Skip to content

Commit

Permalink
feat(cms,grpc-sdk,commons): add permission params to createSchema, ed…
Browse files Browse the repository at this point in the history 
…itSchema
  • Loading branch information
@kon14
kon14 committed Jan 3, 2022
1 parent 6eb77a1 commit 58d8d37
Show file tree
Hide file tree
Showing 4 changed files with 55 additions and 18 deletions.
4 changes: 3 additions & 1 deletion libraries/grpc-sdk/src/interfaces/Model.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,13 +31,15 @@ export interface ConduitModel {
| any[]; // removing this caused multiple issues
}

export const ConduitModelOptionsPermModifyType = ['Everything', 'Nothing', 'ExtensionOnly'] as const;

export interface ConduitModelOptions {
timestamps?: boolean;
_id?: boolean;
permissions?: {
extendable: boolean,
canCreate: boolean,
canModify: 'Everything' | 'Nothing' | 'ExtensionOnly',
canModify: typeof ConduitModelOptionsPermModifyType[number],
canDelete: boolean,
},
conduit?: {
Expand Down
16 changes: 14 additions & 2 deletions modules/cms/src/admin/admin.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -129,6 +129,12 @@ export class AdminHandlers {
enabled: ConduitBoolean.Optional, // move inside modelOptions (frontend-compat)
authentication: ConduitBoolean.Optional, // move inside modelOptions (frontend-compat)
crudOperations: ConduitBoolean.Optional, // move inside modelOptions (frontend-compat)
permissions: {
extendable: ConduitBoolean.Optional,
canCreate: ConduitBoolean.Optional,
canModify: ConduitString.Optional,
canDelete: ConduitBoolean.Optional,
},
},
},
new ConduitRouteReturnDefinition('CreateSchema', _DeclaredSchema.getInstance().fields),
Expand All @@ -148,6 +154,12 @@ export class AdminHandlers {
enabled: ConduitBoolean.Optional, // move inside modelOptions (frontend-compat)
authentication: ConduitBoolean.Optional, // move inside modelOptions (frontend-compat)
crudOperations: ConduitBoolean.Optional, // move inside modelOptions (frontend-compat)
permissions: {
extendable: ConduitBoolean.Optional,
canCreate: ConduitBoolean.Optional,
canModify: ConduitString.Optional,
canDelete: ConduitBoolean.Optional,
},
},
},
new ConduitRouteReturnDefinition('EditSchema', _DeclaredSchema.getInstance().fields),
Expand Down Expand Up @@ -221,9 +233,9 @@ export class AdminHandlers {
canCreate: ConduitBoolean.Optional,
canModify: ConduitString.Optional,
canDelete: ConduitBoolean.Optional,
}
},
},
new ConduitRouteReturnDefinition('ToggleSchemas', 'String'),
new ConduitRouteReturnDefinition('SetSchemaPermissions', 'String'),
'setSchemaPerms'
),
// Documents
Expand Down
49 changes: 35 additions & 14 deletions modules/cms/src/admin/schema.admin.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ import ConduitGrpcSdk, {
ParsedRouterRequest,
TYPE,
UnparsedRouterResponse,
ConduitModelOptions,
ConduitModelOptionsPermModifyType,
} from '@quintessential-sft/conduit-grpc-sdk';
import { status } from '@grpc/grpc-js';
import { isNil, merge } from 'lodash';
Expand Down Expand Up @@ -102,6 +104,7 @@ export class SchemaAdmin {
name,
fields,
modelOptions,
permissions,
} = call.request.params;
const enabled = call.request.params.enabled ?? true;
const authentication = call.request.params.authentication ?? false;
Expand All @@ -117,6 +120,11 @@ export class SchemaAdmin {
if (!isNil(errorMessage)) {
throw new GrpcError(status.INVALID_ARGUMENT, errorMessage);
}
if (permissions && permissions.canModify && !(ConduitModelOptionsPermModifyType.includes(permissions.canModify))) {
throw new GrpcError(
status.INVALID_ARGUMENT,
`canModify permission must be one of: ${ConduitModelOptionsPermModifyType.join(', ')}`);
}

const existingSchema = await _DeclaredSchema.getInstance()
.findOne({ name })
Expand All @@ -134,6 +142,8 @@ export class SchemaAdmin {
const schemaOptions = isNil(modelOptions)
? { conduit: { cms: { enabled, authentication, crudOperations } } }
: { ...modelOptions, conduit: { cms: { enabled, authentication, crudOperations } } }
schemaOptions.conduit.permissions = permissions; // database sets missing perms to defaults

return await this.schemaController
.createSchema(
new ConduitSchema(
Expand All @@ -150,6 +160,7 @@ export class SchemaAdmin {
name,
fields,
modelOptions,
permissions,
} = call.request.params;

if (!isNil(name) && name !== '') {
Expand All @@ -171,6 +182,7 @@ export class SchemaAdmin {
throw new GrpcError(status.INTERNAL, errorMessage);
}

this.patchSchemaPerms(requestedSchema, permissions);
requestedSchema.name = name ? name : requestedSchema.name;
requestedSchema.fields = fields ? fields : requestedSchema.fields;
const enabled = call.request.params.enabled ?? requestedSchema.modelOptions.conduit.cms.enabled;
Expand Down Expand Up @@ -416,12 +428,6 @@ export class SchemaAdmin {

async setSchemaPerms(call: ParsedRouterRequest): Promise<UnparsedRouterResponse> {
let { id, extendable, canCreate, canModify, canDelete } = call.request.params;
const canModifyOptions = ['Everything', 'Nothing', 'ExtensionOnly'];
if (canModify && !(canModifyOptions.includes(canModify))) {
throw new GrpcError(
status.INVALID_ARGUMENT,
`canModify permission must be one of: ${canModifyOptions.join(', ')}`);
}

const requestedSchema = await _DeclaredSchema.getInstance().findOne({
ownerModule: 'cms', name: { $nin: CMS_SYSTEM_SCHEMAS },
Expand All @@ -431,14 +437,10 @@ export class SchemaAdmin {
throw new GrpcError(status.NOT_FOUND, 'Schema does not exist');
}

(requestedSchema.modelOptions.conduit as any).permissions.extendable =
extendable ?? (requestedSchema.modelOptions.conduit as any).permissions.extendable;
(requestedSchema.modelOptions.conduit as any).permissions.canCreate =
canCreate ?? (requestedSchema.modelOptions.conduit as any).permissions.canCreate;
(requestedSchema.modelOptions.conduit as any).permissions.canModify =
canModify ?? (requestedSchema.modelOptions.conduit as any).permissions.canModify;
(requestedSchema.modelOptions.conduit as any).permissions.canDelete =
canDelete ?? (requestedSchema.modelOptions.conduit as any).permissions.canDelete;
this.patchSchemaPerms(
requestedSchema,
{ extendable, canCreate, canModify, canDelete },
);

const updatedSchema = await _DeclaredSchema.getInstance().findByIdAndUpdate(
requestedSchema._id,
Expand All @@ -450,4 +452,23 @@ export class SchemaAdmin {

return 'Schema permissions updated successfully';
}

private patchSchemaPerms(
schema: _DeclaredSchema,
perms: ConduitModelOptions['permissions'],
) {
if (perms!.canModify && !(ConduitModelOptionsPermModifyType.includes(perms!.canModify))) {
throw new GrpcError(
status.INVALID_ARGUMENT,
`canModify permission must be one of: ${ConduitModelOptionsPermModifyType.join(', ')}`);
}
(schema.modelOptions.conduit as any).permissions.extendable =
perms!.extendable ?? (schema.modelOptions.conduit as any).permissions.extendable;
(schema.modelOptions.conduit as any).permissions.canCreate =
perms!.canCreate ?? (schema.modelOptions.conduit as any).permissions.canCreate;
(schema.modelOptions.conduit as any).permissions.canModify =
perms!.canModify ?? (schema.modelOptions.conduit as any).permissions.canModify;
(schema.modelOptions.conduit as any).permissions.canDelete =
perms!.canDelete ?? (schema.modelOptions.conduit as any).permissions.canDelete;
}
}
4 changes: 3 additions & 1 deletion packages/commons/src/interfaces/Model.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,13 +31,15 @@ export interface ConduitModel {
| any[]; // removing this caused multiple issues
}

export const ConduitModelOptionsPermModifyType = ['Everything', 'Nothing', 'ExtensionOnly'] as const;

export interface ConduitModelOptions {
timestamps?: boolean;
_id?: boolean;
permissions?: {
extendable: boolean,
canCreate: boolean,
canModify: 'Everything' | 'Nothing' | 'ExtensionOnly',
canModify: typeof ConduitModelOptionsPermModifyType[number],
canDelete: boolean,
},
conduit?: {
Expand Down

0 comments on commit 58d8d37

Please sign in to comment.