Started implementing the roles permissions
This commit is contained in:
Tiago Ribeiro
@@ -3,11 +3,13 @@ import type { NextApiRequest, NextApiResponse } from "next";
|
||||
import { withIronSessionApiRoute } from "iron-session/next";
|
||||
import { sessionOptions } from "@/lib/session";
|
||||
import { getEntities, getEntitiesWithRoles } from "@/utils/entities.be";
|
||||
import { Entity, WithEntities, WithLabeledEntities } from "@/interfaces/entity";
|
||||
import { Entity, EntityWithRoles, WithEntities, WithLabeledEntities } from "@/interfaces/entity";
|
||||
import { v4 } from "uuid";
|
||||
import { mapBy } from "@/utils";
|
||||
import { getEntitiesUsers, getUsers } from "@/utils/users.be";
|
||||
import { getEntitiesUsers, getUser, getUsers } from "@/utils/users.be";
|
||||
import { User } from "@/interfaces/user";
|
||||
import { findAllowedEntities } from "@/utils/permissions";
|
||||
import { RolePermission } from "@/resources/entityPermissions";
|
||||
|
||||
export default withIronSessionApiRoute(handler, sessionOptions);
|
||||
|
||||
@@ -15,33 +17,47 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
|
||||
if (req.method === "GET") return await get(req, res);
|
||||
}
|
||||
|
||||
async function get(req: NextApiRequest, res: NextApiResponse) {
|
||||
if (!req.session.user) {
|
||||
res.status(401).json({ ok: false });
|
||||
return;
|
||||
}
|
||||
const labelUserEntity = (u: User, entities: EntityWithRoles[]) => ({
|
||||
...u, entities: (u.entities || []).map((e) => {
|
||||
const entity = entities.find((x) => x.id === e.id)
|
||||
if (!entity) return e
|
||||
|
||||
const user = req.session.user;
|
||||
const role = entity.roles.find((x) => x.id === e.role)
|
||||
return { id: e.id, label: entity.label, role: e.role, roleLabel: role?.label }
|
||||
})
|
||||
})
|
||||
|
||||
async function get(req: NextApiRequest, res: NextApiResponse) {
|
||||
if (!req.session.user) return res.status(401).json({ ok: false });
|
||||
|
||||
const user = await getUser(req.session.user.id)
|
||||
if (!user) return res.status(401).json({ ok: false });
|
||||
|
||||
const { type } = req.query as { type: string }
|
||||
const entities = await getEntitiesWithRoles(mapBy(user.entities || [], 'id'))
|
||||
|
||||
const entityIDs = mapBy(user.entities || [], 'id')
|
||||
const entities = await getEntitiesWithRoles(entityIDs)
|
||||
|
||||
const isAdmin = ["admin", "developer"].includes(user.type)
|
||||
|
||||
const filter = !type ? undefined : { type }
|
||||
const users = ["admin", "developer"].includes(user.type)
|
||||
const users = isAdmin
|
||||
? await getUsers(filter)
|
||||
: await getEntitiesUsers(mapBy(entities, 'id') as string[], filter)
|
||||
|
||||
const usersWithEntities: WithLabeledEntities<User>[] = users.map((u) => {
|
||||
return {
|
||||
...u, entities: (u.entities || []).map((e) => {
|
||||
const entity = entities.find((x) => x.id === e.id)
|
||||
if (!entity) return e
|
||||
const filteredUsers = users.map((u) => {
|
||||
if (isAdmin) return labelUserEntity(u, entities)
|
||||
if (!isAdmin && ["admin", "developer", "agent"].includes(user.type)) return undefined
|
||||
|
||||
const role = entity.roles.find((x) => x.id === e.role)
|
||||
return { id: e.id, label: entity.label, role: e.role, roleLabel: role?.label }
|
||||
})
|
||||
}
|
||||
})
|
||||
const userEntities = mapBy(u.entities || [], 'id')
|
||||
const sameEntities = entities.filter(e => userEntities.includes(e.id))
|
||||
|
||||
res.status(200).json(usersWithEntities);
|
||||
const permission = `view_${u.type}s` as RolePermission
|
||||
const allowedEntities = findAllowedEntities(user, sameEntities, permission)
|
||||
|
||||
if (allowedEntities.length === 0) return undefined
|
||||
return labelUserEntity(u, allowedEntities)
|
||||
}).filter(x => !!x) as WithLabeledEntities<User>[]
|
||||
|
||||
res.status(200).json(filteredUsers);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user