Skip to content

Commit

Permalink
feat: add user-group permission check
Browse files Browse the repository at this point in the history
  • Loading branch information
@KernelDeimos
KernelDeimos committed Jun 25, 2024
1 parent a29104a commit f112a04
Showing 1 changed file with 31 additions and 0 deletions.
31 changes: 31 additions & 0 deletions packages/backend/src/structured/sequence/check-user-permission.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,37 @@ module.exports = new Sequence([

if ( ! issuer_perm ) continue;

return a.stop(row.extra);
}
},
async function try_user_to_group_permissions (a) {
let sql_perm = permission_options.map((perm) =>

Check failure on line 90 in packages/backend/src/structured/sequence/check-user-permission.js

View workflow job for this annotation

GitHub Actions / build 

'permission_options' is not defined
`\`p.permission\` = ?`).join(' OR ');

if ( permission_options.length > 1 ) {

Check failure on line 93 in packages/backend/src/structured/sequence/check-user-permission.js

View workflow job for this annotation

GitHub Actions / build 

'permission_options' is not defined
sql_perm = '(' + sql_perm + ')';
}
const rows = await db.read(

Check failure on line 96 in packages/backend/src/structured/sequence/check-user-permission.js

View workflow job for this annotation

GitHub Actions / build 

'db' is not defined
'SELECT p.permission, p.user_id, p.extra FROM jct_user_group ug ' +
'JOIN user_to_group_permissions p ON p.group_id = ug.group_id ' +
'WHERE ug.user_id = ? AND ' + sql_perm,
[
actor.type.user.id,

Check failure on line 101 in packages/backend/src/structured/sequence/check-user-permission.js

View workflow job for this annotation

GitHub Actions / build 

'actor' is not defined
...permission_options,

Check failure on line 102 in packages/backend/src/structured/sequence/check-user-permission.js

View workflow job for this annotation

GitHub Actions / build 

'permission_options' is not defined
]
);

for ( const row of rows ) {
const issuer_actor = new Actor({
type: new UserActorType({
user: await get_user({ id: row.user_id }),

Check failure on line 109 in packages/backend/src/structured/sequence/check-user-permission.js

View workflow job for this annotation

GitHub Actions / build 

'get_user' is not defined
}),
});

const issuer_perm = await a.icall('check', issuer_actor, row.permission);

if ( ! issuer_perm ) continue;

return a.stop(row.extra);
}
}
Expand Down

0 comments on commit f112a04

Please sign in to comment.