WiP on permissions
Table of shares per user
This commit is contained in:
Tomas Bures
parent
89c9615592
commit
89256d62bd
20 changed files with 354 additions and 171 deletions
|
|
@ -8,7 +8,7 @@ const router = require('../../lib/router-async').create();
|
|||
|
||||
|
||||
router.getAsync('/account', passport.loggedIn, async (req, res) => {
|
||||
const user = await users.getByIdNoPerms(req.user.id);
|
||||
const user = await users.getById(null, req.user.id);
|
||||
user.hash = users.hash(user);
|
||||
return res.json(user);
|
||||
});
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ router.postAsync('/reports-table', passport.loggedIn, async (req, res) => {
|
|||
router.postAsync('/report-start/:id', passport.loggedIn, passport.csrfProtection, async (req, res) => {
|
||||
await shares.enforceEntityPermission(req.context, 'report', req.params.id, 'execute');
|
||||
|
||||
const report = await reports.getByIdWithTemplateNoPerms(req.params.id);
|
||||
const report = await reports.getByIdWithTemplate(null, req.params.id);
|
||||
await shares.enforceEntityPermission(req.context, 'reportTemplate', report.report_template, 'execute');
|
||||
|
||||
await reportProcessor.start(req.params.id);
|
||||
|
|
@ -51,7 +51,7 @@ router.postAsync('/report-start/:id', passport.loggedIn, passport.csrfProtection
|
|||
router.postAsync('/report-stop/:id', async (req, res) => {
|
||||
await shares.enforceEntityPermission(req.context, 'report', req.params.id, 'execute');
|
||||
|
||||
const report = await reports.getByIdWithTemplateNoPerms(req.params.id);
|
||||
const report = await reports.getByIdWithTemplate(null, req.params.id);
|
||||
await shares.enforceEntityPermission(req.context, 'reportTemplate', report.report_template, 'execute');
|
||||
|
||||
await reportProcessor.stop(req.params.id);
|
||||
|
|
@ -61,14 +61,14 @@ router.postAsync('/report-stop/:id', async (req, res) => {
|
|||
router.getAsync('/report-content/:id', async (req, res) => {
|
||||
await shares.enforceEntityPermission(req.context, 'report', req.params.id, 'viewContent');
|
||||
|
||||
const report = await reports.getByIdWithTemplateNoPerms(req.params.id);
|
||||
const report = await reports.getByIdWithTemplate(null, req.params.id);
|
||||
res.sendFile(fileHelpers.getReportContentFile(report));
|
||||
});
|
||||
|
||||
router.getAsync('/report-output/:id', async (req, res) => {
|
||||
await shares.enforceEntityPermission(req.context, 'report', req.params.id, 'viewOutput');
|
||||
|
||||
const report = await reports.getByIdWithTemplateNoPerms(req.params.id);
|
||||
const report = await reports.getByIdWithTemplate(null, req.params.id);
|
||||
res.sendFile(fileHelpers.getReportOutputFile(report));
|
||||
});
|
||||
|
||||
|
|
|
|||
|
|
@ -3,18 +3,26 @@
|
|||
const passport = require('../../lib/passport');
|
||||
const _ = require('../../lib/translate')._;
|
||||
const shares = require('../../models/shares');
|
||||
const permissions = require('../../lib/permissions')
|
||||
const permissions = require('../../lib/permissions');
|
||||
|
||||
const router = require('../../lib/router-async').create();
|
||||
|
||||
router.postAsync('/shares-table/:entityTypeId/:entityId', passport.loggedIn, async (req, res) => {
|
||||
return res.json(await shares.listDTAjax(req.context, req.params.entityTypeId, req.params.entityId, req.body));
|
||||
router.postAsync('/shares-table-by-entity/:entityTypeId/:entityId', passport.loggedIn, async (req, res) => {
|
||||
return res.json(await shares.listByEntityDTAjax(req.context, req.params.entityTypeId, req.params.entityId, req.body));
|
||||
});
|
||||
|
||||
router.postAsync('/shares-users-table/:entityTypeId/:entityId', passport.loggedIn, async (req, res) => {
|
||||
router.postAsync('/shares-table-by-user/:entityTypeId/:userId', passport.loggedIn, async (req, res) => {
|
||||
return res.json(await shares.listByUserDTAjax(req.context, req.params.entityTypeId, req.params.userId, req.body));
|
||||
});
|
||||
|
||||
router.postAsync('/shares-unassigned-users-table/:entityTypeId/:entityId', passport.loggedIn, async (req, res) => {
|
||||
return res.json(await shares.listUnassignedUsersDTAjax(req.context, req.params.entityTypeId, req.params.entityId, req.body));
|
||||
});
|
||||
|
||||
router.postAsync('/shares-roles-table/:entityTypeId', passport.loggedIn, async (req, res) => {
|
||||
return res.json(await shares.listRolesDTAjax(req.context, req.params.entityTypeId, req.body));
|
||||
});
|
||||
|
||||
router.putAsync('/shares', passport.loggedIn, async (req, res) => {
|
||||
const body = req.body;
|
||||
await shares.assign(req.context, body.entityTypeId, body.entityId, body.userId, body.role);
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ router.getAsync('/users/:userId', passport.loggedIn, async (req, res) => {
|
|||
});
|
||||
|
||||
router.postAsync('/users', passport.loggedIn, passport.csrfProtection, async (req, res) => {
|
||||
await users.create(req.body);
|
||||
await users.create(req.context, req.body);
|
||||
return res.json();
|
||||
});
|
||||
|
||||
|
|
@ -24,7 +24,7 @@ router.putAsync('/users/:userId', passport.loggedIn, passport.csrfProtection, as
|
|||
const user = req.body;
|
||||
user.id = parseInt(req.params.userId);
|
||||
|
||||
await users.updateWithConsistencyCheck(user);
|
||||
await users.updateWithConsistencyCheck(req.context, user);
|
||||
return res.json();
|
||||
});
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue