owen
/
Musare
Mirror von https://github.com/odiffey/MusareNode


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293
							import { Types, isObjectIdOrHexString } from "mongoose";
import CacheModule from "@/modules/CacheModule";
import DataModule from "@/modules/DataModule";
import { Models } from "@/types/Models";
import ModuleManager from "@/ModuleManager";
import GetPermissions from "./GetPermissions";
import DataModuleJob from "@/modules/DataModule/DataModuleJob";

export default class GetModelPermissions extends DataModuleJob {
	protected static _modelName: keyof Models = "users";

	protected static _hasPermission = true;

	protected override async _validate() {
		if (typeof this._payload !== "object")
			throw new Error("Payload must be an object");

		if (typeof this._payload.modelName !== "string")
			throw new Error("Model name must be a string");

		if (
			!isObjectIdOrHexString(this._payload.modelId) &&
			typeof this._payload.modelId !== "undefined" &&
			this._payload.modelId !== null
		)
			throw new Error("Model Id must be an ObjectId or undefined");
	}

	protected override async _authorize() {}

	protected async _execute({
		modelName,
		modelId
	}: {
		modelName: keyof Models;
		modelId?: Types.ObjectId;
	}) {
		const user = await this._context.getUser().catch(() => null);
		const permissions = await this._context.executeJob(GetPermissions);

		let cacheKey = `model-permissions.${modelName}`;

		if (modelId) cacheKey += `.${modelId}`;

		if (user) cacheKey += `.user.${user._id}`;
		else cacheKey += `.guest`;

		const cached = await CacheModule.get(cacheKey);

		if (cached) return cached;

		const Model = await DataModule.getModel(modelName);

		if (!Model) throw new Error("Model not found");

		const model = modelId ? await Model.findById(modelId) : null;

		if (modelId && !model) throw new Error("Model not found");

		const jobs = await Promise.all(
			Object.entries(ModuleManager.getModule("data")?.getJobs() ?? {})
				.filter(
					([jobName]) =>
						jobName.startsWith(modelName.toString()) &&
						(modelId ? true : !jobName.endsWith("ById"))
				)
				.map(async ([jobName, Job]) => {
					jobName = `data.${jobName}`;

					let hasPermission = permissions[jobName];

					if (!hasPermission && modelId)
						hasPermission =
							permissions[`${jobName}.*`] ||
							permissions[`${jobName}.${modelId}`];

					if (hasPermission) return [jobName, true];

					if (typeof Job.hasPermission === "function") {
						hasPermission = await Job.hasPermission(model, user);
					}

					return [jobName, !!hasPermission];
				})
		);

		const modelPermissions = Object.fromEntries(jobs);

		await CacheModule.set(cacheKey, modelPermissions, 360);

		return modelPermissions;
	}
}