From ee1b910f3c4aacdfb80de5d9411b6746b187b8dc Mon Sep 17 00:00:00 2001
From: Ali BARIN <ali.barin53@gmail.com>
Date: Wed, 2 Apr 2025 10:26:28 +0000
Subject: [PATCH] feat(backend): use manage permissions in checks

---
 packages/backend/src/helpers/authorization.js | 52 +++++++++----------
 .../src/helpers/permission-catalog.ee.js      | 48 +++--------------
 2 files changed, 33 insertions(+), 67 deletions(-)

diff --git a/packages/backend/src/helpers/authorization.js b/packages/backend/src/helpers/authorization.js
index e921cee8..2f616b92 100644
--- a/packages/backend/src/helpers/authorization.js
+++ b/packages/backend/src/helpers/authorization.js
@@ -22,19 +22,19 @@ const authorizationList = {
     subject: 'Flow',
   },
   'POST /api/v1/flows/': {
-    action: 'create',
+    action: 'manage',
     subject: 'Flow',
   },
   'PATCH /api/v1/flows/:flowId': {
-    action: 'update',
+    action: 'manage',
     subject: 'Flow',
   },
   'DELETE /api/v1/flows/:flowId': {
-    action: 'delete',
+    action: 'manage',
     subject: 'Flow',
   },
   'GET /api/v1/templates/': {
-    action: 'create',
+    action: 'manage',
     subject: 'Flow',
   },
   'GET /api/v1/steps/:stepId/connection': {
@@ -42,23 +42,23 @@ const authorizationList = {
     subject: 'Flow',
   },
   'PATCH /api/v1/steps/:stepId': {
-    action: 'update',
+    action: 'manage',
     subject: 'Flow',
   },
   'POST /api/v1/steps/:stepId/test': {
-    action: 'update',
+    action: 'manage',
     subject: 'Flow',
   },
   'GET /api/v1/steps/:stepId/previous-steps': {
-    action: 'update',
+    action: 'manage',
     subject: 'Flow',
   },
   'POST /api/v1/steps/:stepId/dynamic-fields': {
-    action: 'update',
+    action: 'manage',
     subject: 'Flow',
   },
   'POST /api/v1/steps/:stepId/dynamic-data': {
-    action: 'update',
+    action: 'manage',
     subject: 'Flow',
   },
   'GET /api/v1/connections/:connectionId/flows': {
@@ -66,11 +66,11 @@ const authorizationList = {
     subject: 'Flow',
   },
   'POST /api/v1/connections/:connectionId/test': {
-    action: 'update',
+    action: 'manage',
     subject: 'Connection',
   },
   'POST /api/v1/connections/:connectionId/verify': {
-    action: 'create',
+    action: 'manage',
     subject: 'Connection',
   },
   'GET /api/v1/apps/:appKey/flows': {
@@ -94,59 +94,59 @@ const authorizationList = {
     subject: 'Execution',
   },
   'DELETE /api/v1/steps/:stepId': {
-    action: 'update',
+    action: 'manage',
     subject: 'Flow',
   },
   'PATCH /api/v1/connections/:connectionId': {
-    action: 'update',
+    action: 'manage',
     subject: 'Connection',
   },
   'DELETE /api/v1/connections/:connectionId': {
-    action: 'delete',
+    action: 'manage',
     subject: 'Connection',
   },
   'POST /api/v1/connections/:connectionId/reset': {
-    action: 'create',
+    action: 'manage',
     subject: 'Connection',
   },
   'PATCH /api/v1/flows/:flowId/status': {
-    action: 'publish',
+    action: 'manage',
     subject: 'Flow',
   },
   'POST /api/v1/flows/:flowId/duplicate': {
-    action: 'create',
+    action: 'manage',
     subject: 'Flow',
   },
   'POST /api/v1/flows/:flowId/export': {
-    action: 'update',
+    action: 'manage',
     subject: 'Flow',
   },
   'POST /api/v1/flows/import': {
-    action: 'create',
+    action: 'manage',
     subject: 'Flow',
   },
   'POST /api/v1/flows/:flowId/steps': {
-    action: 'update',
+    action: 'manage',
     subject: 'Flow',
   },
   'POST /api/v1/apps/:appKey/connections': {
-    action: 'create',
+    action: 'manage',
     subject: 'Connection',
   },
   'POST /api/v1/connections/:connectionId/auth-url': {
-    action: 'create',
+    action: 'manage',
     subject: 'Connection',
   },
   'POST /api/v1/folders/': {
-    action: 'create',
+    action: 'manage',
     subject: 'Flow',
   },
   'PATCH /api/v1/folders/:folderId': {
-    action: 'create',
+    action: 'manage',
     subject: 'Flow',
   },
   'DELETE /api/v1/folders/:folderId': {
-    action: 'create',
+    action: 'manage',
     subject: 'Flow',
   },
   'GET /api/v1/folders/': {
@@ -154,7 +154,7 @@ const authorizationList = {
     subject: 'Flow',
   },
   'PATCH /api/v1/flows/:flowId/folder': {
-    action: 'update',
+    action: 'manage',
     subject: 'Flow',
   },
   'GET /api/v1/flows/:flowId/folder': {
diff --git a/packages/backend/src/helpers/permission-catalog.ee.js b/packages/backend/src/helpers/permission-catalog.ee.js
index 1f527d9d..b14ec6c1 100644
--- a/packages/backend/src/helpers/permission-catalog.ee.js
+++ b/packages/backend/src/helpers/permission-catalog.ee.js
@@ -17,56 +17,22 @@ const permissionCatalog = {
   conditions: [
     {
       key: 'isCreator',
-      label: 'Is creator'
-    }
+      label: 'Is creator',
+    },
   ],
   actions: [
     {
-      label: 'Create',
-      key: 'create',
-      subjects: [
-        Connection.key,
-        Flow.key,
-      ]
+      label: 'Manage',
+      key: 'manage',
+      subjects: [Connection.key, Flow.key],
     },
     {
       label: 'Read',
       key: 'read',
-      subjects: [
-        Connection.key,
-        Execution.key,
-        Flow.key,
-      ]
+      subjects: [Connection.key, Execution.key, Flow.key],
     },
-    {
-      label: 'Update',
-      key: 'update',
-      subjects: [
-        Connection.key,
-        Flow.key,
-      ]
-    },
-    {
-      label: 'Delete',
-      key: 'delete',
-      subjects: [
-        Connection.key,
-        Flow.key,
-      ]
-    },
-    {
-      label: 'Publish',
-      key: 'publish',
-      subjects: [
-        Flow.key,
-      ]
-    }
   ],
-  subjects: [
-    Connection,
-    Flow,
-    Execution
-  ]
+  subjects: [Connection, Flow, Execution],
 };
 
 export default permissionCatalog;