diff --git a/server/src/modules/app-permissions/ability/index.ts b/server/src/modules/app-permissions/ability/index.ts index d2e8c263b2..5a03f417d5 100644 --- a/server/src/modules/app-permissions/ability/index.ts +++ b/server/src/modules/app-permissions/ability/index.ts @@ -38,6 +38,10 @@ export class FeatureAbilityFactory extends AbilityFactory FEATURE_KEY.CREATE_PAGE_PERMISSIONS, FEATURE_KEY.UPDATE_PAGE_PERMISSIONS, FEATURE_KEY.DELETE_PAGE_PERMISSIONS, + FEATURE_KEY.FETCH_QUERY_PERMISSIONS, + FEATURE_KEY.CREATE_QUERY_PERMISSIONS, + FEATURE_KEY.UPDATE_QUERY_PERMISSIONS, + FEATURE_KEY.DELETE_QUERY_PERMISSIONS, ], App ); @@ -56,6 +60,10 @@ export class FeatureAbilityFactory extends AbilityFactory FEATURE_KEY.CREATE_PAGE_PERMISSIONS, FEATURE_KEY.UPDATE_PAGE_PERMISSIONS, FEATURE_KEY.DELETE_PAGE_PERMISSIONS, + FEATURE_KEY.FETCH_QUERY_PERMISSIONS, + FEATURE_KEY.CREATE_QUERY_PERMISSIONS, + FEATURE_KEY.UPDATE_QUERY_PERMISSIONS, + FEATURE_KEY.DELETE_QUERY_PERMISSIONS, ], App ); @@ -66,7 +74,15 @@ export class FeatureAbilityFactory extends AbilityFactory isAllAppsViewable || (userAppPermissions?.viewableAppsId?.length && appId && userAppPermissions.viewableAppsId.includes(appId)) ) { - can([FEATURE_KEY.FETCH_USERS, FEATURE_KEY.FETCH_USER_GROUPS, FEATURE_KEY.FETCH_PAGE_PERMISSIONS], App); + can( + [ + FEATURE_KEY.FETCH_USERS, + FEATURE_KEY.FETCH_USER_GROUPS, + FEATURE_KEY.FETCH_PAGE_PERMISSIONS, + FEATURE_KEY.FETCH_QUERY_PERMISSIONS, + ], + App + ); } } } diff --git a/server/src/modules/app-permissions/constants/features.ts b/server/src/modules/app-permissions/constants/features.ts index 6d77625ec5..360b1cf4c9 100644 --- a/server/src/modules/app-permissions/constants/features.ts +++ b/server/src/modules/app-permissions/constants/features.ts @@ -10,5 +10,9 @@ export const FEATURES: FeaturesConfig = { [FEATURE_KEY.CREATE_PAGE_PERMISSIONS]: {}, [FEATURE_KEY.UPDATE_PAGE_PERMISSIONS]: {}, [FEATURE_KEY.DELETE_PAGE_PERMISSIONS]: {}, + [FEATURE_KEY.FETCH_QUERY_PERMISSIONS]: {}, + [FEATURE_KEY.CREATE_QUERY_PERMISSIONS]: {}, + [FEATURE_KEY.UPDATE_QUERY_PERMISSIONS]: {}, + [FEATURE_KEY.DELETE_QUERY_PERMISSIONS]: {}, }, }; diff --git a/server/src/modules/app-permissions/constants/index.ts b/server/src/modules/app-permissions/constants/index.ts index c1d2afe78b..7d9d067af7 100644 --- a/server/src/modules/app-permissions/constants/index.ts +++ b/server/src/modules/app-permissions/constants/index.ts @@ -11,4 +11,8 @@ export enum FEATURE_KEY { CREATE_PAGE_PERMISSIONS = 'create_page_permissions', UPDATE_PAGE_PERMISSIONS = 'update_page_permissions', DELETE_PAGE_PERMISSIONS = 'delete_page_permissions', + FETCH_QUERY_PERMISSIONS = 'fetch_query_permissions', + CREATE_QUERY_PERMISSIONS = 'create_query_permissions', + UPDATE_QUERY_PERMISSIONS = 'update_query_permissions', + DELETE_QUERY_PERMISSIONS = 'delete_query_permissions', } diff --git a/server/src/modules/app-permissions/controller.ts b/server/src/modules/app-permissions/controller.ts index 2d0ccea9ce..aac1e532a1 100644 --- a/server/src/modules/app-permissions/controller.ts +++ b/server/src/modules/app-permissions/controller.ts @@ -8,7 +8,7 @@ import { MODULES } from '@modules/app/constants/modules'; import { InitFeature } from '@modules/app/decorators/init-feature.decorator'; import { FEATURE_KEY } from './constants'; import { JwtAuthGuard } from '@modules/session/guards/jwt-auth.guard'; -import { CreatePagePermissionDto } from './dto'; +import { CreatePagePermissionDto, CreateQueryPermissionDto } from './dto'; @InitModule(MODULES.APP_PERMISSIONS) @UseGuards(JwtAuthGuard, FeatureAbilityGuard) @@ -81,4 +81,50 @@ export class AppPermissionsController implements IAppPermissionsController { ): Promise { throw new NotFoundException(); } + + @InitFeature(FEATURE_KEY.FETCH_QUERY_PERMISSIONS) + @Get(':appId/queries/:queryId') + async fetchQueryPermissions( + @User() user, + @Param('appId') appId: string, + @Param('queryId') queryId: string, + @Res({ passthrough: true }) response: Response + ): Promise { + throw new NotFoundException(); + } + + @InitFeature(FEATURE_KEY.CREATE_QUERY_PERMISSIONS) + @Post(':appId/queries/:queryId') + async createQueryPermissions( + @User() user, + @Param('appId') appId: string, + @Param('queryId') queryId: string, + @Body() body: CreateQueryPermissionDto, + @Res({ passthrough: true }) response: Response + ): Promise { + throw new NotFoundException(); + } + + @InitFeature(FEATURE_KEY.UPDATE_QUERY_PERMISSIONS) + @Put(':appId/queries/:queryId') + async updateQueryPermissions( + @User() user, + @Param('appId') appId: string, + @Param('queryId') queryId: string, + @Body() body: CreateQueryPermissionDto, + @Res({ passthrough: true }) response: Response + ): Promise { + throw new NotFoundException(); + } + + @InitFeature(FEATURE_KEY.DELETE_QUERY_PERMISSIONS) + @Delete(':appId/queries/:queryId') + async deleteQueryPermissions( + @User() user, + @Param('appId') appId: string, + @Param('queryId') queryId: string, + @Res({ passthrough: true }) response: Response + ): Promise { + throw new NotFoundException(); + } } diff --git a/server/src/modules/app-permissions/dto/index.ts b/server/src/modules/app-permissions/dto/index.ts index 20a1bd98b8..ac4a2c8df6 100644 --- a/server/src/modules/app-permissions/dto/index.ts +++ b/server/src/modules/app-permissions/dto/index.ts @@ -24,3 +24,26 @@ export class CreatePagePermissionDto { @Type(() => String) groups?: string[]; } + +export class CreateQueryPermissionDto { + @IsUUID(4) + @IsOptional() + queryId: string; + + @IsEnum(PAGE_PERMISSION_TYPE) + type: PAGE_PERMISSION_TYPE; + + @ValidateIf((o) => o.type === PAGE_PERMISSION_TYPE.SINGLE) + @IsArray() + @IsString({ each: true }) + @IsOptional() + @Type(() => String) + users?: string[]; + + @ValidateIf((o) => o.type === PAGE_PERMISSION_TYPE.GROUP) + @IsArray() + @IsString({ each: true }) + @IsOptional() + @Type(() => String) + groups?: string[]; +} diff --git a/server/src/modules/app-permissions/interfaces/IController.ts b/server/src/modules/app-permissions/interfaces/IController.ts index bfa35aa730..4feb039ca0 100644 --- a/server/src/modules/app-permissions/interfaces/IController.ts +++ b/server/src/modules/app-permissions/interfaces/IController.ts @@ -1,6 +1,6 @@ import { User } from '@entities/user.entity'; import { Response } from 'express'; -import { CreatePagePermissionDto } from '../dto'; +import { CreatePagePermissionDto, CreateQueryPermissionDto } from '../dto'; export interface IAppPermissionsController { fetchUsers(user: User, appId: string, response: Response): Promise; @@ -26,4 +26,24 @@ export interface IAppPermissionsController { ): Promise; deletePagePermissions(user: User, appId: string, pageId: string, response: Response): Promise; + + fetchQueryPermissions(user: User, appId: string, queryId: string, response: Response): Promise; + + createQueryPermissions( + user: User, + appId: string, + queryId: string, + body: CreateQueryPermissionDto, + response: Response + ): Promise; + + updateQueryPermissions( + user: User, + appId: string, + queryId: string, + body: CreateQueryPermissionDto, + response: Response + ): Promise; + + deleteQueryPermissions(user: User, appId: string, queryId: string, response: Response): Promise; } diff --git a/server/src/modules/app-permissions/types/index.ts b/server/src/modules/app-permissions/types/index.ts index 86a41afba1..d377f5a08f 100644 --- a/server/src/modules/app-permissions/types/index.ts +++ b/server/src/modules/app-permissions/types/index.ts @@ -9,6 +9,10 @@ interface Features { [FEATURE_KEY.CREATE_PAGE_PERMISSIONS]: FeatureConfig; [FEATURE_KEY.UPDATE_PAGE_PERMISSIONS]: FeatureConfig; [FEATURE_KEY.DELETE_PAGE_PERMISSIONS]: FeatureConfig; + [FEATURE_KEY.FETCH_QUERY_PERMISSIONS]: FeatureConfig; + [FEATURE_KEY.CREATE_QUERY_PERMISSIONS]: FeatureConfig; + [FEATURE_KEY.UPDATE_QUERY_PERMISSIONS]: FeatureConfig; + [FEATURE_KEY.DELETE_QUERY_PERMISSIONS]: FeatureConfig; } export interface FeaturesConfig {