedPermissions);
|
||||
}
|
||||
|
||||
await this.$query(trx).patch({
|
||||
name,
|
||||
description,
|
||||
});
|
||||
|
||||
return await this.$query(trx)
|
||||
.leftJoinRelated({
|
||||
permissions: true,
|
||||
})
|
||||
.withGraphFetched({
|
||||
permissions: true,
|
||||
});
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
export default Role;
|
||||
|
||||
Reference in New Issue
Block a user