feat: expose user permissions (#791)

Unleash · Apr 20, 2021 · 332f1c4 · 332f1c4
1 parent b55c857
commit 332f1c4
Show file tree

Hide file tree

Showing 5 changed files with 74 additions and 50 deletions.
diff --git a/src/lib/routes/admin-api/user.js b/src/lib/routes/admin-api/user.js
diff --git a/src/lib/routes/admin-api/user.test.js b/src/lib/routes/admin-api/user.test.js
@@ -12,21 +12,28 @@ const eventBus = new EventEmitter();
 
 const currentUser = new User({ email: 'test@mail.com' });
 
+const fakeAccessService = {
+    getPermissionsForUser: () => [],
+};
+
 function getSetup() {
     const base = `/random${Math.round(Math.random() * 1000)}`;
     const stores = store.createStores();
-    const app = getApp({
-        baseUriPath: base,
-        stores,
-        eventBus,
-        getLogger,
-        preHook: a => {
-            a.use((req, res, next) => {
-                req.user = currentUser;
-                next();
-            });
+    const app = getApp(
+        {
+            baseUriPath: base,
+            stores,
+            eventBus,
+            getLogger,
+            preHook: a => {
+                a.use((req, res, next) => {
+                    req.user = currentUser;
+                    next();
+                });
+            },
         },
-    });
+        { accessService: fakeAccessService },
+    );
 
     return {
         base,
@@ -44,7 +51,7 @@ test('should return current user', t => {
         .expect(200)
         .expect('Content-Type', /json/)
         .expect(res => {
-            t.true(res.body.email === currentUser.email);
+            t.true(res.body.user.email === currentUser.email);
         });
 });
 

diff --git a/src/lib/routes/admin-api/user.ts b/src/lib/routes/admin-api/user.ts
@@ -0,0 +1,52 @@
+'use strict';
+
+import { Response } from 'express';
+import { IUnleashConfig } from '../../types/core';
+import { IAuthRequest } from '../unleash-types';
+import Controller from '../controller';
+import { AccessService } from '../../services/access-service';
+
+interface IService {
+    accessService: AccessService;
+}
+
+class UserController extends Controller {
+    private accessService: AccessService;
+
+    constructor(config: IUnleashConfig, { accessService }: IService) {
+        super(config);
+        this.accessService = accessService;
+
+        this.get('/', this.getUser);
+        this.get('/logout', this.logout);
+    }
+
+    async getUser(req: IAuthRequest, res: Response): Promise<void> {
+        const { user } = req;
+        if (user) {
+            const permissions = await this.accessService.getPermissionsForUser(
+                user,
+            );
+            delete user.permissions; // TODO: remove
+            return res
+                .status(200)
+                .json({ user, permissions })
+                .end();
+        }
+        return res.status(404).end();
+    }
+
+    // Deprecated, use "/logout" instead.  Will be removed in v4.
+    logout(req: IAuthRequest, res: Response): void {
+        if (req.session) {
+            req.session = null;
+        }
+        if (req.logout) {
+            req.logout();
+        }
+        res.redirect(`${this.config.baseUriPath}/`);
+    }
+}
+
+module.exports = UserController;
+export default UserController;
diff --git a/src/lib/routes/unleash-types.ts b/src/lib/routes/unleash-types.ts
@@ -3,4 +3,6 @@ import User from '../user';
 
 export interface IAuthRequest extends Request {
     user: User;
+    logout: () => void;
+    session: any;
 }
diff --git a/src/test/fixtures/fake-access-store.ts b/src/test/fixtures/fake-access-store.ts
@@ -13,7 +13,7 @@ class AccessStoreMock extends AccessStore {
     }
 
     getPermissionsForUser(userId: Number): Promise<IUserPermission[]> {
-        throw new Error('Method not implemented.');
+        return Promise.resolve([]);
     }
 
     getPermissionsForRole(roleId: number): Promise<IUserPermission[]> {