mirror of
https://github.com/strapi/strapi.git
synced 2025-10-30 17:37:26 +00:00
52 lines
1.3 KiB
JavaScript
52 lines
1.3 KiB
JavaScript
'use strict';
|
|
|
|
const { validateCheckPermissionsInput } = require('../validation/permission');
|
|
const { getService } = require('../utils');
|
|
const { formatConditions } = require('./formatters');
|
|
|
|
module.exports = {
|
|
/**
|
|
* Check each permissions from `request.body.permissions` and returns an array of booleans
|
|
* @param {KoaContext} ctx - koa context
|
|
*/
|
|
async check(ctx) {
|
|
const { body: input } = ctx.request;
|
|
const { userAbility } = ctx.state;
|
|
|
|
try {
|
|
await validateCheckPermissionsInput(input);
|
|
} catch (err) {
|
|
return ctx.badRequest('ValidationError', err);
|
|
}
|
|
|
|
const { engine } = getService('permission');
|
|
|
|
const checkPermissionsFn = engine.checkMany(userAbility);
|
|
|
|
ctx.body = {
|
|
data: checkPermissionsFn(input.permissions),
|
|
};
|
|
},
|
|
|
|
/**
|
|
* Returns every permissions, in nested format
|
|
* @param {KoaContext} ctx - koa context
|
|
*/
|
|
async getAll(ctx) {
|
|
const { role: roleId } = ctx.query;
|
|
|
|
const { sectionsBuilder, conditionProvider } = getService('permission');
|
|
|
|
const actions = await getService('action').getAllowedActionsForRole(roleId);
|
|
const conditions = conditionProvider.values();
|
|
const sections = await sectionsBuilder.build(actions);
|
|
|
|
ctx.body = {
|
|
data: {
|
|
conditions: formatConditions(conditions),
|
|
sections,
|
|
},
|
|
};
|
|
},
|
|
};
|