Merge pull request #88 from directus/permissions-me

Permissions me
2026-01-28 20:17:57 -05:00 · 2020-08-11 09:50:56 -04:00
parent cf3e15b079 e1c7767c2a
commit 99fc83a6b2
4 changed files with 154 additions and 25 deletions
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -1456,11 +1456,6 @@
        }
      }
    },
-    "clone": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/clone/-/clone-1.0.4.tgz",
-      "integrity": "sha1-2jCcwmPfFZlMaIypAheco8fNfH4="
-    },
    "code-point-at": {
      "version": "1.1.0",
      "resolved": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.1.0.tgz",
@@ -1824,6 +1819,13 @@
      "integrity": "sha1-xlYFHpgX2f8I7YgUd/P+QBnz730=",
      "requires": {
        "clone": "^1.0.2"
+      },
+      "dependencies": {
+        "clone": {
+          "version": "1.0.4",
+          "resolved": "https://registry.npmjs.org/clone/-/clone-1.0.4.tgz",
+          "integrity": "sha1-2jCcwmPfFZlMaIypAheco8fNfH4="
+        }
      }
    },
    "define-property": {
@@ -3046,10 +3048,12 @@
      "integrity": "sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw=="
    },
    "grant": {
-      "version": "5.2.0",
-      "resolved": "https://registry.npmjs.org/grant/-/grant-5.2.0.tgz",
-      "integrity": "sha512-XLB6H5CYp/A4+fw7CFBYLA6Q+ayHsZHgUO7+SD+VIgSeQI4wdpW5ZA+vWd2bwlKTccuCWNuEOJBneFuQd/xOUg==",
+      "version": "5.3.0",
+      "resolved": "https://registry.npmjs.org/grant/-/grant-5.3.0.tgz",
+      "integrity": "sha512-beZI6F93qzv+bejv4/WLwrfjK3RoAR0ngK3CI1ZmvDiGfL9d6ttS2hGJAE3cjmTtxZGFLSoM9cCYf/Ys532U2A==",
      "requires": {
+        "cookie": "^0.4.1",
+        "cookie-signature": "^1.1.0",
        "jwk-to-pem": "^2.0.3",
        "jws": "^4.0.0",
        "qs": "^6.9.4",
@@ -3057,6 +3061,18 @@
        "request-oauth": "^1.0.0"
      },
      "dependencies": {
+        "cookie": {
+          "version": "0.4.1",
+          "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.1.tgz",
+          "integrity": "sha512-ZwrFkGJxUR3EIoXtO+yVE69Eb7KlixbaeAWfBQB9vVsNn/o+Yw69gBWSSDK825hQNdN+wF8zELf3dFNl/kxkUA==",
+          "optional": true
+        },
+        "cookie-signature": {
+          "version": "1.1.0",
+          "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.1.0.tgz",
+          "integrity": "sha512-Alvs19Vgq07eunykd3Xy2jF0/qSNv2u7KDbAek9H5liV1UMijbqFs5cycZvv5dVsvseT/U4H8/7/w8Koh35C4A==",
+          "optional": true
+        },
        "qs": {
          "version": "6.9.4",
          "resolved": "https://registry.npmjs.org/qs/-/qs-6.9.4.tgz",
@@ -3796,9 +3812,9 @@
      "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw=="
    },
    "knex": {
-      "version": "0.21.2",
-      "resolved": "https://registry.npmjs.org/knex/-/knex-0.21.2.tgz",
-      "integrity": "sha512-hNp9f3yXCHtMrhV2pVsuCNYmPlgXhyqviMQGLBd9zdF03ZqCO9MPng0oYhNMgIs+vDr55VC6tjEbF1OQ1La7Kg==",
+      "version": "0.21.4",
+      "resolved": "https://registry.npmjs.org/knex/-/knex-0.21.4.tgz",
+      "integrity": "sha512-vUrR4mJBKWJPouV9C7kqvle9cTpiuuzBWqrQXP7bAv+Ua9oeKkEhhorJwArzcjVrVBojZYPMMtNVliW9B00sTA==",
      "requires": {
        "colorette": "1.2.1",
        "commander": "^5.1.0",
@@ -4031,6 +4047,7 @@
      "version": "4.0.0",
      "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-4.0.0.tgz",
      "integrity": "sha512-FN8JBzLx6CzeMrB0tg6pqlGU1wCrXW+ZXGH481kfsBqer0hToTIiHdjH4Mq8xJUbvATujKCvaREGWpGUionraA==",
+      "dev": true,
      "requires": {
        "chalk": "^4.0.0"
      }
@@ -4841,18 +4858,105 @@
      }
    },
    "ora": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/ora/-/ora-4.1.0.tgz",
-      "integrity": "sha512-PhDvXi7I+dLVyFekgqXt0iBDdo5ARzOxJNoj72TysoXkW4/oi1lRaeakr4skciyWgPpk6JPPGwO1V4zPr6YRZA==",
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/ora/-/ora-4.1.1.tgz",
+      "integrity": "sha512-sjYP8QyVWBpBZWD6Vr1M/KwknSw6kJOz41tvGMlwWeClHBtYKTbHMki1PsLZnxKpXMPbTKv9b3pjQu3REib96A==",
      "requires": {
-        "chalk": "^4.1.0",
+        "chalk": "^3.0.0",
        "cli-cursor": "^3.1.0",
-        "cli-spinners": "^2.4.0",
+        "cli-spinners": "^2.2.0",
        "is-interactive": "^1.0.0",
-        "log-symbols": "^4.0.0",
+        "log-symbols": "^3.0.0",
        "mute-stream": "0.0.8",
        "strip-ansi": "^6.0.0",
        "wcwidth": "^1.0.1"
+      },
+      "dependencies": {
+        "ansi-styles": {
+          "version": "4.2.1",
+          "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.2.1.tgz",
+          "integrity": "sha512-9VGjrMsG1vePxcSweQsN20KY/c4zN0h9fLjqAbwbPfahM3t+NL+M9HC8xeXG2I8pX5NoamTGNuomEUFI7fcUjA==",
+          "requires": {
+            "@types/color-name": "^1.1.1",
+            "color-convert": "^2.0.1"
+          }
+        },
+        "chalk": {
+          "version": "3.0.0",
+          "resolved": "https://registry.npmjs.org/chalk/-/chalk-3.0.0.tgz",
+          "integrity": "sha512-4D3B6Wf41KOYRFdszmDqMCGq5VV/uMAB273JILmO+3jAlh8X4qDtdtgCR3fxtbLEMzSx22QdhnDcJvu2u1fVwg==",
+          "requires": {
+            "ansi-styles": "^4.1.0",
+            "supports-color": "^7.1.0"
+          }
+        },
+        "color-convert": {
+          "version": "2.0.1",
+          "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz",
+          "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==",
+          "requires": {
+            "color-name": "~1.1.4"
+          }
+        },
+        "color-name": {
+          "version": "1.1.4",
+          "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
+          "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA=="
+        },
+        "has-flag": {
+          "version": "3.0.0",
+          "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
+          "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0="
+        },
+        "log-symbols": {
+          "version": "3.0.0",
+          "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-3.0.0.tgz",
+          "integrity": "sha512-dSkNGuI7iG3mfvDzUuYZyvk5dD9ocYCYzNU6CYDE6+Xqd+gwme6Z00NS3dUh8mq/73HaEtT7m6W+yUPtU6BZnQ==",
+          "requires": {
+            "chalk": "^2.4.2"
+          },
+          "dependencies": {
+            "ansi-styles": {
+              "version": "3.2.1",
+              "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
+              "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
+              "requires": {
+                "color-convert": "^1.9.0"
+              }
+            },
+            "chalk": {
+              "version": "2.4.2",
+              "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
+              "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
+              "requires": {
+                "ansi-styles": "^3.2.1",
+                "escape-string-regexp": "^1.0.5",
+                "supports-color": "^5.3.0"
+              }
+            },
+            "color-convert": {
+              "version": "1.9.3",
+              "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
+              "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
+              "requires": {
+                "color-name": "1.1.3"
+              }
+            },
+            "color-name": {
+              "version": "1.1.3",
+              "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
+              "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
+            },
+            "supports-color": {
+              "version": "5.5.0",
+              "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
+              "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
+              "requires": {
+                "has-flag": "^3.0.0"
+              }
+            }
+          }
+        }
      }
    },
    "oracledb": {
@@ -5159,9 +5263,9 @@
      }
    },
    "pino-colada": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/pino-colada/-/pino-colada-2.0.1.tgz",
-      "integrity": "sha512-88CrKGs1graJaFqZStm8sdh/L9/b8pUcmg+Ylf8w4oQl6i2dLMDvlk76PhfSEm3yMicFB+RY+T8Dl5IZ039S5w==",
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/pino-colada/-/pino-colada-2.1.0.tgz",
+      "integrity": "sha512-OmYNALP/LDnyQbFya8Pc1DHT7XW3Wh/CpMDHGWoDiRGcSn4tTM/PQUBqSILSNPlUcWFvh9AxRpdHZln5kQSNhw==",
      "dev": true,
      "requires": {
        "chalk": "^3.0.0",
--- a/api/package.json
+++ b/api/package.json
@@ -86,20 +86,20 @@
    "express-pino-logger": "^5.0.0",
    "express-session": "^1.17.1",
    "fs-extra": "^9.0.1",
-    "grant": "^5.2.0",
+    "grant": "^5.3.0",
    "icc": "^2.0.0",
    "inquirer": "^7.3.3",
    "joi": "^17.1.1",
    "js-yaml": "^3.14.0",
    "jsonwebtoken": "^8.5.1",
-    "knex": "^0.21.2",
+    "knex": "^0.21.4",
    "knex-schema-inspector": "0.0.9",
    "liquidjs": "^9.14.1",
    "lodash": "^4.17.19",
    "ms": "^2.1.2",
    "nanoid": "^3.1.12",
    "nodemailer": "^6.4.11",
-    "ora": "^4.0.5",
+    "ora": "^4.1.1",
    "pino": "^6.4.1",
    "resolve-cwd": "^3.0.0",
    "sharp": "^0.25.4",
@@ -141,7 +141,7 @@
    "eslint-plugin-prettier": "^3.1.4",
    "husky": "^4.2.5",
    "lint-staged": "^10.2.11",
-    "pino-colada": "^2.0.1",
+    "pino-colada": "^2.1.0",
    "prettier": "^2.0.5",
    "ts-node": "^8.10.2",
    "ts-node-dev": "^1.0.0-pre.56",
--- a/api/src/middleware/authenticate.ts
+++ b/api/src/middleware/authenticate.ts
@@ -29,7 +29,7 @@ const authenticate: RequestHandler = asyncHandler(async (req, res, next) => {
 			if (err instanceof TokenExpiredError) {
 				throw new InvalidCredentialsException('Token expired.');
 			} else if (err instanceof JsonWebTokenError) {
-				throw new InvalidCredentialsException('Token corrupt.');
+				throw new InvalidCredentialsException('Token invalid.');
 			} else {
 				throw err;
 			}
--- a/api/src/routes/permissions.ts
+++ b/api/src/routes/permissions.ts
@@ -4,6 +4,7 @@ import sanitizeQuery from '../middleware/sanitize-query';
 import PermissionsService from '../services/permissions';
 import useCollection from '../middleware/use-collection';
 import MetaService from '../services/meta';
+import { InvalidCredentialsException } from '../exceptions';

 const router = express.Router();

@@ -34,6 +35,30 @@ router.get(
 	})
 );

+router.get(
+	'/me',
+	sanitizeQuery,
+	asyncHandler(async (req, res) => {
+		if (!req.accountability?.user || !req.accountability?.role) {
+			throw new InvalidCredentialsException();
+		}
+
+		const service = new PermissionsService();
+		const query = req.sanitizedQuery || {};
+
+		query.filter = {
+			...(query.filter || {}),
+			role: {
+				_eq: req.accountability.role
+			}
+		}
+
+		const items = await service.readByQuery(req.sanitizedQuery);
+
+		return res.json({ data: items || null });
+	})
+)
+
 router.get(
 	'/:pk',
 	sanitizeQuery,