feat: expose user permissions (#791)

src/lib/routes/admin-api/user.js

@@ -1,37 +0,0 @@
-'use strict';
-
-const Controller = require('../controller');
-
-class UserController extends Controller {
-    constructor(config) {
-        super(config);
-        this.logger = config.getLogger('admin-api/user.js');
-        this.get('/', this.getUser);
-        this.get('/logout', this.logout);
-    }
-
-    getUser(req, res) {
-        if (req.user) {
-            const user = { ...req.user };
-            delete user.permissions; // TODO: remove
-            return res
-                .status(200)
-                .json(user)
-                .end();
-        }
-        return res.status(404).end();
-    }
-
-    // Deprecated, use "/logout" instead.  Will be removed in v4.
-    logout(req, res) {
-        if (req.session) {
-            req.session = null;
-        }
-        if (req.logout) {
-            req.logout();
-        }
-        res.redirect(`${this.config.baseUriPath}/`);
-    }
-}
-
-module.exports = UserController;

src/lib/routes/admin-api/user.test.js

@@ -12,21 +12,28 @@ const eventBus = new EventEmitter();
 
 const currentUser = new User({ email: 'test@mail.com' });
 
+const fakeAccessService = {
+    getPermissionsForUser: () => [],
+};
+
 function getSetup() {
     const base = `/random${Math.round(Math.random() * 1000)}`;
     const stores = store.createStores();
-    const app = getApp({
+    const app = getApp(
-        baseUriPath: base,
+        {
-        stores,
+            baseUriPath: base,
-        eventBus,
+            stores,
-        getLogger,
+            eventBus,
-        preHook: a => {
+            getLogger,
-            a.use((req, res, next) => {
+            preHook: a => {
-                req.user = currentUser;
+                a.use((req, res, next) => {
-                next();
+                    req.user = currentUser;
-            });
+                    next();
+                });
+            },
         },
-    });
+        { accessService: fakeAccessService },
+    );
 
     return {
         base,
@@ -44,7 +51,7 @@ test('should return current user', t => {
         .expect(200)
         .expect('Content-Type', /json/)
         .expect(res => {
-            t.true(res.body.email === currentUser.email);
+            t.true(res.body.user.email === currentUser.email);
         });
 });
 

src/lib/routes/admin-api/user.ts

@@ -0,0 +1,52 @@
+'use strict';
+
+import { Response } from 'express';
+import { IUnleashConfig } from '../../types/core';
+import { IAuthRequest } from '../unleash-types';
+import Controller from '../controller';
+import { AccessService } from '../../services/access-service';
+
+interface IService {
+    accessService: AccessService;
+}
+
+class UserController extends Controller {
+    private accessService: AccessService;
+
+    constructor(config: IUnleashConfig, { accessService }: IService) {
+        super(config);
+        this.accessService = accessService;
+
+        this.get('/', this.getUser);
+        this.get('/logout', this.logout);
+    }
+
+    async getUser(req: IAuthRequest, res: Response): Promise<void> {
+        const { user } = req;
+        if (user) {
+            const permissions = await this.accessService.getPermissionsForUser(
+                user,
+            );
+            delete user.permissions; // TODO: remove
+            return res
+                .status(200)
+                .json({ user, permissions })
+                .end();
+        }
+        return res.status(404).end();
+    }
+
+    // Deprecated, use "/logout" instead.  Will be removed in v4.
+    logout(req: IAuthRequest, res: Response): void {
+        if (req.session) {
+            req.session = null;
+        }
+        if (req.logout) {
+            req.logout();
+        }
+        res.redirect(`${this.config.baseUriPath}/`);
+    }
+}
+
+module.exports = UserController;
+export default UserController;

src/lib/routes/unleash-types.ts

@@ -3,4 +3,6 @@ import User from '../user';
 
 export interface IAuthRequest extends Request {
     user: User;
+    logout: () => void;
+    session: any;
 }

src/test/fixtures/fake-access-store.ts

@@ -13,7 +13,7 @@ class AccessStoreMock extends AccessStore {
     }
 
     getPermissionsForUser(userId: Number): Promise<IUserPermission[]> {
-        throw new Error('Method not implemented.');
+        return Promise.resolve([]);
     }
 
     getPermissionsForRole(roleId: number): Promise<IUserPermission[]> {