maxim.dolgolyov/Learn_System
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(permissions): A1 — зависимости между правами (requires) + план переработки

Browse Source 
registry: поле requires (questions.delete→manage, templates.public→manage,
courses.interactive→manage, simulations.quiz→access), проброшено в byRole.
auth.requirePermission: вынесен isEnabled(); право = own AND все requires
(дочернее не работает без родителя). /me и /users/🆔 effective с учётом
requires + requires в ответе. UI permissions.js: каскад — дочернее с
невыполненной зависимостью неактивно (тумблер заблокирован + «Требует: …»).
Тест зависимости. План: plans/permissions-rework/PLAN.md. Backend 216 pass.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Maxim Dolgolyov
2026-06-03 14:10:20 +03:00
parent e37432d812
commit 9ac2a612e0
6 changed files with 117 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/src/controllers/permissionsController.js
+7 -2
View File
@@ -72,9 +72,11 @@ function getMyPermissions(req, res) {
for (const r of userRows) userMap[r.permission] = r.enabled === 1;
const defs = ALL_PERMISSIONS.filter(p => p.role === role);
const base = {};
defs.forEach(d => { base[d.key] = userMap[d.key] !== undefined ? userMap[d.key] : (roleMap[d.key] ?? !!d.default); });
const result = defs.map(d => ({
key: d.key,
effective: userMap[d.key] !== undefined ? userMap[d.key] : (roleMap[d.key] ?? !!d.default),
effective: base[d.key] && (d.requires || []).every(r => !!base[r]),
}));
res.json({ role, permissions: result });
}
@@ -101,13 +103,16 @@ function getUserPermissions(req, res) {
for (const r of userRows) userMap[r.permission] = r.enabled === 1;
const defs = ALL_PERMISSIONS.filter(p => p.role === target.role);
const base = {};
defs.forEach(d => { base[d.key] = userMap[d.key] !== undefined ? userMap[d.key] : (roleMap[d.key] ?? !!d.default); });
const result = defs.map(d => ({
key: d.key,
label: d.label,
desc: d.desc,
requires: d.requires || [],
roleVal: roleMap[d.key] ?? d.default, // effective role-level value
userVal: userMap[d.key], // undefined = no override
effective: userMap[d.key] !== undefined ? userMap[d.key] : (roleMap[d.key] ?? !!d.default),
effective: base[d.key] && (d.requires || []).every(r => !!base[r]),
}));
res.json({ role: target.role, permissions: result });