Skip to content
This repository has been archived by the owner on Apr 19, 2023. It is now read-only.

Commit

Permalink
♻️ Get subgroup scopes on login
Browse files Browse the repository at this point in the history
  • Loading branch information
@AnandChowdhary
AnandChowdhary committed Nov 15, 2020
1 parent bc283c3 commit ef2dc72
Showing 1 changed file with 31 additions and 10 deletions.
41 changes: 31 additions & 10 deletions src/modules/auth/auth.service.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -660,19 +660,40 @@ export class AuthService {
where: { user: { id: user.id } },
select: { id: true, role: true, group: { select: { id: true } } },
});
memberships.forEach((membership) => {
for await (const membership of memberships) {
scopes.push(`membership-${membership.id}:*`);
if (membership.role === 'OWNER')
scopes.push(`group-${membership.group.id}:*`);
const ids = [
membership.group.id,
...(await this.recursivelyGetSubgroupIds(membership.group.id)),
];

// Admins cannot delete a group, but they can read/write
if (membership.role === 'ADMIN')
scopes.push(`group-${membership.group.id}:write-*`);
ids.forEach((id) => {
if (membership.role === 'OWNER') scopes.push(`group-${id}:*`);
// Admins cannot delete a group, but they can read/write
if (membership.role === 'ADMIN') scopes.push(`group-${id}:write-*`);
// Non-owners (admins and regular members) can also read
if (membership.role !== 'OWNER') scopes.push(`group-${id}:read-*`);
});
}
return scopes;
}

// Non-owners (admins and regular members) can also read
if (membership.role !== 'OWNER')
scopes.push(`group-${membership.group.id}:read-*`);
private async recursivelyGetSubgroupIds(groupId: number) {
const subgroups = await this.prisma.groups.findMany({
where: { parent: { id: groupId } },
select: {
id: true,
parent: { select: { id: true } },
subgroups: { select: { id: true } },
},
});
return scopes;
const ids = subgroups.map((i) => i.id);
for await (const group of subgroups) {
for await (const subgroup of group.subgroups) {
const recurisiveIds = await this.recursivelyGetSubgroupIds(subgroup.id);
ids.push(...recurisiveIds);
}
}
return ids;
}
}

0 comments on commit ef2dc72

Please sign in to comment.