Implement permission policies in the API #22384
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
…ccess) and policy updates (directus_policies) and permissions updates (directus_permissions)
Comment on lines
+12
to
+14
| throw new ForbiddenError({ | ||
| reason: `You don't have permission to access collection "${collection}" or it does not exist. Queried in ${pathSuffix}.`, | ||
| }); |
There was a problem hiding this comment.
Even though this, and the other errors are really helpful, they do expose that the collection + field exists, as it differs from the standard ForbiddenError in case of a non-existent collection.
…imilar to /users/me
…us-21765 # Conflicts: # api/src/services/users.ts # api/src/telemetry/lib/get-report.test.ts # api/src/telemetry/lib/get-report.ts # api/src/telemetry/utils/get-user-count.test.ts # api/src/telemetry/utils/get-user-count.ts
# Conflicts: # api/src/services/users.ts
licitdev
reviewed
Jun 10, 2024
| router.search('/', validateBatch('read'), readHandler, respond); | ||
|
|
||
| router.get( | ||
| '/me/flags', |
api/src/controllers/roles.ts
Outdated
Comment on lines
86
to
88
| const query = { ...req.sanitizedQuery, limit: -1 }; | ||
|
|
||
| const roles = await service.readMany(req.accountability.roles, query); |
There was a problem hiding this comment.
Should we add the same comment as per other usages of this limit: -1 query?
Suggested change
| const query = { ...req.sanitizedQuery, limit: -1 }; | |
| const roles = await service.readMany(req.accountability.roles, query); | |
| // TODO fix this at the service level | |
| const temporaryQuery = { ...req.sanitizedQuery, limit: -1 }; | |
| const roles = await service.readMany(req.accountability.roles, temporaryQuery); |
| if (this.accountability?.admin) { | ||
| return mapValues(this.schema.collections, () => | ||
| Object.fromEntries( | ||
| ['create', 'read', 'update', 'delete', 'share'].map((action) => [ |
There was a problem hiding this comment.
Could we extract this array as a constant? This array will be used in the App as well.
Comment on lines
+86
to
+89
| const query = { ...req.sanitizedQuery, limit: -1 }; | ||
|
|
||
| try { | ||
| const roles = await service.readMany(req.accountability.roles, query); |
There was a problem hiding this comment.
Should we include this comment about it being temporary to be consistent with other usages?
Suggested change
| const query = { ...req.sanitizedQuery, limit: -1 }; | |
| try { | |
| const roles = await service.readMany(req.accountability.roles, query); | |
| // TODO fix this at the service level | |
| const temporaryQuery = { ...req.sanitizedQuery, limit: -1 }; | |
| try { | |
| const roles = await service.readMany(req.accountability.roles, temporaryQuery); |
Co-authored-by: Hannes Küttner <4376726+hanneskuettner@users.noreply.github.com>
licitdev
reviewed
Jun 10, 2024
api/src/database/run/run.ts
Outdated
There was a problem hiding this comment.
Should this file be run-ast.ts?
licitdev
reviewed
Jun 11, 2024
This was referenced Jun 11, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Scope
What's changed:
api/src/permissionsfolderrolesflag to accountability object. This is an ordered array of all the parent roles of the current userget-ast-from-queryby splitting it into multiple filescasesandwhenCase. This allows us to dynamically generate the case/when SQL to have dynamic field output per item.run-astby splitting it up into smaller filesPotential Risks / Drawbacks
Review Notes / Questions
Todos
whenCasesinrun-astclearmethod in memory/cache/permissionsendpointdirectus_accesschangesdirectus_roleschangesdirectus_permissionschangesdirectus_policieschangesdownmigrationwithCacheto the known keysapp_accessandadmin_accessfalseCloses #21778, closes #21765, closes #22163, closes #21769, closes #21768, closes #21767, closes #21766
Footnotes
Eg check to make sure there's still >=1 admin left after the mutation is done ↩