mirror of
https://github.com/OneUptime/oneuptime
synced 2024-11-21 22:59:07 +00:00
Refactor AccessTokenService to utilize UserPermissionUtil for permission retrieval; introduce PermissionNamespace enum
This commit is contained in:
Simon Larsen
parent
54e8a4c224
commit
98fe5deba7
@ -4,7 +4,6 @@ import BaseService from "./BaseService";
|
||||
import TeamMemberService from "./TeamMemberService";
|
||||
import TeamPermissionService from "./TeamPermissionService";
|
||||
import LIMIT_MAX from "../../Types/Database/LimitMax";
|
||||
import { JSONObject } from "../../Types/JSON";
|
||||
import ObjectID from "../../Types/ObjectID";
|
||||
import Permission, {
|
||||
UserGlobalAccessPermission,
|
||||
@ -15,11 +14,9 @@ import Label from "Common/Models/DatabaseModels/Label";
|
||||
import TeamMember from "Common/Models/DatabaseModels/TeamMember";
|
||||
import TeamPermission from "Common/Models/DatabaseModels/TeamPermission";
|
||||
import UserPermissionUtil from "../Utils/UserPermission/UserPermission";
|
||||
import PermissionNamespace from "../Types/Permission/PermissionNamespace";
|
||||
|
||||
|
||||
enum PermissionNamespace {
|
||||
GlobalPermission = "global-permissions",
|
||||
ProjectPermission = "project-permissions",
|
||||
}
|
||||
|
||||
export class AccessTokenService extends BaseService {
|
||||
public constructor() {
|
||||
@ -113,21 +110,16 @@ export class AccessTokenService extends BaseService {
|
||||
public async getUserGlobalAccessPermission(
|
||||
userId: ObjectID,
|
||||
): Promise<UserGlobalAccessPermission | null> {
|
||||
const json: JSONObject | null = await GlobalCache.getJSONObject(
|
||||
"user",
|
||||
userId.toString(),
|
||||
);
|
||||
const json: UserGlobalAccessPermission | null = await UserPermissionUtil.getUserGlobalAccessPermissionFromCache(
|
||||
userId,
|
||||
)
|
||||
|
||||
if (!json) {
|
||||
return await this.refreshUserGlobalAccessPermission(userId);
|
||||
}
|
||||
|
||||
const accessPermission: UserGlobalAccessPermission =
|
||||
json as UserGlobalAccessPermission;
|
||||
return json;
|
||||
|
||||
accessPermission._type = "UserGlobalAccessPermission";
|
||||
|
||||
return accessPermission;
|
||||
}
|
||||
|
||||
public async refreshUserTenantAccessPermission(
|
||||
@ -217,14 +209,10 @@ export class AccessTokenService extends BaseService {
|
||||
projectId: ObjectID,
|
||||
): Promise<UserTenantAccessPermission | null> {
|
||||
const json: UserTenantAccessPermission | null =
|
||||
(await GlobalCache.getJSONObject(
|
||||
PermissionNamespace.ProjectPermission,
|
||||
userId.toString() + projectId.toString(),
|
||||
)) as UserTenantAccessPermission;
|
||||
|
||||
if (json) {
|
||||
json._type = "UserTenantAccessPermission";
|
||||
}
|
||||
await UserPermissionUtil.getUserTenantAccessPermissionFromCache(
|
||||
userId,
|
||||
projectId,
|
||||
);
|
||||
|
||||
if (!json) {
|
||||
return await this.refreshUserTenantAccessPermission(userId, projectId);
|
||||
|
||||
6
Common/Server/Types/Permission/PermissionNamespace.ts
Normal file
6
Common/Server/Types/Permission/PermissionNamespace.ts
Normal file
@ -0,0 +1,6 @@
|
||||
enum PermissionNamespace {
|
||||
GlobalPermission = "global-permissions",
|
||||
ProjectPermission = "project-permissions",
|
||||
}
|
||||
|
||||
export default PermissionNamespace;
|
||||
@ -13,7 +13,6 @@ import Permission, {
|
||||
UserGlobalAccessPermission,
|
||||
UserTenantAccessPermission,
|
||||
} from "../../Types/Permission";
|
||||
import AccessTokenService from "../Services/AccessTokenService";
|
||||
import { getModelTypeByName } from "../../Models/DatabaseModels/Index";
|
||||
import { getModelTypeByName as getAnalyticsModelTypeByname } from "../../Models/AnalyticsModels/Index";
|
||||
import DatabaseRequestType from "../Types/BaseDatabase/DatabaseRequestType";
|
||||
@ -23,6 +22,7 @@ import ListenToModelEventJSON from "../../Types/Realtime/ListenToModelEventJSON"
|
||||
import EventName from "../../Types/Realtime/EventName";
|
||||
import CookieUtil from "./Cookie";
|
||||
import Dictionary from "../../Types/Dictionary";
|
||||
import UserPermissionUtil from "./UserPermission/UserPermission";
|
||||
|
||||
export default abstract class Realtime {
|
||||
private static socketServer: SocketServer | null = null;
|
||||
@ -128,7 +128,7 @@ export default abstract class Realtime {
|
||||
|
||||
logger.debug("Fetching user global access permissions");
|
||||
const userGlobalAccessPermission: UserGlobalAccessPermission | null =
|
||||
await AccessTokenService.getUserGlobalAccessPermission(
|
||||
await UserPermissionUtil.getUserGlobalAccessPermissionFromCache(
|
||||
userAuthorizationData.userId,
|
||||
);
|
||||
|
||||
@ -155,7 +155,7 @@ export default abstract class Realtime {
|
||||
|
||||
// if it has the access to the tenant, check if it has access to the model
|
||||
const userTenantAccessPermission: UserTenantAccessPermission | null =
|
||||
await AccessTokenService.getUserTenantAccessPermission(
|
||||
await UserPermissionUtil.getUserTenantAccessPermissionFromCache(
|
||||
userId,
|
||||
projectId,
|
||||
);
|
||||
|
||||
@ -1,10 +1,56 @@
|
||||
import { JSONObject } from "../../../Types/JSON";
|
||||
import ObjectID from "../../../Types/ObjectID";
|
||||
import Permission, {
|
||||
UserGlobalAccessPermission,
|
||||
UserPermission,
|
||||
UserTenantAccessPermission,
|
||||
} from "../../../Types/Permission";
|
||||
import GlobalCache from "../../Infrastructure/GlobalCache";
|
||||
import PermissionNamespace from "../../Types/Permission/PermissionNamespace";
|
||||
|
||||
export default class UserPermissionUtil {
|
||||
|
||||
public static async getUserTenantAccessPermissionFromCache(
|
||||
userId: ObjectID,
|
||||
projectId: ObjectID,
|
||||
): Promise<UserTenantAccessPermission | null> {
|
||||
const json: UserTenantAccessPermission | null =
|
||||
(await GlobalCache.getJSONObject(
|
||||
PermissionNamespace.ProjectPermission,
|
||||
userId.toString() + projectId.toString(),
|
||||
)) as UserTenantAccessPermission;
|
||||
|
||||
if (json) {
|
||||
json._type = "UserTenantAccessPermission";
|
||||
}
|
||||
|
||||
if (!json) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return json;
|
||||
}
|
||||
|
||||
public static async getUserGlobalAccessPermissionFromCache(
|
||||
userId: ObjectID,
|
||||
): Promise<UserGlobalAccessPermission | null> {
|
||||
const json: JSONObject | null = await GlobalCache.getJSONObject(
|
||||
"user",
|
||||
userId.toString(),
|
||||
);
|
||||
|
||||
if (!json) {
|
||||
return null;
|
||||
}
|
||||
|
||||
const accessPermission: UserGlobalAccessPermission =
|
||||
json as UserGlobalAccessPermission;
|
||||
|
||||
accessPermission._type = "UserGlobalAccessPermission";
|
||||
|
||||
return accessPermission;
|
||||
}
|
||||
|
||||
public static getDefaultUserTenantAccessPermission(
|
||||
projectId: ObjectID,
|
||||
): UserTenantAccessPermission {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user