Init permissions routes

Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com>

packages/strapi-admin/config/routes.json

@@ -146,6 +146,22 @@
         "policies": []
       }
     },
+    {
+      "method": "GET",
+      "path": "/roles/:id/permissions",
+      "handler": "role.getPermissions",
+      "config": {
+        "policies": []
+      }
+    },
+    {
+      "method": "PUT",
+      "path": "/roles/:id/permissions",
+      "handler": "role.updatePermissions",
+      "config": {
+        "policies": []
+      }
+    },
     {
       "method": "GET",
       "path": "/roles/:id",

packages/strapi-admin/controllers/role.js

@@ -3,6 +3,10 @@
 const { validateRoleUpdateInput } = require('../validation/role');
 
 module.exports = {
+  /**
+   * Returns on role by id
+   * @param {KoaContext} ctx - koa context
+   */
   async findOne(ctx) {
     const { id } = ctx.params;
     const role = await strapi.admin.services.role.findOneWithUsersCount({ id });
@@ -15,6 +19,11 @@ module.exports = {
       data: role,
     };
   },
+
+  /**
+   * Returns every roles
+   * @param {KoaContext} ctx - koa context
+   */
   async findAll(ctx) {
     const roles = await strapi.admin.services.role.findAllWithUsersCount();
 
@@ -22,6 +31,11 @@ module.exports = {
       data: roles,
     };
   },
+
+  /**
+   * Updates a role by id
+   * @param {KoaContext} ctx - koa context
+   */
   async update(ctx) {
     const { id } = ctx.params;
 
@@ -43,4 +57,42 @@ module.exports = {
       data: sanitizedRole,
     };
   },
+
+  /**
+   * Returns the permissions assigned to a role
+   * @param {KoaContext} ctx - koa context
+   */
+  async getPermissions(ctx) {
+    const { id } = ctx.params;
+
+    const role = await strapi.admin.services.role.findOne({ id });
+
+    if (!role) {
+      return ctx.notFound('role.notFound');
+    }
+
+    const permissions = await strapi.admin.services.permissions.find({ role: role.id });
+
+    ctx.body = {
+      data: permissions,
+    };
+  },
+
+  /**
+   * Updates the permissions assigned to a role
+   * @param {KoaContext} ctx - koa context
+   */
+  async updatePermissions(ctx) {
+    const { id } = ctx.params;
+
+    const role = await strapi.admin.services.role.findOne({ id });
+
+    if (!role) {
+      return ctx.notFound('role.notFound');
+    }
+
+    ctx.body = {
+      data: [],
+    };
+  },
 };

packages/strapi-admin/services/permissions.js

@@ -0,0 +1,14 @@
+'use strict';
+
+/**
+ * Find assigned permissions in the database
+ * @param params query params to find the permissions
+ * @returns {Promise<array<Object>>}
+ */
+const find = (params = {}) => {
+  return strapi.query('permission', 'admin').find(params, []);
+};
+
+module.exports = {
+  find,
+};

packages/strapi/lib/middlewares/router/utils/routerChecker.js

@@ -30,6 +30,12 @@ module.exports = strapi =>
       controller = strapi.controllers[controllerKey] || strapi.admin.controllers[controllerKey];
     }
 
+    if (!_.isFunction(controller[actionName])) {
+      strapi.stopWithError(
+        `Error creating endpoint ${method} ${endpoint}: handler not found "${controllerKey}.${actionName}"`
+      );
+    }
+
     const action = controller[actionName].bind(controller);
 
     // Retrieve the API's name where the controller is located