vanja/feishin
1
0
Fork 0
mirror of https://github.com/jeffvli/feishin.git synced 2026-05-07 20:40:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add server permission management

Browse Source
This commit is contained in:
jeffvli
2022-11-14 01:13:54 -08:00
parent 1babcc40ee
commit c54eea4382
16 changed files with 594 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/controllers/servers.controller.ts
+11 -11
View File
@@ -194,7 +194,7 @@ const deleteServerUrl = async (
id: urlId,
});
const success = ApiSuccess.noContent({ data: null });
const success = ApiSuccess.ok({ data: null });
return res.status(success.statusCode).json(getSuccessResponse(success));
};
@@ -209,7 +209,7 @@ const enableServerUrl = async (
serverId,
});
const success = ApiSuccess.noContent({ data: null });
const success = ApiSuccess.ok({ data: null });
return res.status(success.statusCode).json(getSuccessResponse(success));
};
@@ -219,7 +219,7 @@ const disableServerUrl = async (
) => {
await service.servers.disableUrlById(req.authUser);
const success = ApiSuccess.noContent({ data: null });
const success = ApiSuccess.ok({ data: null });
return res.status(success.statusCode).json(getSuccessResponse(success));
};
@@ -231,7 +231,7 @@ const deleteServerFolder = async (
await service.servers.deleteFolderById({ id: folderId });
const success = ApiSuccess.noContent({ data: null });
const success = ApiSuccess.ok({ data: null });
return res.status(success.statusCode).json(getSuccessResponse(success));
};
@@ -243,7 +243,7 @@ const enableServerFolder = async (
await service.servers.enableFolderById({ id: folderId });
const success = ApiSuccess.noContent({ data: null });
const success = ApiSuccess.ok({ data: null });
return res.status(success.statusCode).json(getSuccessResponse(success));
};
@@ -255,7 +255,7 @@ const disableServerFolder = async (
await service.servers.disableFolderById({ id: folderId });
const success = ApiSuccess.noContent({ data: null });
const success = ApiSuccess.ok({ data: null });
return res.status(success.statusCode).json(getSuccessResponse(success));
};
@@ -286,7 +286,7 @@ const deleteServerPermission = async (
id: permissionId,
});
const success = ApiSuccess.noContent({ data: null });
const success = ApiSuccess.ok({ data: null });
return res.status(success.statusCode).json(getSuccessResponse(success));
};
@@ -302,7 +302,7 @@ const updateServerPermission = async (
type,
});
const success = ApiSuccess.noContent({ data: null });
const success = ApiSuccess.ok({ data: null });
return res.status(success.statusCode).json(getSuccessResponse(success));
};
@@ -326,11 +326,11 @@ const deleteServerFolderPermission = async (
req: TypedRequest<typeof validation.servers.deleteServerFolderPermission>,
res: Response
) => {
const { permissionId } = req.params;
const { folderPermissionId } = req.params;
await service.servers.deleteFolderPermission({ id: permissionId });
await service.servers.deleteFolderPermission({ id: folderPermissionId });
const success = ApiSuccess.noContent({ data: null });
const success = ApiSuccess.ok({ data: null });
return res.status(success.statusCode).json(getSuccessResponse(success));
};
server/routes/servers.route.ts
+9 -5
View File
@@ -111,11 +111,13 @@ router
.route('/:serverId/permissions/:permissionId')
.patch(
authenticateServerAdmin,
validateRequest(validation.servers.updateServerPermission)
validateRequest(validation.servers.updateServerPermission),
controller.servers.updateServerPermission
)
.delete(
authenticateServerAdmin,
validateRequest(validation.servers.deleteServerPermission)
validateRequest(validation.servers.deleteServerPermission),
controller.servers.deleteServerPermission
);
router.param('folderId', async (_req, _res, next, folderId) => {
@@ -149,9 +151,11 @@ router
router
.route('/:serverId/folder/:folderId/permissions')
.post(authenticateServerAdmin);
.post(authenticateServerAdmin, controller.servers.addServerFolderPermission);
router
.route('/:serverId/folder/:folderId/permissions/:folderPermissionId')
.patch(authenticateServerAdmin)
.delete(authenticateServerAdmin);
.delete(
authenticateServerAdmin,
controller.servers.deleteServerFolderPermission
);
server/routes/users.route.ts
+1 -5
View File
@@ -13,11 +13,7 @@ export const router: Router = express.Router({ mergeParams: true });
router
.route('/')
.get(
authenticateAdmin,
validateRequest(validation.users.list),
controller.users.getUserList
)
.get(validateRequest(validation.users.list), controller.users.getUserList)
.post(
authenticateAdmin,
validateRequest(validation.users.createUser),
server/services/servers.service.ts
+4 -1
View File
@@ -138,7 +138,10 @@ const findMany = async (user: AuthUser, options?: { enabled?: boolean }) => {
},
// If not admin, only show folders the user has permissions for
{ serverFolderPermissions: { some: { userId: user.id } } },
{ enabled: options?.enabled ? true : undefined },
{
enabled: options?.enabled ? true : undefined,
serverFolderPermissions: { some: { userId: user.id } },
},
],
},
},
server/services/users.service.ts
+10 -4
View File
@@ -11,9 +11,10 @@ import { SortOrder } from '../types/types';
const findById = async (user: AuthUser, options: { id: string }) => {
const { id } = options;
if (!user.isAdmin && user.id !== id) {
throw ApiError.forbidden();
}
// Possibly restrict detail later if additional sensitive user data is added
// if (!user.isAdmin && user.id !== id) {
// throw ApiError.forbidden();
// }
const uniqueUser = await prisma.user.findUnique({
include: {
@@ -33,9 +34,14 @@ const findById = async (user: AuthUser, options: { id: string }) => {
const findMany = async () => {
const users = await prisma.user.findMany({
include: { files: true },
include: {
files: true,
serverFolderPermissions: true,
serverPermissions: true,
},
orderBy: [{ isAdmin: SortOrder.DESC }, { username: SortOrder.ASC }],
});
return users;
};