feat: Add ability to provide permissions when creating a role and rename environmentName to name in the list permissions datastructure

2025-02-19 00:15:43 +01:00 · 2021-12-13 13:16:41 +02:00 · 2021-12-13 13:16:41 +02:00 · 9d4f542f85
commit 9d4f542f85
parent cb02ae9c92
5 changed files with 59 additions and 8 deletions
--- a/src/lib/db/access-store.ts
+++ b/src/lib/db/access-store.ts
@ -113,7 +113,7 @@ export class AccessStore implements IAccessStore {
            Array.from(rawEnvironments).map(
                ([environmentName, environmentPermissions]) => {
                    return {
-                        environmentName: environmentName,
+                        name: environmentName,
                        permissions: environmentPermissions.map(
                            this.mapPermission,
                        ),
@ -264,6 +264,19 @@ export class AccessStore implements IAccessStore {
        };
    }

+    async addEnvironmentPermissionsToRole(
+        role_id: number,
+        permissions: IPermission[],
+    ): Promise<void> {
+        const rows = permissions.map((x) => {
+            return {
+                role_id,
+                permission_id: x.id,
+            };
+        });
+        this.db.batchInsert(T.ROLE_PERMISSION, rows);
+    }
+
    async addPermissionsToRole(
        role_id: number,
        permissions: string[],
--- a/src/lib/services/role-service.ts
+++ b/src/lib/services/role-service.ts
@ -1,20 +1,34 @@
 import { IUnleashConfig } from 'lib/server-impl';
 import { IUnleashStores } from 'lib/types';
-import { ICustomRole } from 'lib/types/model';
-import { ICustomRoleInsert, IRoleStore } from 'lib/types/stores/role-store';
+import { ICustomRole, IPermission } from 'lib/types/model';
+import { IAccessStore } from 'lib/types/stores/access-store';
+import { IRoleStore } from 'lib/types/stores/role-store';
 import { Logger } from '../logger';

+interface IRoleCreation {
+    name: string;
+    description: string;
+    roleType: string;
+    permissions?: IPermission[];
+}
+
 export default class RoleService {
    private logger: Logger;

    private store: IRoleStore;

+    private accessStore: IAccessStore;
+
    constructor(
-        { roleStore }: Pick<IUnleashStores, 'roleStore'>,
+        {
+            roleStore,
+            accessStore,
+        }: Pick<IUnleashStores, 'roleStore' | 'accessStore'>,
        { getLogger }: Pick<IUnleashConfig, 'getLogger'>,
    ) {
        this.logger = getLogger('lib/services/session-service.ts');
        this.store = roleStore;
+        this.accessStore = accessStore;
    }

    async getAll(): Promise<ICustomRole[]> {
@ -25,8 +39,21 @@ export default class RoleService {
        return this.store.get(id);
    }

-    async create(role: ICustomRoleInsert): Promise<ICustomRole> {
-        return this.store.create(role);
+    async create(role: IRoleCreation): Promise<ICustomRole> {
+        const baseRole = {
+            name: role.name,
+            description: role.description,
+            roleType: role.roleType,
+        };
+        const permissions = role.permissions;
+        const newRole = await this.store.create(baseRole);
+        if (permissions) {
+            this.accessStore.addEnvironmentPermissionsToRole(
+                newRole.id,
+                permissions,
+            );
+        }
+        return newRole;
    }

    async delete(id: number): Promise<void> {
--- a/src/lib/types/model.ts
+++ b/src/lib/types/model.ts
@ -227,7 +227,7 @@ export interface IPermission {
 }

 export interface IEnvironmentPermission {
-    environmentName: string;
+    name: string;
    permissions: IPermission[];
 }

--- a/src/lib/types/stores/access-store.ts
+++ b/src/lib/types/stores/access-store.ts
@ -1,4 +1,4 @@
-import { IAvailablePermissions } from '../model';
+import { IAvailablePermissions, IPermission } from '../model';
 import { Store } from './store';

 export interface IUserPermission {
@ -28,6 +28,10 @@ export interface IAccessStore extends Store<IRole, number> {
    removeRolesForProject(projectId: string): Promise<void>;
    getRolesForUserId(userId: number): Promise<IRole[]>;
    getUserIdsForRole(roleId: number): Promise<number[]>;
+    addEnvironmentPermissionsToRole(
+        role_id: number,
+        permissions: IPermission[],
+    ): Promise<void>;
    setupPermissionsForEnvironment(
        environmentName: string,
        permissions: string[],
--- a/src/test/fixtures/fake-access-store.ts
+++ b/src/test/fixtures/fake-access-store.ts
@ -9,6 +9,13 @@ import {
 import { IAvailablePermissions, IPermission } from 'lib/types/model';

 class AccessStoreMock implements IAccessStore {
+    addEnvironmentPermissionsToRole(
+        role_id: number,
+        permissions: IPermission[],
+    ): Promise<void> {
+        throw new Error('Method not implemented.');
+    }
+
    setupPermissionsForEnvironment(
        environmentName: string,
        permissions: string[],