LicenseAPI/Backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added the requiredPermission field to the projects.ts controller

Browse Source
This commit is contained in:
Mathias Wagner 2023-01-22 18:01:41 +01:00
parent f29245a302
commit 305c72814c
Signed by: Mathias
GPG Key ID: B8DC354B0A1F5B44
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/controller/projects.ts
View File

@ -2,8 +2,9 @@ import { IProject, Project } from "@models/Project";
import { encryptClearField } from "@utils/decryption"; import { encryptClearField } from "@utils/decryption";
import { Types } from "mongoose"; import { Types } from "mongoose";
import crypto from "crypto"; import crypto from "crypto";
import { IKeyRole } from "@models/AccessKey";
export const checkProjectAccess = async (userId: string, projectId: string) => { export const checkProjectAccess = (requiredPermission: IKeyRole) => async (userId: string, projectId: string) => {
if (!Types.ObjectId.isValid(projectId)) if (!Types.ObjectId.isValid(projectId))
return { code: 3, message: "Invalid object id provided" }; return { code: 3, message: "Invalid object id provided" };
@ -29,7 +30,7 @@ export const listProjects = async (userId?: string) => {
}; };
export const getProject = async (projectId: string, userId: string) => { export const getProject = async (projectId: string, userId: string) => {
const project = await checkProjectAccess(userId, projectId); const project = await checkProjectAccess(IKeyRole.VIEW)(userId, projectId);
if ("code" in project) return project; if ("code" in project) return project;
return projectMapper(project); return projectMapper(project);
@ -43,7 +44,7 @@ export const createProject = async (name: string, userId: string) => {
}; };
export const deleteProject = async (id: string, userId: string) => { export const deleteProject = async (id: string, userId: string) => {
const project = await checkProjectAccess(userId, id); const project = await checkProjectAccess(IKeyRole.ADMIN)(userId, id);
if ("code" in project) return project; if ("code" in project) return project;
// TODO: Delete all licenses, groups, permissions, .. // TODO: Delete all licenses, groups, permissions, ..
@ -54,7 +55,7 @@ export const deleteProject = async (id: string, userId: string) => {
export const patchProject = async (id: string, userId: string, config: { export const patchProject = async (id: string, userId: string, config: {
name: string, defaults: { licenseKey: string, groups: [], permissions: [], expirationDate: Date } name: string, defaults: { licenseKey: string, groups: [], permissions: [], expirationDate: Date }
}) => { }) => {
const project = await checkProjectAccess(userId, id); const project = await checkProjectAccess(IKeyRole.MANAGE)(userId, id);
if ("code" in project) return project; if ("code" in project) return project;
// TODO: Check if groups & permissions exist // TODO: Check if groups & permissions exist
@ -63,7 +64,7 @@ export const patchProject = async (id: string, userId: string, config: {
}; };
export const regenerateKey = async (id: string, userId: string) => { export const regenerateKey = async (id: string, userId: string) => {
const project = await checkProjectAccess(userId, id); const project = await checkProjectAccess(IKeyRole.MANAGE)(userId, id);
if ("code" in project) return project; if ("code" in project) return project;
await project.updateOne({ validationKey: crypto.randomBytes(24).toString("hex") }); await project.updateOne({ validationKey: crypto.randomBytes(24).toString("hex") });