feat: topics/k1ch/ introduce get/personas-permissions

database/layer/admin-persona.js

@@ -73,9 +73,31 @@ const insertPersonaByTenantKey = async (tenantKey, subClaim, userContext = '') =
   }
 }
 
+const getPersona = async (personaKey) => {
+  try {
+    return await usherDb('personas').select('*').where({ key: personaKey }).first();
+  } catch (err) {
+    throw pgErrorHandler(err)
+  }
+}
+
+const getPersonaPermissions = async (personaKey) => {
+  try {
+    return await usherDb('permissions')
+      .select('permissions.key', 'permissions.name', 'permissions.description', 'permissions.clientkey')
+      .join('personapermissions', 'permissions.key', 'personapermissions.permissionkey')
+      .join('personas', 'personapermissions.personakey', 'personas.key')
+      .where('personas.key', personaKey)
+  } catch (err) {
+    throw pgErrorHandler(err)
+  }
+}
+
 module.exports = {
   insertPersona,
   deletePersona,
   updatePersona,
   insertPersonaByTenantKey,
+  getPersona,
+  getPersonaPermissions,
 }

server/src/api_endpoints/personas/permissions.js

@@ -0,0 +1,18 @@
+const createError = require('http-errors')
+const dbAdminPersona = require('database/layer/admin-persona')
+const { checkPersonaExists } = require('./utils')
+
+const getPersonaPermissions = async (req, res, next) => {
+  try {
+    const { persona_key: personaKey } = req.params
+    await checkPersonaExists(personaKey)
+    const permissions = await dbAdminPersona.getPersonaPermissions(personaKey)
+    res.status(200).send(permissions)
+  } catch ({ httpStatusCode = 500, message }) {
+    return next(createError(httpStatusCode, { message }))
+  }
+}
+
+module.exports = {
+  getPersonaPermissions,
+}

server/src/api_endpoints/personas/utils.js

@@ -0,0 +1,15 @@
+const dbAdminPersona = require('database/layer/admin-persona')
+
+const checkPersonaExists = async (personaKey) => {
+  const persona = await dbAdminPersona.getPersona(personaKey)
+  if (!persona) {
+    throw {
+      httpStatusCode: 404,
+      message: 'Persona does not exist!'
+    }
+  }
+}
+
+module.exports = {
+  checkPersonaExists,
+}

server/the-usher-openapi-spec.yaml

@@ -472,6 +472,27 @@ paths:
         500:
           $ref: '#/components/responses/InternalError'
 
+  /personas/{persona_key}/permissions:
+    get:
+      'x-swagger-router-controller': 'personas/permissions'
+      operationId: getPersonaPermissions
+      tags:
+        - Admin APIs
+      security:
+        - bearerAdminAuth: []
+      responses:
+        200:
+          description: Returns the list of permission for the subject persona
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: "#/components/schemas/PermissionObject"
+        404:
+          $ref: '#/components/responses/NotFound'
+        500:
+          $ref: '#/components/responses/InternalError'
 
   /clients/{client_id}:
     get:
@@ -635,6 +656,13 @@ components:
       required: true
       schema:
         type: integer
+    personaKeyPathParam:
+      name: persona_key
+      description: The unique persona identifier
+      in: path
+      required: true
+      schema:
+        type: integer
     # user_context
     userContextParam:
       name: user_context
@@ -739,6 +767,26 @@ components:
           $ref: '#/components/schemas/EntityDescriptionDef'
       required:
         - permission
+#---------------------
+    PermissionObject:
+      type: object
+      properties:
+        key:
+          type: integer
+          minimum: 1
+          format: int32
+        clientkey:
+          type: integer
+          minimum: 1
+          format: int32
+        name:
+          $ref: '#/components/schemas/EntityNameDef'
+        description:
+          $ref: '#/components/schemas/EntityDescriptionDef'
+      required:
+        - key
+        - name
+        - clientkey  
 #---------------------
     ArrayOfPermissions:
       type: array