feat(backend): use manage permissions in checks
This commit is contained in:
Ali BARIN
@@ -22,19 +22,19 @@ const authorizationList = {
|
||||
subject: 'Flow',
|
||||
},
|
||||
'POST /api/v1/flows/': {
|
||||
action: 'create',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'PATCH /api/v1/flows/:flowId': {
|
||||
action: 'update',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'DELETE /api/v1/flows/:flowId': {
|
||||
action: 'delete',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'GET /api/v1/templates/': {
|
||||
action: 'create',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'GET /api/v1/steps/:stepId/connection': {
|
||||
@@ -42,23 +42,23 @@ const authorizationList = {
|
||||
subject: 'Flow',
|
||||
},
|
||||
'PATCH /api/v1/steps/:stepId': {
|
||||
action: 'update',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'POST /api/v1/steps/:stepId/test': {
|
||||
action: 'update',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'GET /api/v1/steps/:stepId/previous-steps': {
|
||||
action: 'update',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'POST /api/v1/steps/:stepId/dynamic-fields': {
|
||||
action: 'update',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'POST /api/v1/steps/:stepId/dynamic-data': {
|
||||
action: 'update',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'GET /api/v1/connections/:connectionId/flows': {
|
||||
@@ -66,11 +66,11 @@ const authorizationList = {
|
||||
subject: 'Flow',
|
||||
},
|
||||
'POST /api/v1/connections/:connectionId/test': {
|
||||
action: 'update',
|
||||
action: 'manage',
|
||||
subject: 'Connection',
|
||||
},
|
||||
'POST /api/v1/connections/:connectionId/verify': {
|
||||
action: 'create',
|
||||
action: 'manage',
|
||||
subject: 'Connection',
|
||||
},
|
||||
'GET /api/v1/apps/:appKey/flows': {
|
||||
@@ -94,59 +94,59 @@ const authorizationList = {
|
||||
subject: 'Execution',
|
||||
},
|
||||
'DELETE /api/v1/steps/:stepId': {
|
||||
action: 'update',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'PATCH /api/v1/connections/:connectionId': {
|
||||
action: 'update',
|
||||
action: 'manage',
|
||||
subject: 'Connection',
|
||||
},
|
||||
'DELETE /api/v1/connections/:connectionId': {
|
||||
action: 'delete',
|
||||
action: 'manage',
|
||||
subject: 'Connection',
|
||||
},
|
||||
'POST /api/v1/connections/:connectionId/reset': {
|
||||
action: 'create',
|
||||
action: 'manage',
|
||||
subject: 'Connection',
|
||||
},
|
||||
'PATCH /api/v1/flows/:flowId/status': {
|
||||
action: 'publish',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'POST /api/v1/flows/:flowId/duplicate': {
|
||||
action: 'create',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'POST /api/v1/flows/:flowId/export': {
|
||||
action: 'update',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'POST /api/v1/flows/import': {
|
||||
action: 'create',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'POST /api/v1/flows/:flowId/steps': {
|
||||
action: 'update',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'POST /api/v1/apps/:appKey/connections': {
|
||||
action: 'create',
|
||||
action: 'manage',
|
||||
subject: 'Connection',
|
||||
},
|
||||
'POST /api/v1/connections/:connectionId/auth-url': {
|
||||
action: 'create',
|
||||
action: 'manage',
|
||||
subject: 'Connection',
|
||||
},
|
||||
'POST /api/v1/folders/': {
|
||||
action: 'create',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'PATCH /api/v1/folders/:folderId': {
|
||||
action: 'create',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'DELETE /api/v1/folders/:folderId': {
|
||||
action: 'create',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'GET /api/v1/folders/': {
|
||||
@@ -154,7 +154,7 @@ const authorizationList = {
|
||||
subject: 'Flow',
|
||||
},
|
||||
'PATCH /api/v1/flows/:flowId/folder': {
|
||||
action: 'update',
|
||||
action: 'manage',
|
||||
subject: 'Flow',
|
||||
},
|
||||
'GET /api/v1/flows/:flowId/folder': {
|
||||
|
||||
@@ -17,56 +17,22 @@ const permissionCatalog = {
|
||||
conditions: [
|
||||
{
|
||||
key: 'isCreator',
|
||||
label: 'Is creator'
|
||||
}
|
||||
label: 'Is creator',
|
||||
},
|
||||
],
|
||||
actions: [
|
||||
{
|
||||
label: 'Create',
|
||||
key: 'create',
|
||||
subjects: [
|
||||
Connection.key,
|
||||
Flow.key,
|
||||
]
|
||||
label: 'Manage',
|
||||
key: 'manage',
|
||||
subjects: [Connection.key, Flow.key],
|
||||
},
|
||||
{
|
||||
label: 'Read',
|
||||
key: 'read',
|
||||
subjects: [
|
||||
Connection.key,
|
||||
Execution.key,
|
||||
Flow.key,
|
||||
]
|
||||
subjects: [Connection.key, Execution.key, Flow.key],
|
||||
},
|
||||
{
|
||||
label: 'Update',
|
||||
key: 'update',
|
||||
subjects: [
|
||||
Connection.key,
|
||||
Flow.key,
|
||||
]
|
||||
},
|
||||
{
|
||||
label: 'Delete',
|
||||
key: 'delete',
|
||||
subjects: [
|
||||
Connection.key,
|
||||
Flow.key,
|
||||
]
|
||||
},
|
||||
{
|
||||
label: 'Publish',
|
||||
key: 'publish',
|
||||
subjects: [
|
||||
Flow.key,
|
||||
]
|
||||
}
|
||||
],
|
||||
subjects: [
|
||||
Connection,
|
||||
Flow,
|
||||
Execution
|
||||
]
|
||||
subjects: [Connection, Flow, Execution],
|
||||
};
|
||||
|
||||
export default permissionCatalog;
|
||||
|
||||
Reference in New Issue
Block a user