fd-permission-master-data

 avatar
user_1440039
typescript
22 days ago
5.0 kB
2
Indexable
Never
import { isValidUuid, newUuid } from "@server/fd/fd-toolbox/uuids/uuids";
import { Uuid } from "@server/fd/fd-toolbox/types/uuid";
import { CrudAction, PermissionAction } from "@server/fd/fd-toolbox-core/enums/enums";
import { db, schema } from "@server/ks-app/db/db";
import { eq } from "drizzle-orm";
import { PermissionType } from "@server/fd/fd-toolbox-core/auth/permissions/permission-enums";

const { permission, permissionPackage, permissionPackageToPermission } = schema;

export async function configureResourcePermissions(
    resourceIds: string[],
    resourceToPermissions: Map<string, Map<string, typeof permission.$inferSelect>>,
) {
    const dbPermissions = await db.select().from(permission).execute();

    for (const resourceId of resourceIds) {
        if (!isValidUuid(resourceId)) {
            throw new Error(`Invalid UUID: ${resourceId}`);
        }

        for (const action of getAllPermissionActionList()) {
            let existingPermission = dbPermissions.find(
                (p) => p.resourceId === resourceId && p.action === action,
            );

            if (!existingPermission) {
                const newPermission = {
                    id: newUuid(),
                    resourceId: resourceId,
                    type: PermissionType.Resource,
                    action: action,
                };
                await db.insert(permission).values(newPermission);
                existingPermission = newPermission;
            }

            if (!resourceToPermissions.has(resourceId)) {
                resourceToPermissions.set(resourceId, new Map());
            }
            resourceToPermissions.get(resourceId)!.set(action.toString(), existingPermission);
        }
    }
}

export async function seedPermissionPackageToPermissionIfNotExist(
    permissionPackageId: string,
    permissionIds: string[],
) {
    const dbPermissionPackageToPermissions = await db
        .select()
        .from(permissionPackageToPermission)
        .where(eq(permissionPackageToPermission.permissionPackageId, permissionPackageId))
        .execute();

    for (const permissionId of permissionIds) {
        if (!dbPermissionPackageToPermissions.some((p) => p.permissionId === permissionId)) {
            await db.insert(permissionPackageToPermission).values({
                permissionPackageId: permissionPackageId,
                permissionId: permissionId,
                isForbidden: false,
            });
        }
    }
}

export async function createAndSeedPermissionPackage(id: string, name: string) {
    const existingPackage = await db
        .select()
        .from(permissionPackage)
        .where(eq(permissionPackage.id, id))
        .execute();

    if (existingPackage.length === 0) {
        await db.insert(permissionPackage).values({ id, name });
    } else if (existingPackage[0].name !== name) {
        await db.update(permissionPackage).set({ name }).where(eq(permissionPackage.id, id));
    }
}

export function getAllPermissionActions() {
    return (
        PermissionAction.Create | PermissionAction.Delete | PermissionAction.Update | PermissionAction.View
    );
}

export function getAllPermissionActionList() {
    return [PermissionAction.Delete, PermissionAction.Update, PermissionAction.Create, PermissionAction.View];
}

export function addPermissionIds(
    resourceIds: string[],
    crudActions: PermissionAction,
    permissionIds: Uuid[],
    resourceToPermissions: Map<string, Map<string, typeof permission.$inferSelect>>,
) {
    const actions = convertCrudActionToPermissionAction(crudActions);

    for (const resourceId of resourceIds) {
        const crudActionNamePermissions = resourceToPermissions.get(resourceId);
        if (crudActionNamePermissions) {
            for (const action of actions) {
                const permissionEntry = crudActionNamePermissions.get(action.toString());
                if (permissionEntry) {
                    permissionIds.push(permissionEntry.id);
                }
            }
        }
    }
}

export async function configurePermission(id: string, name: string) {
    const existingPermission = await db.select().from(permission).where(eq(permission.id, id)).execute();

    if (existingPermission.length === 0) {
        await db.insert(permission).values({ id, name });
    } else if (existingPermission[0].name !== name) {
        await db.update(permission).set({ name }).where(eq(permission.id, id));
    }
}

function convertCrudActionToPermissionAction(permissionAction: PermissionAction): CrudAction[] {
    const crudActions: CrudAction[] = [];

    if (permissionAction & PermissionAction.Create) {
        crudActions.push(CrudAction.Create);
    }
    if (permissionAction & PermissionAction.Delete) {
        crudActions.push(CrudAction.Delete);
    }
    if (permissionAction & PermissionAction.Update) {
        crudActions.push(CrudAction.Update);
    }
    if (permissionAction & PermissionAction.View) {
        crudActions.push(CrudAction.View);
    }

    return crudActions;
}
Leave a Comment