strapi/packages/strapi-admin/services/permission.js

'use strict';

const { createPermission } = require('../domain/permission');
const actionProvider = require('./action-provider');
const { validatePermissionsExist } = require('../validation/permission');

/**
 * Delete permissions of roles in database
 * @param rolesIds ids of roles
 * @returns {Promise<array>}
 */
const deleteByRolesIds = rolesIds => {
  return strapi.query('permission', 'admin').delete({ role_in: rolesIds });
};

/**
 * Delete permissions
 * @param ids ids of permissions
 * @returns {Promise<array>}
 */
const deleteByIds = ids => {
  return strapi.query('permission', 'admin').delete({ id_in: ids });
};

/**
 * Find assigned permissions in the database
 * @param params query params to find the permissions
 * @returns {Promise<array<Object>>}
 */
const find = (params = {}) => {
  return strapi.query('permission', 'admin').find(params, []);
};

/**
 * Assign permissions to a role
 * @param {string|int} roleID - role ID
 * @param {Array<Permission{action,subject,fields,conditions}>} permissions - permissions to assign to the role
 */
const assign = async (roleID, permissions = []) => {
  try {
    await validatePermissionsExist(permissions);
  } catch (err) {
    throw strapi.errors.badRequest('ValidationError', err);
  }

  await strapi.query('permission', 'admin').delete({ role: roleID });

  const permissionsWithRole = permissions.map(permission => {
    return createPermission({ ...permission, role: roleID });
  });

  const newPermissions = [];
  for (const permission of permissionsWithRole) {
    const result = await strapi.query('permission', 'admin').create(permission);
    newPermissions.push(result);
  }

  return newPermissions;
};

module.exports = {
  find,
  deleteByRolesIds,
  deleteByIds,
  assign,
  provider: actionProvider,
};
refacto Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-05-29 17:23:42 +02:00			`'use strict';`

Add domain model for permission Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-28 13:02:06 +02:00			`const { createPermission } = require('../domain/permission');`
rename permissions to actions, inverted params of provider.get, separated formatter, add possibility to not specigy pluginName for ::application Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-06-08 11:01:20 +02:00			`const actionProvider = require('./action-provider');`
refacto Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-06-09 17:45:53 +02:00			`const { validatePermissionsExist } = require('../validation/permission');`
Add domain model for permission Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-28 13:02:06 +02:00
refacto Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-05-29 17:23:42 +02:00			`/**`
			`* Delete permissions of roles in database`
clean permissions in db at startup Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-06-08 15:13:26 +02:00			`* @param rolesIds ids of roles`
refacto Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-05-29 17:23:42 +02:00			`* @returns {Promise<array>}`
			`*/`
add tests + make role decription optional + refacto Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-05-29 11:09:17 +02:00			`const deleteByRolesIds = rolesIds => {`
			`return strapi.query('permission', 'admin').delete({ role_in: rolesIds });`
			`};`

clean permissions in db at startup Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-06-08 15:13:26 +02:00			`/**`
			`* Delete permissions`
			`* @param ids ids of permissions`
			`* @returns {Promise<array>}`
			`*/`
			`const deleteByIds = ids => {`
			`return strapi.query('permission', 'admin').delete({ id_in: ids });`
			`};`

Add assign permission Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-28 11:29:59 +02:00			`/**`
			`* Find assigned permissions in the database`
			`* @param params query params to find the permissions`
			`* @returns {Promise<array<Object>>}`
			`*/`
			`const find = (params = {}) => {`
			`return strapi.query('permission', 'admin').find(params, []);`
			`};`

			`/**`
Apply PR feedbacks Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-06-01 11:00:00 +02:00			`* Assign permissions to a role`
Add assign permission Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-28 11:29:59 +02:00			`* @param {string\|int} roleID - role ID`
			`* @param {Array<Permission{action,subject,fields,conditions}>} permissions - permissions to assign to the role`
			`*/`
			`const assign = async (roleID, permissions = []) => {`
refacto Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-06-09 17:45:53 +02:00			`try {`
			`await validatePermissionsExist(permissions);`
			`} catch (err) {`
			`throw strapi.errors.badRequest('ValidationError', err);`
add route GET /admin/permissions Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-06-04 18:30:26 +02:00			`}`
Add assign permission Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-28 11:29:59 +02:00
			`await strapi.query('permission', 'admin').delete({ role: roleID });`

Add domain model for permission Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-28 13:02:06 +02:00			`const permissionsWithRole = permissions.map(permission => {`
			`return createPermission({ ...permission, role: roleID });`
			`});`
Add assign permission Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-28 11:29:59 +02:00
			`const newPermissions = [];`
			`for (const permission of permissionsWithRole) {`
			`const result = await strapi.query('permission', 'admin').create(permission);`
			`newPermissions.push(result);`
			`}`

			`return newPermissions;`
			`};`

add tests + make role decription optional + refacto Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-05-29 11:09:17 +02:00			`module.exports = {`
Add assign permission Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-28 11:29:59 +02:00			`find,`
add tests + make role decription optional + refacto Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-05-29 11:09:17 +02:00			`deleteByRolesIds,`
clean permissions in db at startup Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-06-08 15:13:26 +02:00			`deleteByIds,`
Add assign permission Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> 2020-05-28 11:29:59 +02:00			`assign,`
rename permissions to actions, inverted params of provider.get, separated formatter, add possibility to not specigy pluginName for ::application Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-06-08 11:01:20 +02:00			`provider: actionProvider,`
add tests + make role decription optional + refacto Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-05-29 11:09:17 +02:00			`};`