Skip to content
This repository has been archived by the owner on Apr 19, 2023. It is now read-only.

Commit

Permalink
♻️ Use new authorization helper in user.ts
Browse files Browse the repository at this point in the history
  • Loading branch information
@AnandChowdhary
AnandChowdhary committed Sep 2, 2020
1 parent 3b777d7 commit 905e018
Show file tree
Hide file tree
Showing 2 changed files with 417 additions and 270 deletions.
13 changes: 8 additions & 5 deletions src/_staart/helpers/authorization.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,10 @@ import { join } from "path";
export enum Acts {
READ = "read:",
WRITE = "write:",
DELETE_MEMBERSHIP = "delete:membership",
DELETE = "delete",
}
export const BaseScopesUser = {
BASIC: "users/basic",
INFO: "users/info",
ACCESS_TOKENS: "users/access-tokens",
EMAILS: "users/emails",
IDENTITIES: "users/identities",
Expand All @@ -35,7 +35,7 @@ export const BaseScopesUser = {
SESSIONS: "users/sessions",
};
export const BaseScopesGroup = {
BASIC: "groups/basic",
INFO: "groups/info",
API_KEYS: "groups/api-keys",
BILLING: "groups/billing",
DOMAINS: "groups/domains",
Expand All @@ -53,18 +53,21 @@ const getPolicyForUser = async (userId: number) => {
policy += `p, user-${userId}, user-${userId}, ${Acts.READ}${scope}\n`;
policy += `p, user-${userId}, user-${userId}, ${Acts.WRITE}${scope}\n`;
});
policy += `p, user-${userId}, user-${userId}, ${Acts.DELETE}\n`;
const memberships = await prisma.memberships.findMany({
where: { userId },
});
for await (const membership of memberships) {
policy += `p, user-${userId}, membership-${membership.id}, ${Acts.DELETE_MEMBERSHIP} \n`;
policy += `p, user-${userId}, membership-${membership.id}, ${Acts.READ}\n`;
policy += `p, user-${userId}, membership-${membership.id}, ${Acts.WRITE}\n`;
policy += `p, user-${userId}, membership-${membership.id}, ${Acts.DELETE}\n`;
if (membership.role === "ADMIN" || membership.role === "OWNER") {
const groupMemberships = await prisma.memberships.findMany({
where: { groupId: membership.groupId },
});
groupMemberships.forEach((groupMembership) => {
if (groupMembership.role !== "OWNER")
policy += `p, user-${userId}, membership-${groupMembership.id}, ${Acts.DELETE_MEMBERSHIP} \n`;
policy += `p, user-${userId}, membership-${groupMembership.id}, ${Acts.DELETE}\n`;
});
}
Object.values(ScopesGroup).forEach((scope) => {
Expand Down
Loading

0 comments on commit 905e018

Please sign in to comment.