2024-10-30 17:59:44 +00:00
|
|
|
/*\
|
|
|
|
|
title: $:/plugins/tiddlywiki/multiwikiserver/routes/handlers/get-acl.js
|
|
|
|
|
type: application/javascript
|
|
|
|
|
module-type: mws-route
|
|
|
|
|
|
|
|
|
|
GET /admin/acl
|
|
|
|
|
|
|
|
|
|
\*/
|
|
|
|
|
(function () {
|
2024-11-08 10:09:42 +00:00
|
|
|
/*jslint node: true, browser: true */
|
|
|
|
|
/*global $tw: false */
|
|
|
|
|
"use strict";
|
2024-10-30 17:59:44 +00:00
|
|
|
|
2024-11-08 10:09:42 +00:00
|
|
|
exports.method = "GET";
|
2024-10-30 17:59:44 +00:00
|
|
|
|
2024-11-08 10:09:42 +00:00
|
|
|
exports.path = /^\/admin\/acl\/(.+)$/;
|
2024-10-30 17:59:44 +00:00
|
|
|
|
2024-11-08 10:09:42 +00:00
|
|
|
exports.handler = function (request, response, state) {
|
|
|
|
|
var sqlTiddlerDatabase = state.server.sqlTiddlerDatabase;
|
|
|
|
|
var params = state.params[0].split("/")
|
|
|
|
|
var recipeName = params[0];
|
|
|
|
|
var bagName = params[params.length - 1];
|
2024-10-30 17:59:44 +00:00
|
|
|
|
2024-11-08 10:09:42 +00:00
|
|
|
var recipes = sqlTiddlerDatabase.listRecipes()
|
|
|
|
|
var bags = sqlTiddlerDatabase.listBags()
|
2024-10-30 17:59:44 +00:00
|
|
|
|
2024-11-08 10:09:42 +00:00
|
|
|
var recipe = recipes.find((entry) => entry.recipe_name === recipeName && entry.bag_names.includes(bagName))
|
|
|
|
|
var bag = bags.find((entry) => entry.bag_name === bagName);
|
2024-10-30 17:59:44 +00:00
|
|
|
|
2024-11-08 10:09:42 +00:00
|
|
|
if (!recipe || !bag) {
|
|
|
|
|
response.writeHead(500, "Unable to handle request", { "Content-Type": "text/html" });
|
|
|
|
|
response.end();
|
|
|
|
|
return;
|
|
|
|
|
}
|
2024-10-30 17:59:44 +00:00
|
|
|
|
2024-11-08 10:09:42 +00:00
|
|
|
var recipeAclRecords = sqlTiddlerDatabase.getEntityAclRecords(recipe.recipe_name);
|
|
|
|
|
var bagAclRecords = sqlTiddlerDatabase.getEntityAclRecords(bag.bag_name);
|
|
|
|
|
var roles = state.server.sqlTiddlerDatabase.listRoles();
|
|
|
|
|
var permissions = state.server.sqlTiddlerDatabase.listPermissions();
|
2024-10-30 17:59:44 +00:00
|
|
|
|
2024-11-08 10:09:42 +00:00
|
|
|
// This ensures that the user attempting to view the ACL management page has permission to do so
|
2024-12-23 14:07:43 +00:00
|
|
|
if(!state.authenticatedUser?.isAdmin &&
|
|
|
|
|
!state.firstGuestUser &&
|
|
|
|
|
(!state.authenticatedUser || (recipeAclRecords.length > 0 && !sqlTiddlerDatabase.hasRecipePermission(state.authenticatedUser.user_id, recipeName, 'WRITE')))
|
|
|
|
|
){
|
2024-11-08 10:09:42 +00:00
|
|
|
response.writeHead(403, "Forbidden");
|
|
|
|
|
response.end();
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Enhance ACL records with role and permission details
|
|
|
|
|
recipeAclRecords = recipeAclRecords.map(record => {
|
|
|
|
|
var role = roles.find(role => role.role_id === record.role_id);
|
|
|
|
|
var permission = permissions.find(perm => perm.permission_id === record.permission_id);
|
|
|
|
|
return ({
|
|
|
|
|
...record,
|
|
|
|
|
role,
|
|
|
|
|
permission,
|
|
|
|
|
role_name: role.role_name,
|
|
|
|
|
role_description: role.description,
|
|
|
|
|
permission_name: permission.permission_name,
|
|
|
|
|
permission_description: permission.description
|
|
|
|
|
})
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
bagAclRecords = bagAclRecords.map(record => {
|
|
|
|
|
var role = roles.find(role => role.role_id === record.role_id);
|
|
|
|
|
var permission = permissions.find(perm => perm.permission_id === record.permission_id);
|
|
|
|
|
return ({
|
|
|
|
|
...record,
|
|
|
|
|
role,
|
|
|
|
|
permission,
|
|
|
|
|
role_name: role.role_name,
|
|
|
|
|
role_description: role.description,
|
|
|
|
|
permission_name: permission.permission_name,
|
|
|
|
|
permission_description: permission.description
|
|
|
|
|
})
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
response.writeHead(200, "OK", { "Content-Type": "text/html" });
|
|
|
|
|
|
|
|
|
|
var html = $tw.mws.store.adminWiki.renderTiddler("text/plain", "$:/plugins/tiddlywiki/multiwikiserver/templates/page", {
|
|
|
|
|
variables: {
|
|
|
|
|
"page-content": "$:/plugins/tiddlywiki/multiwikiserver/templates/manage-acl",
|
|
|
|
|
"roles-list": JSON.stringify(roles),
|
|
|
|
|
"permissions-list": JSON.stringify(permissions),
|
|
|
|
|
"bag": JSON.stringify(bag),
|
|
|
|
|
"recipe": JSON.stringify(recipe),
|
|
|
|
|
"recipe-acl-records": JSON.stringify(recipeAclRecords),
|
|
|
|
|
"bag-acl-records": JSON.stringify(bagAclRecords),
|
2024-12-10 13:18:30 +00:00
|
|
|
"username": state.authenticatedUser ? state.authenticatedUser.username : state.firstGuestUser ? "Anonymous User" : "Guest",
|
2024-11-08 10:09:42 +00:00
|
|
|
"user-is-admin": state.authenticatedUser && state.authenticatedUser.isAdmin ? "yes" : "no"
|
2024-10-30 17:59:44 +00:00
|
|
|
}
|
2024-11-08 10:09:42 +00:00
|
|
|
});
|
2024-10-30 17:59:44 +00:00
|
|
|
|
2024-11-08 10:09:42 +00:00
|
|
|
response.write(html);
|
|
|
|
|
response.end();
|
|
|
|
|
};
|
2024-10-30 17:59:44 +00:00
|
|
|
|
|
|
|
|
}());
|
