freeblox
/
web-service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
web-service/apps/auth/src/database/seeds/0002-initial-privileges.ts

260 lines
4.9 KiB
TypeScript
Raw Blame History

import { Knex } from 'knex';
const initialRoles = [
{
name: 'player',
id: 0,
path: '',
},
{
name: 'member',
id: 0,
parent: 'player',
path: '',
},
{
name: 'moderator',
id: 0,
parent: 'member',
path: '',
},
{
name: 'admin',
id: 0,
parent: 'moderator',
path: '',
},
{
name: 'reduced',
id: 0,
path: '',
},
];
const initialPrivileges = [
{
id: 0,
name: 'web',
roles: ['player', 'reduced'],
},
{
id: 0,
name: 'report',
roles: ['player', 'reduced'],
},
{
id: 0,
name: 'play',
roles: ['player'],
},
{
id: 0,
name: 'shop',
roles: ['player'],
},
{
id: 0,
name: 'community',
roles: ['player'],
},
{
id: 0,
name: 'trade',
roles: ['player'],
},
{
id: 0,
name: 'oidc',
roles: ['player'],
},
{
id: 0,
name: 'host',
roles: [],
},
{
id: 0,
name: 'create:game',
roles: ['player'],
},
{
id: 0,
name: 'create:clothing',
roles: ['player'],
},
{
id: 0,
name: 'create:accessory',
roles: ['member'],
},
{
id: 0,
name: 'create:character',
roles: [],
},
{
id: 0,
name: 'contentmod',
roles: ['moderator'],
},
{
id: 0,
name: 'ban',
roles: ['moderator'],
},
{
id: 0,
name: 'privban',
roles: ['moderator'],
},
{
id: 0,
name: 'permaban',
roles: ['admin'],
},
{
id: 0,
name: 'contentedit',
roles: ['admin'],
},
{
id: 0,
name: 'server:quarantine',
roles: ['moderator'],
},
{
id: 0,
name: 'server:stop',
roles: ['admin'],
},
{
id: 0,
name: 'server:banhost',
roles: ['admin'],
},
{
id: 0,
name: 'server:provision',
roles: ['admin'],
},
{
id: 0,
name: 'root',
},
];
export async function seed(knex: Knex): Promise<void> {
const giveUserRole = async (username: string, role: string) => {
const userExists = await knex('users').where({ username });
if (!userExists?.length) return;
const adminRole = initialRoles.find((entry) => entry.name === role);
const bodyUserRole = {
user_id: userExists[0].id,
role_id: adminRole.id,
};
if (!(await knex('user_role').where(bodyUserRole))?.length) {
await knex('user_role').insert(bodyUserRole);
}
};
const giveUserPrivilege = async (username: string, privilege: string[]) => {
const userExists = await knex('users').where({ username });
if (!userExists?.length) return;
const privileges = initialPrivileges.filter((entry) =>
privilege.includes(entry.name),
);
await Promise.all(
privileges.map(async (privilege) => {
const body = {
user_id: userExists[0].id,
privilege_id: privilege.id,
};
if (!(await knex('user_privilege').where(body))?.length) {
await knex('user_privilege').insert(body);
}
}),
);
};
for (const role of initialRoles) {
const exists = await knex('roles').where({
role: role.name,
});
if (exists?.length) {
role.id = exists[0].id;
continue;
}
let parentId: number | null = null;
if (role.parent) {
const findRole = initialRoles.find(
(parent) => parent.name === role.parent,
);
if (findRole) {
parentId = findRole.id;
role.path += findRole.path;
}
}
const [created] = await knex('roles')
.insert([
{
role: role.name,
mpath: role.path,
parent_id: parentId,
created_at: new Date(),
},
])
.returning(['id']);
role.id = created.id;
role.path += `${role.path ? '.' : ''}${role.id}`;
await knex('roles').where({ id: role.id }).update({ mpath: role.path });
}
for (const privilege of initialPrivileges) {
const exists = await knex('privileges').where({
privilege: privilege.name,
});
if (exists?.length) {
privilege.id = exists[0].id;
} else {
const [created] = await knex('privileges')
.insert([
{
privilege: privilege.name,
created_at: new Date(),
},
])
.returning(['id']);
privilege.id = created.id;
}
if (privilege.roles?.length) {
for (const role of privilege.roles) {
const foundRole = initialRoles.find((item) => item.name === role);
if (!foundRole) continue;
const body = {
role_id: foundRole.id,
privilege_id: privilege.id,
};
const exists = await knex('role_privilege').where(body);
if (exists?.length) continue;
await knex('role_privilege').insert(body);
}
}
}
// Add roles to initial user
await giveUserRole('freeblox', 'admin');
await giveUserRole('noob', 'player');
await giveUserPrivilege('freeblox', ['root', 'host']);
}
Reference in New Issue View Git Blame Copy Permalink