github/directus
1
0
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-02-05 11:04:55 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
da0b97abd5f7ca69322bf4900cd23cca5139d75b
directus/api/src/controllers/permissions.ts
rijkvanzanten eeedc01c53 Add /utils/revert, use in app 
Fixes #485
2020-10-02 16:20:06 -04:00

123 lines
3.2 KiB
TypeScript
Raw Blame History

import express from 'express';
import asyncHandler from 'express-async-handler';
import { PermissionsService, MetaService } from '../services';
import { clone } from 'lodash';
import { InvalidCredentialsException, ForbiddenException } from '../exceptions';
import useCollection from '../middleware/use-collection';
import { respond } from '../middleware/respond';
const router = express.Router();
router.use(useCollection('directus_permissions'));
router.post(
'/',
asyncHandler(async (req, res, next) => {
const service = new PermissionsService({ accountability: req.accountability });
const primaryKey = await service.create(req.body);
try {
const item = await service.readByKey(primaryKey, req.sanitizedQuery);
res.locals.payload = { data: item || null };
} catch (error) {
if (error instanceof ForbiddenException) {
return next();
}
throw error;
}
return next();
}),
respond
);
router.get(
'/',
asyncHandler(async (req, res, next) => {
const service = new PermissionsService({ accountability: req.accountability });
const metaService = new MetaService({ accountability: req.accountability });
const item = await service.readByQuery(req.sanitizedQuery);
const meta = await metaService.getMetaForQuery('directus_permissions', req.sanitizedQuery);
res.locals.payload = { data: item || null, meta };
return next();
}),
respond
);
router.get(
'/me',
asyncHandler(async (req, res, next) => {
if (!req.accountability?.user || !req.accountability?.role) {
throw new InvalidCredentialsException();
}
const service = new PermissionsService();
const query = clone(req.sanitizedQuery || {});
query.filter = {
...(query.filter || {}),
role: {
_eq: req.accountability.role,
},
};
const items = await service.readByQuery(req.sanitizedQuery);
res.locals.payload = { data: items || null };
return next();
}),
respond
);
router.get(
'/:pk',
asyncHandler(async (req, res, next) => {
if (req.path.endsWith('me')) return next();
const service = new PermissionsService({ accountability: req.accountability });
const primaryKey = req.params.pk.includes(',') ? req.params.pk.split(',') : req.params.pk;
const record = await service.readByKey(primaryKey as any, req.sanitizedQuery);
res.locals.payload = { data: record || null };
return next();
}),
respond
);
router.patch(
'/:pk',
asyncHandler(async (req, res, next) => {
const service = new PermissionsService({ accountability: req.accountability });
const pk = req.params.pk.includes(',') ? req.params.pk.split(',') : req.params.pk;
const primaryKey = await service.update(req.body, pk as any);
try {
const item = await service.readByKey(primaryKey, req.sanitizedQuery);
res.locals.payload = { data: item || null };
} catch (error) {
if (error instanceof ForbiddenException) {
return next();
}
throw error;
}
return next();
}),
respond
);
router.delete(
'/:pk',
asyncHandler(async (req, res, next) => {
const service = new PermissionsService({ accountability: req.accountability });
const pk = req.params.pk.includes(',') ? req.params.pk.split(',') : req.params.pk;
await service.delete(pk as any);
return next();
}),
respond
);
export default router;
Reference in New Issue View Git Blame Copy Permalink