pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-03-31 06:56:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update hybrid for multi role

Browse Source
This commit is contained in:
Owen
2026-03-27 17:07:58 -07:00
parent a143b7de7c
commit 177926932b
1 changed files with 77 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
server/private/routers/hybrid.ts
View File

@@ -52,7 +52,9 @@ import {
userOrgs, userOrgs,
roleResources, roleResources,
userResources, userResources,
resourceRules resourceRules,
userOrgRoles,
roles
} from "@server/db"; } from "@server/db";
import { eq, and, inArray, isNotNull, ne } from "drizzle-orm"; import { eq, and, inArray, isNotNull, ne } from "drizzle-orm";
import { response } from "@server/lib/response"; import { response } from "@server/lib/response";
@@ -104,6 +106,13 @@ const getUserOrgSessionVerifySchema = z.strictObject({
sessionId: z.string().min(1, "Session ID is required") sessionId: z.string().min(1, "Session ID is required")
}); });
const getRoleNameParamsSchema = z.strictObject({
roleId: z
.string()
.transform(Number)
.pipe(z.int().positive("Role ID must be a positive integer"))
});
const getRoleResourceAccessParamsSchema = z.strictObject({ const getRoleResourceAccessParamsSchema = z.strictObject({
roleId: z roleId: z
.string() .string()
@@ -796,23 +805,26 @@ hybridRouter.get(
); );
} }
const userOrgRole = await db const userOrgRoleRows = await db
.select() .select({ roleId: userOrgRoles.roleId })
.from(userOrgs) .from(userOrgRoles)
.where( .where(
and(eq(userOrgs.userId, userId), eq(userOrgs.orgId, orgId)) and(
) eq(userOrgRoles.userId, userId),
.limit(1); eq(userOrgRoles.orgId, orgId)
)
);
const result = userOrgRole.length > 0 ? userOrgRole[0] : null; const roleIds = userOrgRoleRows.map((r) => r.roleId);
return response<typeof userOrgs.$inferSelect | null>(res, { return response<number[]>(res, {
data: result, data: roleIds,
success: true, success: true,
error: false, error: false,
message: result message:
? "User org role retrieved successfully" roleIds.length > 0
: "User org role not found", ? "User org roles retrieved successfully"
: "User has no roles in this organization",
status: HttpCode.OK status: HttpCode.OK
}); });
} catch (error) { } catch (error) {
@@ -890,6 +902,58 @@ hybridRouter.get(
} }
); );
// Get role name by ID
hybridRouter.get(
"/role/:roleId/name",
async (req: Request, res: Response, next: NextFunction) => {
try {
const parsedParams = getRoleNameParamsSchema.safeParse(req.params);
if (!parsedParams.success) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
fromError(parsedParams.error).toString()
)
);
}
const { roleId } = parsedParams.data;
const remoteExitNode = req.remoteExitNode;
if (!remoteExitNode?.exitNodeId) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"Remote exit node not found"
)
);
}
const [role] = await db
.select({ name: roles.name })
.from(roles)
.where(eq(roles.roleId, roleId))
.limit(1);
return response<string | null>(res, {
data: role?.name ?? null,
success: true,
error: false,
message: role ? "Role name retrieved successfully" : "Role not found",
status: HttpCode.OK
});
} catch (error) {
logger.error(error);
return next(
createHttpError(
HttpCode.INTERNAL_SERVER_ERROR,
"Failed to get role name"
)
);
}
}
);
// Check if role has access to resource // Check if role has access to resource
hybridRouter.get( hybridRouter.get(
"/role/:roleId/resource/:resourceId/access", "/role/:roleId/resource/:resourceId/access",