import { Request, Response } from "express"; import { PermissionModule, permissionModules, PermissionObject, PermissionSection, PermissionString, PermissionType, permissionTypes, } from "../type/permissionTypes"; import ForbiddenRequestException from "../exceptions/forbiddenRequestException"; export default class PermissionHelper { static passCheckMiddleware( section: PermissionSection, module: PermissionModule, requiredPermissions: Array | "*" ): (req: Request, res: Response, next: Function) => void { return (req: Request, res: Response, next: Function) => { const permissions = req.rights; if (permissions.admin) { next(); } else if (permissions?.[section]?.all) { next(); } else if (permissions?.[section]?.all) { next(); } else if (permissions?.[section]?.[module] == "*") { next(); } else if ( (permissions?.[section]?.[module] as Array).some((e: PermissionType) => requiredPermissions.includes(e) ) ) { next(); } else { throw new ForbiddenRequestException( `missing permission for ${section}.${module}.${ Array.isArray(requiredPermissions) ? requiredPermissions.join("|") : requiredPermissions }` ); } }; } static convertToObject(permissions: Array): PermissionObject { if (permissions.includes("*")) { return { admin: true, }; } let output: PermissionObject = {}; let splitPermissions = permissions.map((e) => e.split(".")) as Array< [PermissionSection, PermissionModule | PermissionType | "*", PermissionType | "*"] >; for (let split of splitPermissions) { if (!output[split[0]]) { output[split[0]] = {}; } if (split[1] == "*" || output[split[0]].all == "*") { output[split[0]] = { all: "*" }; } else if (permissionTypes.includes(split[1] as PermissionType)) { if (!output[split[0]].all || !Array.isArray(output[split[0]].all)) { output[split[0]].all = []; } const permissionIndex = permissionTypes.indexOf(split[1] as PermissionType); const appliedPermissions = permissionTypes.slice(0, permissionIndex + 1); output[split[0]].all = appliedPermissions; } else { if (split[2] == "*" || output[split[0]][split[1] as PermissionModule] == "*") { output[split[0]][split[1] as PermissionModule] = "*"; } else { if ( !output[split[0]][split[1] as PermissionModule] || !Array.isArray(output[split[0]][split[1] as PermissionModule]) ) { output[split[0]][split[1] as PermissionModule] = []; } const permissionIndex = permissionTypes.indexOf(split[2] as PermissionType); const appliedPermissions = permissionTypes.slice(0, permissionIndex + 1); output[split[0]][split[1] as PermissionModule] = appliedPermissions; } } } return output; } static convertToStringArray(permissions: PermissionObject): Array { if (permissions.admin) { return ["*"]; } let output: Array = []; let sections = Object.keys(permissions) as Array; for (let section of sections) { if (permissions[section].all) { let types = permissions[section].all; if (types == "*") { output.push(`${section}.*`); } else { for (let type of types) { output.push(`${section}.${type}`); } } } else { let modules = Object.keys(permissions[section]) as Array; for (let module of modules) { let types = permissions[section][module]; if (types == "*") { output.push(`${section}.${module}.*`); } else { for (let type of types) { output.push(`${section}.${module}.${type}`); } } } } } return output; } static getWhatToAdd() {} static getWhatToRemove() {} }