import { DeleteResult, EntityManager, InsertResult } from "typeorm"; import { dataSource } from "../../../data-source"; import { apiPermission } from "../../../entity/user/api_permission"; import InternalException from "../../../exceptions/internalException"; import ApiService from "../../../service/user/apiService"; import { CreateApiPermissionCommand, DeleteApiPermissionCommand, UpdateApiPermissionsCommand, } from "./apiPermissionCommand"; import PermissionHelper from "../../../helpers/permissionHelper"; import ApiPermissionService from "../../../service/user/apiPermissionService"; import { PermissionString } from "../../../type/permissionTypes"; export default abstract class ApiPermissionCommandHandler { /** * @description update api permissions * @param {UpdateApiPermissionsCommand} updateApiPermissions * @returns {Promise} */ static async updatePermissions(updateApiPermissions: UpdateApiPermissionsCommand): Promise { let currentPermissions = (await ApiPermissionService.getByApi(updateApiPermissions.apiId)).map((r) => r.permission); return await dataSource.manager .transaction(async (manager) => { let newPermissions = PermissionHelper.getWhatToAdd(currentPermissions, updateApiPermissions.permissions); let removePermissions = PermissionHelper.getWhatToRemove(currentPermissions, updateApiPermissions.permissions); if (newPermissions.length != 0) { await this.updatePermissionsAdd(manager, updateApiPermissions.apiId, newPermissions); } if (removePermissions.length != 0) { await this.updatePermissionsRemove(manager, updateApiPermissions.apiId, removePermissions); } }) .then(() => {}) .catch((err) => { throw new InternalException("Failed saving api permissions", err); }); } private static async updatePermissionsAdd( manager: EntityManager, apiId: number, permissions: Array ): Promise { return await manager .createQueryBuilder() .insert() .into(apiPermission) .values( permissions.map((p) => ({ permission: p, apiId: apiId, })) ) .orIgnore() .execute(); } private static async updatePermissionsRemove( manager: EntityManager, apiId: number, permissions: Array ): Promise { return await manager .createQueryBuilder() .delete() .from(apiPermission) .where("apiId = :id", { id: apiId }) .andWhere("permission IN (:...permission)", { permission: permissions }) .execute(); } /** * @description grant permission to user * @param {CreateApiPermissionCommand} createPermission * @returns {Promise} */ static async create(createPermission: CreateApiPermissionCommand): Promise { return await dataSource .createQueryBuilder() .insert() .into(apiPermission) .values({ permission: createPermission.permission, apiId: createPermission.apiId, }) .execute() .then((result) => { return result.identifiers[0].id; }) .catch((err) => { throw new InternalException("Failed saving api permission", err); }); } /** * @description remove permission from api * @param {DeleteApiPermissionCommand} deletePermission * @returns {Promise} */ static async delete(deletePermission: DeleteApiPermissionCommand): Promise { return await dataSource .createQueryBuilder() .delete() .from(apiPermission) .where("apiId = :id", { id: deletePermission.apiId }) .andWhere("permission = :permission", { permission: deletePermission.permission }) .execute() .then(() => {}) .catch((err) => { throw new InternalException("failed api permission removal", err); }); } }