Ehrenamt/ff-operation-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

permission additional content

Browse source
This commit is contained in:
Julian Krauser 2025-03-28 11:26:23 +01:00
parent f7faf23269
commit 4aa2d3ba8f
2 changed files with 60 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

50
src/helpers/permissionHelper.ts
View file

@ -4,9 +4,11 @@ import {
permissionModules, permissionModules,
PermissionObject, PermissionObject,
PermissionSection, PermissionSection,
permissionSections,
PermissionString, PermissionString,
PermissionType, PermissionType,
permissionTypes, permissionTypes,
sectionsAndModules,
} from "../type/permissionTypes"; } from "../type/permissionTypes";
import ForbiddenRequestException from "../exceptions/forbiddenRequestException"; import ForbiddenRequestException from "../exceptions/forbiddenRequestException";
@ -73,6 +75,11 @@ export default class PermissionHelper {
}, false); }, false);
} }
static canValue(permissions: PermissionObject, key: string, emptyIfAdmin: boolean = false): string {
if (emptyIfAdmin && permissions.admin) return "";
return permissions?.additional?.[key] ?? "";
}
static passCheckMiddleware( static passCheckMiddleware(
requiredPermissions: PermissionType | "admin", requiredPermissions: PermissionType | "admin",
section: PermissionSection, section: PermissionSection,
@ -160,13 +167,26 @@ export default class PermissionHelper {
} }
static convertToObject(permissions: Array<PermissionString>): PermissionObject { static convertToObject(permissions: Array<PermissionString>): PermissionObject {
if (permissions.includes("*")) { let isAdmin = permissions.includes("*");
let additional: { [key: string]: string } = {};
let additionalPermissions = permissions.map((e) => e.split(".")).filter((e) => e[0] == "additional") as Array<
["additional", string, string]
>;
for (let split of additionalPermissions) {
let module = sectionsAndModules.additional.find((a) => a.key == split[1]);
if (!isAdmin || (isAdmin && !module.emptyIfAdmin)) additional[split[1]] = split[2];
}
if (isAdmin) {
return { return {
admin: true, admin: true,
...(Object.keys(additional).length > 0 && { additional }),
}; };
} }
let output: PermissionObject = {}; let output: PermissionObject = {};
let splitPermissions = permissions.map((e) => e.split(".")) as Array< let splitPermissions = permissions.map((e) => e.split(".")).filter((e) => e[0] != "additional") as Array<
[PermissionSection, PermissionModule | PermissionType | "*", PermissionType | "*"] [PermissionSection, PermissionModule | PermissionType | "*", PermissionType | "*"]
>; >;
for (let split of splitPermissions) { for (let split of splitPermissions) {
@ -208,15 +228,30 @@ export default class PermissionHelper {
} }
} }
} }
return output;
return {
...output,
...(Object.keys(additional).length > 0 && { additional }),
};
} }
static convertToStringArray(permissions: PermissionObject): Array<PermissionString> { static convertToStringArray(permissions: PermissionObject): Array<PermissionString> {
if (permissions?.admin) { let isAdmin = permissions?.admin;
return ["*"];
let additional: Array<PermissionString> = [];
let additionalPermissions = Object.entries(permissions?.additional ?? {});
for (let add of additionalPermissions) {
additional.push(`additional.${add[0]}.${add[1]}`);
} }
if (isAdmin) {
return ["*", ...additional];
}
let output: Array<PermissionString> = []; let output: Array<PermissionString> = [];
let sections = Object.keys(permissions) as Array<PermissionSection>; let sections = Object.keys(permissions).filter((m: PermissionSection) =>
permissionSections.includes(m)
) as Array<PermissionSection>;
for (let section of sections) { for (let section of sections) {
if (permissions[section].all) { if (permissions[section].all) {
let types = permissions[section].all; let types = permissions[section].all;
@ -242,7 +277,8 @@ export default class PermissionHelper {
} }
} }
} }
return output;
return [...output, ...additional];
} }
static getWhatToAdd(before: Array<PermissionString>, after: Array<PermissionString>): Array<PermissionString> { static getWhatToAdd(before: Array<PermissionString>, after: Array<PermissionString>): Array<PermissionString> {

19
src/type/permissionTypes.ts
View file

@ -1,6 +1,6 @@
export type PermissionSection = "operation" | "configuration" | "management"; export type PermissionSection = "operation" | "configuration" | "management";
export type PermissionModule = "mission" | "force" | "vehicle" | "equipment" | "user" | "role" | "backup"; export type PermissionModule = "mission" | "force" | "vehicle" | "equipment" | "user" | "role" | "backup" | "import";
export type PermissionType = "read" | "create" | "update" | "delete"; export type PermissionType = "read" | "create" | "update" | "delete";
@ -9,6 +9,7 @@ export type PermissionString =
| `${PermissionSection}.${PermissionModule}.*` // für alle Berechtigungen in einem Modul | `${PermissionSection}.${PermissionModule}.*` // für alle Berechtigungen in einem Modul
| `${PermissionSection}.${PermissionType}` // für spezifische Berechtigungen in einem Abschnitt | `${PermissionSection}.${PermissionType}` // für spezifische Berechtigungen in einem Abschnitt
| `${PermissionSection}.*` // für alle Berechtigungen in einem Abschnitt | `${PermissionSection}.*` // für alle Berechtigungen in einem Abschnitt
| `additional.${string}.${string}` // additional
| "*"; // für Admin | "*"; // für Admin
export type PermissionObject = { export type PermissionObject = {
@ -17,10 +18,19 @@ export type PermissionObject = {
} & { all?: Array<PermissionType> | "*" }; } & { all?: Array<PermissionType> | "*" };
} & { } & {
admin?: boolean; admin?: boolean;
} & {
additional?: { [key: string]: string };
}; };
export type SectionsAndModulesObject = { export type SectionsAndModulesObject = {
[section in PermissionSection]: Array<PermissionModule>; [section in PermissionSection]: Array<PermissionModule>;
} & {
additional?: Array<{
key: string;
name: string;
type: "number" | "string";
emptyIfAdmin: boolean;
}>;
}; };
export const permissionSections: Array<PermissionSection> = ["operation", "configuration", "management"]; export const permissionSections: Array<PermissionSection> = ["operation", "configuration", "management"];
@ -32,10 +42,15 @@ export const permissionModules: Array<PermissionModule> = [
"user", "user",
"role", "role",
"backup", "backup",
"import",
]; ];
export const permissionTypes: Array<PermissionType> = ["read", "create", "update", "delete"]; export const permissionTypes: Array<PermissionType> = ["read", "create", "update", "delete"];
export const sectionsAndModules: SectionsAndModulesObject = { export const sectionsAndModules: SectionsAndModulesObject = {
operation: ["mission"], operation: ["mission"],
configuration: ["force", "vehicle", "equipment"], configuration: ["force", "vehicle", "equipment"],
management: ["user", "role", "backup"], management: ["user", "role", "backup", "import"],
additional: [
{ key: "maxVisInDays", name: "max Sichtbarkeit in Tagen", type: "number", emptyIfAdmin: true },
{ key: "maxVisByMissions", name: "max Sichtbarkeit an Einsätzen", type: "number", emptyIfAdmin: true },
],
}; };