From 0ed5fb89c352cef10399339d9b99e6c305d1d039 Mon Sep 17 00:00:00 2001 From: Naida Vatric Date: Fri, 1 Nov 2019 01:16:23 +0100 Subject: [PATCH] Added test and query call --- endpoints/addusertogroup.js | 5 +++ endpoints/cleargroup.js | 4 ++- endpoints/querypermiss.js | 40 ++++++++++++++++++++++++ endpoints/testuserperm.js | 61 ++++++++++++++----------------------- helpfunctions/addgroup.js | 2 ++ helpfunctions/checkmemb.js | 24 --------------- permissions.js | 16 +++++++--- 7 files changed, 84 insertions(+), 68 deletions(-) create mode 100644 endpoints/querypermiss.js delete mode 100644 helpfunctions/checkmemb.js diff --git a/endpoints/addusertogroup.js b/endpoints/addusertogroup.js index 6d3e80b..39edea7 100644 --- a/endpoints/addusertogroup.js +++ b/endpoints/addusertogroup.js @@ -2,10 +2,15 @@ // //Requiremenst for inserting data in DB const adduser= require('../helpfunctions/adduser'); +const addgroup= require('../helpfunctions/addgroup'); const handleAddUserToGroup = (req, res, db) => { //Parsing req body const { reqgroup, requser} =req.body; + //Initializing an empty group if group does not exists. + //Initialization needed for group clearing to mantain a group when all users are cleared + addgroup.handleAddGroup(reqgroup, db); + //Checking if user-group combination existis in DB table groups //if yes returns error if no inserts in DB table db.transaction (trx => { diff --git a/endpoints/cleargroup.js b/endpoints/cleargroup.js index 24e26be..9f40855 100644 --- a/endpoints/cleargroup.js +++ b/endpoints/cleargroup.js @@ -4,8 +4,10 @@ const handleClearGroup = (req, res, db) => { //Parsing req body const { reqgroup} =req.body; //Checking for groupname in table groups and deleting users - db('groups') + db('groups') .where('groupname', 'ilike', reqgroup) + //Group initialization is maintained + .andWhereNot('username', '') .del() .then (count => { if (count!==0) { diff --git a/endpoints/querypermiss.js b/endpoints/querypermiss.js new file mode 100644 index 0000000..b0d2804 --- /dev/null +++ b/endpoints/querypermiss.js @@ -0,0 +1,40 @@ +//Call for querying what permissions a particular user has over a particular object +// + +const handleQuery = (req, res, db) => { + //Parsing req body + const { requser, reqobject} =req.body; + //Checking for permissions in joined tables for cases of directly associated + //or inherited permissions + db.transaction ( trx => { + trx.select('type') + .from('groups') + .fullOuterJoin('permissions', 'groups.groupname', 'permissions.owner') + .where('objname', 'ilike', reqobject) + //Check for inherited permissions + .andWhere('username', 'ilike', requser) + //Check for directly associated permissions + .orWhere('owner', 'ilike', requser) + .andWhere('ownertype', 'ilike', 'user') + .then ( found => { + if (found.length!==0) { + //Responding with aray of permission types instead of array of objects + res.json(found.map( (perm, index) => { + return perm.type; + })); + } + else { + res.status(400).json('No query object permissions found.') + } + + }) + .then(trx.commit) + .catch(trx.rollback) + .catch (err => res.status(400).json('Error accesing database.')) + }) + +} + +module.exports = { + handleQuery +} \ No newline at end of file diff --git a/endpoints/testuserperm.js b/endpoints/testuserperm.js index 2c640ae..955af71 100644 --- a/endpoints/testuserperm.js +++ b/endpoints/testuserperm.js @@ -1,14 +1,11 @@ //Call for testing if a particular user has a particular permission over a // particular object. Returns true or false. // -//Requiremenst for checking data in DB -const checkmemb= require('../helpfunctions/checkmemb'); - const condTest = (req, res, db) => { //Parsing req body const { reqowner, reqobjname, reqtype} =req.body; - //Checking for owner with particular permission over a particular object + //Checking for owner with particular permission over a particular object db.transaction (trx => { trx.select('objname') .from('permissions') @@ -22,40 +19,28 @@ const condTest = (req, res, db) => { if (found.length !==0) { return res.json(true); } - //Checking for permissions inherited from groups - return trx('permissions') - .returning('owner') - //Checking only for groups - .where('ownertype', 'ilike', 'group') - //Checking for existance of group with particular permission over a particular object - .andWhere('objname', 'ilike', reqobjname) - .andWhere('type', 'ilike', reqtype) - .then (found => { - //? - console.log('found', found); - //Found is an array of objects (rows from permissions table) where group has needed permisions - //Check for every group if user is a member - found.forEach( (row, index) => { - //? - console.log('row.owner', row.owner); - // Check if our user is in found group and have inherited permission - return trx('groups') - .returning('*') - .where('username', 'ilike', reqowner) - .andWhere('groupname', 'ilike', 'admins') - .then ( data => { - console.log('data', data); - if (data.length!==0) { - return res.json(true); - } - }) - .then(trx.commit) - .catch(trx.rollback) - }); - return res.json(false); - }) - - }) + }) + .then(trx.commit) + .catch(trx.rollback) + .catch (err => res.status(400).json('Error accesing database.')) + }) + //Checking for permissions inherited from groups + db.transaction ( trx => { + trx.select('*') + .from('groups') + .fullOuterJoin('permissions', 'groups.groupname', 'permissions.owner') + //Checking only for groups + .where('ownertype', 'ilike', 'group') + .andWhere('username', 'ilike', reqowner) + .then ( found => { + if (found.length !==0) { + return res.json(true); + } + else { + //If no searched permission is found then it does not exists + return res.json(false); + } + }) .then(trx.commit) .catch(trx.rollback) .catch (err => res.status(400).json('Error accesing database.')) diff --git a/helpfunctions/addgroup.js b/helpfunctions/addgroup.js index e2a7387..a685bbd 100644 --- a/helpfunctions/addgroup.js +++ b/helpfunctions/addgroup.js @@ -1,5 +1,7 @@ +//Group initialization //Checking if group existis in DB table groups //if no inserts new group with no users (implicitly) + const handleAddGroup = (reqgroup, db) => { db.transaction (trx => { trx.select('groupname') diff --git a/helpfunctions/checkmemb.js b/helpfunctions/checkmemb.js deleted file mode 100644 index d01648f..0000000 --- a/helpfunctions/checkmemb.js +++ /dev/null @@ -1,24 +0,0 @@ -//Checking if user is a member of a group -//if yes returns true else returns false -const checkMember = (requser, reqgroup, db) => { - let check; - db.transaction (trx => { - trx.select('username') - .from('groups') - .where('username', 'ilike', requser) - .andWhere('groupname', 'ilike', reqgroup) - .then ( data => { - if (data.length!==0) { - check= true; - } - check= false; - }) - .then(trx.commit) - .catch(trx.rollback) - }); - console.log ('check', check); - return check; -} -module.exports = { - checkMember -} \ No newline at end of file diff --git a/permissions.js b/permissions.js index 3888ce8..78b3981 100644 --- a/permissions.js +++ b/permissions.js @@ -27,6 +27,7 @@ const cleargroup= require('./endpoints/cleargroup'); const addpermission= require('./endpoints/addpermission'); const clearpermissions= require('./endpoints/clearpermissions'); const testuserperm= require('./endpoints/testuserperm'); +const querypermiss= require('./endpoints/querypermiss'); //Checking basics app.get('/', (req, res) => { @@ -45,8 +46,8 @@ app.post('/addusertogroup', [ } addusertogroup.handleAddUserToGroup(req, res, db)}); -//Call for deleting all users from group -app.delete('/cleargroup', (req,res) => { +//Call for clearing all users from group +app.post('/cleargroup', (req,res) => { cleargroup.handleClearGroup(req, res, db); }); @@ -54,7 +55,7 @@ app.delete('/cleargroup', (req,res) => { app.post('/addpermission', [ //Simple input validation with express-validator check('reqowner').isAlphanumeric().isLength({min:3}), - check('reqobjname').isAlphanumeric().isLength({min:3}), + //check('reqobjname').isAlphanumeric().isLength({min:3}), check('reqtype').isAlphanumeric().isLength({min:3}), check('reqownertype').custom((value, {req, loc, pah}) => { if (value.toLowerCase()==='group' || value.toLowerCase()==='user') { @@ -71,8 +72,8 @@ app.post('/addpermission', [ } addpermission.handleAddPermission(req, res, db)}); -//Call for deleting all permissions from users or group -app.delete('/clearpermissions', (req,res) => { +//Call for clearing all permissions from user or group +app.post('/clearpermissions', (req,res) => { clearpermissions.handleClearPerm(req, res, db); }); @@ -82,6 +83,11 @@ app.post('/testuserperm', (req,res) => { testuserperm.condTest(req, res, db); }) +//Call for querying what permissions a particular user has over a particular object +app.post('/querypermiss', (req,res) => { + querypermiss.handleQuery(req,res,db); +}) + //Listening on local port 3000 -temporary, to be changed to env Var app.listen(3000, () => { console.log(`App is running on port 3000`);