@grouparoo/core/dist/models/Permission.js

The Grouparoo Core

"use strict";
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
    return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var Permission_1;
Object.defineProperty(exports, "__esModule", { value: true });
exports.Permission = exports.PermissionTopics = void 0;
const sequelize_typescript_1 = require("sequelize-typescript");
const Team_1 = require("./Team");
const ApiKey_1 = require("./ApiKey");
const lockableHelper_1 = require("../modules/lockableHelper");
const commonModel_1 = require("../classes/commonModel");
exports.PermissionTopics = [
    "apiKey",
    "app",
    "destination",
    "export",
    "export",
    "file",
    "group",
    "import",
    "log",
    "model",
    "notification",
    "record",
    "property",
    "resque",
    "run",
    "setupStep",
    "source",
    "system",
    "team",
];
let Permission = Permission_1 = class Permission extends commonModel_1.CommonModel {
    constructor() {
        super(...arguments);
        this.uniqueIdentifier = ["ownerId", "topic"];
    }
    idPrefix() {
        return "prm";
    }
    async apiData() {
        return {
            id: this.id,
            topic: this.topic,
            read: this.read,
            write: this.write,
            locked: this.locked,
        };
    }
    // --- Class Methods --- //
    static async noUpdateIfLocked(instance) {
        await lockableHelper_1.LockableHelper.beforeSave(instance);
    }
    static async authorizeAction(topic, mode, instance) {
        Permission_1.validateTopic(topic);
        if (topic === "*")
            return true;
        let permission;
        if (instance.permissions) {
            permission = instance.permissions.find((p) => p.ownerId === instance.id && p.topic === topic);
        }
        else {
            permission = await Permission_1.findOne({
                where: { ownerId: instance.id, topic: topic },
            });
        }
        if (!permission) {
            throw new Error(`cannot find permission set for ${instance.id} - ${topic}`);
        }
        return permission[mode];
    }
    static validateTopic(topic) {
        if (topic === "*")
            return;
        if (!exports.PermissionTopics.includes(topic)) {
            throw new Error(`cannot determine permission topic for ${topic}`);
        }
    }
};
__decorate([
    (0, sequelize_typescript_1.AllowNull)(false),
    (0, sequelize_typescript_1.ForeignKey)(() => Team_1.Team),
    (0, sequelize_typescript_1.ForeignKey)(() => ApiKey_1.ApiKey),
    sequelize_typescript_1.Column,
    __metadata("design:type", String)
], Permission.prototype, "ownerId", void 0);
__decorate([
    (0, sequelize_typescript_1.AllowNull)(false),
    sequelize_typescript_1.Column,
    __metadata("design:type", String)
], Permission.prototype, "ownerType", void 0);
__decorate([
    (0, sequelize_typescript_1.AllowNull)(false),
    (0, sequelize_typescript_1.Column)(sequelize_typescript_1.DataType.ENUM(...exports.PermissionTopics)),
    __metadata("design:type", Object)
], Permission.prototype, "topic", void 0);
__decorate([
    (0, sequelize_typescript_1.AllowNull)(false),
    (0, sequelize_typescript_1.Default)(false),
    sequelize_typescript_1.Column,
    __metadata("design:type", Boolean)
], Permission.prototype, "read", void 0);
__decorate([
    (0, sequelize_typescript_1.AllowNull)(false),
    (0, sequelize_typescript_1.Default)(false),
    sequelize_typescript_1.Column,
    __metadata("design:type", Boolean)
], Permission.prototype, "write", void 0);
__decorate([
    sequelize_typescript_1.Column,
    __metadata("design:type", String)
], Permission.prototype, "locked", void 0);
__decorate([
    (0, sequelize_typescript_1.BelongsTo)(() => Team_1.Team),
    __metadata("design:type", Team_1.Team)
], Permission.prototype, "team", void 0);
__decorate([
    (0, sequelize_typescript_1.BelongsTo)(() => ApiKey_1.ApiKey),
    __metadata("design:type", ApiKey_1.ApiKey)
], Permission.prototype, "apiKey", void 0);
__decorate([
    sequelize_typescript_1.BeforeSave,
    __metadata("design:type", Function),
    __metadata("design:paramtypes", [Object]),
    __metadata("design:returntype", Promise)
], Permission, "noUpdateIfLocked", null);
Permission = Permission_1 = __decorate([
    (0, sequelize_typescript_1.Table)({ tableName: "permissions", paranoid: false })
], Permission);
exports.Permission = Permission;