feat: topic/k1ch/introduce API - GET/permissions

DMGT-TECH · Dec 19, 2024 · cd53fa6 · cd53fa6
1 parent d2babb0
commit cd53fa6
Show file tree

Hide file tree

Showing 3 changed files with 108 additions and 1 deletion.
diff --git a/database/layer/admin-permission.js b/database/layer/admin-permission.js
@@ -114,6 +114,39 @@ const getPermissionsByNameClientKey = async (name, clientKey) => {
   }
 }
 
+/**
+ * Get permissions by optional filters
+ *
+ * @param {Object} filters - The filters to apply
+ * @param {string} [filters.name] - The name of the permission
+ * @param {string} [filters.clientId] - The client id
+ * @param {string} [filters.clientKey] - The client key
+ * @returns {Promise<Array<Object>>} - A promise that resolves to an array of permissions
+ */
+const getPermissions = async (filters = {}) => {
+  try {
+    const query = usherDb('permissions')
+      .join('clients', 'permissions.clientkey', '=', 'clients.key')
+      .select('permissions.*', 'clients.client_id')
+
+    const { clientId, name, clientKey } = filters
+    if (clientId) {
+      query.where('clients.client_id', 'ilike', `%${clientId}%`)
+    }
+    if (name) {
+      query.where('permissions.name', 'ilike', `%${name}%`)
+    }
+    if (clientKey) {
+      query.where('permissions.clientkey', clientKey)
+    }
+
+    const permissions = await query
+    return permissions
+  } catch (err) {
+    throw pgErrorHandler(err)
+  }
+}
+
 module.exports = {
   insertPermissionByClientId,
   updatePermissionByPermissionname,
@@ -122,4 +155,5 @@ module.exports = {
   getPermissionsByRoleKey,
   insertPermission,
   getPermissionsByNameClientKey,
+  getPermissions,
 }
diff --git a/server/src/api_endpoints/endpoint_permissions.js b/server/src/api_endpoints/endpoint_permissions.js
@@ -0,0 +1,23 @@
+const createError = require('http-errors')
+const dbAdminPermission = require('database/layer/admin-permission')
+
+/**
+ * HTTP Request handler
+ * Returns a list of permissions
+ *
+ * @param {Object} req - The request object
+ * @param {Object} res - The response object to send 200 statusCode and a list of permissions
+ * @param {Function} next - The next middleware function
+ * @returns {Promise<void>} - A promise that resolves to void when permissions are retrieved
+ */
+const getPermissions = async (req, res, next) => {
+  try {
+    const { name, client_id: clientId, client_key: clientKey } = req.query
+    const permissions = await dbAdminPermission.getPermissions({ name, clientId, clientKey })
+    res.status(200).send(permissions)
+  } catch ({ httpStatusCode = 500, message }) {
+    return next(createError(httpStatusCode, { message }))
+  }
+}
+
+module.exports = { getPermissions }
diff --git a/server/the-usher-openapi-spec.yaml b/server/the-usher-openapi-spec.yaml
@@ -496,6 +496,42 @@ paths:
         503:
           $ref: '#/components/responses/ServiceUnavailableError'
 
+  /permissions:
+    get:
+      'x-swagger-router-controller': 'endpoint_permissions'
+      operationId: getPermissions
+      summary: Get a List of permissions, optionally filtered by name, client_id and client_key
+      tags:
+        - Admin APIs
+      security:
+        - bearerAdminAuth: []
+      parameters:
+        - $ref: '#/components/parameters/nameQueryParam'
+        - $ref: '#/components/parameters/clientIdQueryParam'
+        - $ref: '#/components/parameters/clientKeyQueryParam'
+      responses:
+        200:
+          description: The List of Permissions
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  allOf:
+                    - $ref: '#/components/schemas/PermissionObject'
+                    - type: object
+                      properties:
+                        client_id: 
+                          type: string
+        400:
+          $ref: '#/components/responses/BadRequest'
+        401:
+          $ref: '#/components/responses/Unauthorized'
+        500:
+          $ref: '#/components/responses/InternalError'
+        503:
+          $ref: '#/components/responses/ServiceUnavailableError'
+
   /personas:
     get:
       'x-swagger-router-controller': 'personas/persona'
@@ -1183,7 +1219,21 @@ components:
           value: "*"
     clientIdQueryParam:
       name: client_id
-      description: Unique identifier for the client.
+      description: Filter by client_id
+      in: query
+      required: false
+      schema:
+        $ref: '#/components/schemas/EntityNameDef'
+    clientKeyQueryParam:
+      name: client_key
+      description: Filter by client_key
+      in: query
+      required: false
+      schema:
+        type: integer
+    nameQueryParam:
+      name: name
+      description: Filter by name
       in: query
       required: false
       schema: