We use cookies to ensure you get the best experience on our website
Accueil Explorer Aide
S'inscrire Connexion
0ct0pu5
/
pangolin
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Aborescence: 8cd6cbb5ac
Branches Tags
pangolin
/
server
/
db
/
ensureActions.ts

ensureActions.ts 2.2 KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 
  1. import { ActionsEnum } from "@server/auth/actions";
    2. 

  2. import { db } from "@server/db";
    3. 

  3. import { actions, roles, roleActions } from "./schema";
    4. 

  4. import { eq, and, inArray, notInArray } from "drizzle-orm";
    5. 

  5. import logger from "@server/logger";
    6. 

  6. 

  7. export async function ensureActions() {
    8. 

  8.     const actionIds = Object.values(ActionsEnum);
    9. 

  9.     const existingActions = await db.select().from(actions).execute();
    10. 

  10.     const existingActionIds = existingActions.map(action => action.actionId);
    11. 

  11. 

  12.     const actionsToAdd = actionIds.filter(id => !existingActionIds.includes(id));
    13. 

  13.     const actionsToRemove = existingActionIds.filter(id => !actionIds.includes(id as ActionsEnum));
    14. 

  14. 

  15.     const defaultRoles = await db
    16. 

  16.         .select()
    17. 

  17.         .from(roles)
    18. 

  18.         .where(eq(roles.isSuperuserRole, true))
    19. 

  19.         .execute();
    20. 

  20. 

  21.     if (defaultRoles.length === 0) {
    22. 

  22.         logger.info('No default roles to assign');
    23. 

  23.         return;
    24. 

  24.     }
    25. 

  25. 

  26.     // Add new actions
    27. 

  27.     for (const actionId of actionsToAdd) {
    28. 

  28.     await db.insert(actions).values({ actionId }).execute();
    29. 

  29.         // Add new actions to the Default role
    30. 

  30.         await db.insert(roleActions)
    31. 

  31.             .values(defaultRoles.map(role => ({ roleId: role.roleId!, actionId, orgId: role.orgId! })))
    32. 

  32.             .execute();
    33. 

  33.     }
    34. 

  34. 

  35.     // Remove deprecated actions
    36. 

  36.     if (actionsToRemove.length > 0) {
    37. 

  37.         await db.delete(actions).where(inArray(actions.actionId, actionsToRemove)).execute();
    38. 

  38.         await db.delete(roleActions).where(inArray(roleActions.actionId, actionsToRemove)).execute();
    39. 

  39.     }
    40. 

  40. }
    41. 

  41. 

  42. export async function createSuperuserRole(orgId: number) {
    43. 

  43.     // Create the Default role if it doesn't exist
    44. 

  44.     const [insertedRole] = await db
    45. 

  45.         .insert(roles)
    46. 

  46.         .values({
    47. 

  47.             orgId,
    48. 

  48.             isSuperuserRole: true,
    49. 

  49.             name: 'Superuser',
    50. 

  50.             description: 'Superuser role with all actions'
    51. 

  51.         })
    52. 

  52.         .returning({ roleId: roles.roleId })
    53. 

  53.         .execute();
    54. 

  54. 

  55.     const roleId = insertedRole.roleId;
    56. 

  56. 

  57.     // Add all current actions to the new Default role
    58. 

  58.     const actionIds = Object.values(ActionsEnum);
    59. 

  59.     await db.insert(roleActions)
    60. 

  60.         .values(actionIds.map(actionId => ({
    61. 

  61.             roleId,
    62. 

  62.             actionId: actionId,
    63. 

  63.             orgId
    64. 

  64.         })))
    65. 

  65.         .execute();
    66. 

  66. }
    67.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5