Ehrenamt/ff-operation-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

populate Admin Rights by Ownership to permission object

Browse source
This commit is contained in:
Julian Krauser 2025-04-08 09:21:57 +02:00
parent d8309af313
commit 03e92ea0d4
3 changed files with 13 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/helpers/jwtHelper.ts
View file

@ -55,7 +55,10 @@ export abstract class JWTHelper {
let rolePermissions = let rolePermissions =
userRoles.length != 0 ? await RolePermissionService.getByRoles(userRoles.map((e) => e.id)) : []; userRoles.length != 0 ? await RolePermissionService.getByRoles(userRoles.map((e) => e.id)) : [];
let rolePermissionStrings = rolePermissions.map((e) => e.permission); let rolePermissionStrings = rolePermissions.map((e) => e.permission);
let permissionObject = PermissionHelper.convertToObject([...userPermissionStrings, ...rolePermissionStrings]); let permissionObject = PermissionHelper.convertToObject(
[...userPermissionStrings, ...rolePermissionStrings],
isOwner
);
let jwtData: JWTToken = { let jwtData: JWTToken = {
userId: id, userId: id,

14
src/helpers/permissionHelper.ts
View file

@ -19,8 +19,8 @@ export default class PermissionHelper {
section: PermissionSection, section: PermissionSection,
module?: PermissionModule module?: PermissionModule
) { ) {
if (type == "admin") return permissions?.admin ?? false; if (type == "admin") return permissions?.admin ?? permissions?.adminByOwner ?? false;
if (permissions?.admin) return true; if (permissions?.admin || permissions?.adminByOwner) return true;
if ( if (
(!module && (!module &&
permissions[section] != undefined && permissions[section] != undefined &&
@ -52,8 +52,8 @@ export default class PermissionHelper {
type: PermissionType | "admin", type: PermissionType | "admin",
section: PermissionSection section: PermissionSection
): boolean { ): boolean {
if (type == "admin") return permissions?.admin ?? false; if (type == "admin") return permissions?.admin ?? permissions?.adminByOwner ?? false;
if (permissions?.admin) return true; if (permissions?.admin || permissions?.adminByOwner) return true;
if ( if (
permissions[section]?.all == "*" || permissions[section]?.all == "*" ||
permissions[section]?.all?.includes(type) || permissions[section]?.all?.includes(type) ||
@ -76,7 +76,7 @@ export default class PermissionHelper {
} }
static canValue(permissions: PermissionObject, key: string, emptyIfAdmin: boolean = false): string { static canValue(permissions: PermissionObject, key: string, emptyIfAdmin: boolean = false): string {
if (emptyIfAdmin && permissions.admin) return ""; if (emptyIfAdmin && (permissions.admin || permissions.adminByOwner)) return "";
return permissions?.additional?.[key] ?? ""; return permissions?.additional?.[key] ?? "";
} }
@ -166,7 +166,7 @@ export default class PermissionHelper {
}; };
} }
static convertToObject(permissions: Array<PermissionString>): PermissionObject { static convertToObject(permissions: Array<PermissionString>, isOwner: boolean = false): PermissionObject {
let isAdmin = permissions.includes("*"); let isAdmin = permissions.includes("*");
let additional: { [key: string]: string } = {}; let additional: { [key: string]: string } = {};
@ -181,6 +181,7 @@ export default class PermissionHelper {
if (isAdmin) { if (isAdmin) {
return { return {
admin: true, admin: true,
adminByOwner: isOwner,
...(Object.keys(additional).length > 0 && { additional }), ...(Object.keys(additional).length > 0 && { additional }),
}; };
} }
@ -230,6 +231,7 @@ export default class PermissionHelper {
} }
return { return {
adminByOwner: isOwner,
...output, ...output,
...(Object.keys(additional).length > 0 && { additional }), ...(Object.keys(additional).length > 0 && { additional }),
}; };

1
src/type/permissionTypes.ts
View file

@ -18,6 +18,7 @@ export type PermissionObject = {
} & { all?: Array<PermissionType> | "*" }; } & { all?: Array<PermissionType> | "*" };
} & { } & {
admin?: boolean; admin?: boolean;
adminByOwner?: boolean;
} & { } & {
additional?: { [key: string]: string }; additional?: { [key: string]: string };
}; };