github/directus
1
1
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-04-25 03:00:53 -04:00
Code Issues Packages Projects Releases Wiki Activity

System permissions for app access (#4004)

Browse Source 
* Pass relations through schema, instead of individual reads

* Fetch field transforms upfront

* Fix length check

* List if user has app access or not in accountability

* Load permissions up front, merge app access minimal permissions

* Show app access required permissions in permissions overview

* Show system minimal permissions in permissions detail

* Fix app access check in authenticate for jwt use

* Fix minimal permissions for presets

* Remove /permissions/me in favor of root use w/ permissions

* Fix logical nested OR in an AND

* Use root permissions endpoint with filter instead of /me

* Allow filter query on /permissions

* Add system minimal app access permissions into result of /permissions

* Remove stray console log

* Remove stray console.dir

* Set current role as role for minimal permissions

* Fix no-permissions state for user detail

* Add filter items function that allows altering existing result set
This commit is contained in:
Rijk van Zanten
2021-02-11 12:50:56 -05:00
committed by GitHub
parent 8c1402fb88
commit b7d87e581a
55 changed files with 897 additions and 524 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
api/src/services/specifications.ts
View File

@@ -62,6 +62,7 @@ interface SpecificationSubService {
class OASService implements SpecificationSubService {
accountability: Accountability | null;
knex: Knex;
schema: SchemaOverview;
fieldsService: FieldsService;
collectionsService: CollectionsService;
@@ -81,6 +82,7 @@ class OASService implements SpecificationSubService {
) {
this.accountability = options.accountability || null;
this.knex = options.knex || database;
this.schema = options.schema;
this.fieldsService = fieldsService;
this.collectionsService = collectionsService;
@@ -91,10 +93,7 @@ class OASService implements SpecificationSubService {
const collections = await this.collectionsService.readByQuery();
const fields = await this.fieldsService.readAll();
const relations = (await this.relationsService.readByQuery({})) as Relation[];
const permissions: Permission[] = await this.knex
.select('*')
.from('directus_permissions')
.where({ role: this.accountability?.role || null });
const permissions = this.schema.permissions;
const tags = await this.generateTags(collections);
const paths = await this.generatePaths(permissions, tags);
@@ -104,7 +103,8 @@ class OASService implements SpecificationSubService {
openapi: '3.0.1',
info: {
title: 'Dynamic API Specification',
description: 'This is a dynamicly generated API specification for all endpoints existing on the current .',
description:
'This is a dynamically generated API specification for all endpoints existing on the current project.',
version: version,
},
servers: [