-
Notifications
You must be signed in to change notification settings - Fork 21
Expand file tree
/
Copy pathPermissionMappingUtils.ts
More file actions
82 lines (70 loc) · 2.8 KB
/
PermissionMappingUtils.ts
File metadata and controls
82 lines (70 loc) · 2.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
// Utilities for resolving permission keys, computing mapped roles, and building user-friendly messages
export type ApiPermissionItem = {
inum?: string
permission?: string
[key: string]: unknown
}
export type RolePermissionMappingEntry = {
role: string
permissions: string[]
}
type ActionData =
| { inum?: string; permission?: string; [key: string]: unknown }
| string
| null
| undefined
/**
* Resolve the permission key (string) from actionData and the list of apiPermissions.
* actionData may be an object with { inum, permission } or just an inum string.
*/
export function resolvePermissionKey(
actionData: ActionData,
apiPermissions: ApiPermissionItem[] | undefined,
): string | undefined {
const isObject = (value: ActionData): value is { inum?: string; permission?: string } => {
return typeof value === 'object' && value !== null
}
const permissionFromAction = isObject(actionData) ? actionData.permission : undefined
if (permissionFromAction) return permissionFromAction
const permissionInum = isObject(actionData) ? actionData.inum : actionData
if (!permissionInum) return undefined
const found = Array.isArray(apiPermissions)
? apiPermissions.find((p) => p?.inum === permissionInum)
: undefined
return found?.permission
}
/**
* Find roles that contain the given permission key using the role-permission mapping from the store.
*/
export function findRolesForPermission(
permissionKey: string | undefined,
rolePermissionMapping: RolePermissionMappingEntry[] | undefined,
): string[] {
if (!permissionKey || !Array.isArray(rolePermissionMapping)) return []
return rolePermissionMapping
.filter((r) => Array.isArray(r?.permissions) && r.permissions.includes(permissionKey))
.map((r) => r.role)
}
export function buildMappingGuidanceMessage(
permissionKey: string | undefined,
mappedRoles: string[] | undefined,
): string {
if (!permissionKey) {
return 'Unable to delete permission. Permission identifier not found.'
}
if (!mappedRoles || mappedRoles.length === 0) {
return `Unable to delete permission "${permissionKey}". Please check if it's still in use.`
}
const rolesList = mappedRoles.join(', ')
const rolesWord = mappedRoles.length > 1 ? 'roles' : 'role'
return `Unable to delete permission "${permissionKey}". It is currently mapped to ${rolesWord}: ${rolesList}. Please remove it from the role mapping menu first.`
}
export function buildPermissionDeleteErrorMessage(
actionData: ActionData,
apiPermissions: ApiPermissionItem[] | undefined,
rolePermissionMapping: RolePermissionMappingEntry[] | undefined,
): string {
const permissionKey = resolvePermissionKey(actionData, apiPermissions)
const mappedRoles = findRolesForPermission(permissionKey, rolePermissionMapping)
return buildMappingGuidanceMessage(permissionKey, mappedRoles)
}