You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
38 lines
1.2 KiB
TypeScript
38 lines
1.2 KiB
TypeScript
import { ActionName, App, Collection, FieldTypes, Policies, Policy } from "sealious";
|
|
import { Roles } from "../policy-types/roles";
|
|
|
|
export class UserRoles extends Collection {
|
|
name = "user-roles";
|
|
fields = {
|
|
role: new FieldTypes.Enum((app: App) =>
|
|
app.ConfigManager.get("roles")
|
|
).setRequired(true),
|
|
user: new FieldTypes.SingleReference("users"),
|
|
};
|
|
|
|
policies = {
|
|
create: new Roles(["admin"]),
|
|
delete: new Policies.Public(),
|
|
show: new Policies.UserReferencedInField("user"),
|
|
edit: new Policies.Noone(),
|
|
} as { [policy: string]: Policy }; // this `as` statement allows the policies to be overwritten;
|
|
|
|
async init(app: App, collection_name: string) {
|
|
await super.init(app, collection_name);
|
|
app.on("started", async () => {
|
|
const roles = app.collections["user-roles"];
|
|
for (const action of ["create", "delete"] as ActionName[]) {
|
|
const policy = roles.getPolicy(action);
|
|
if (policy instanceof Policies.Public) {
|
|
app.Logger.warn(
|
|
"USER POLICY",
|
|
`<user-roles> collection is using <public> access strategy for ${action} action. Anyone can change anyone elses role. This is the default behavior and you should overwrite it with <set_policy>`
|
|
);
|
|
}
|
|
}
|
|
});
|
|
}
|
|
}
|
|
|
|
export default new UserRoles();
|