feat: board access group permissions (#422)

* fix: cache is not exportet from react * fix: format issue * wip: add usage of group permissions * feat: show inherited groups and add manage group * refactor: improve board access management * chore: address pull request feedback * fix: type issues * fix: migrations * test: add unit tests for board permissions, permissions and board router * test: add unit tests for board router and get current user permissions method * fix: format issues * fix: deepsource issue
2024-05-04 18:34:41 +02:00
parent ca49a01352
commit b1e065f1da
42 changed files with 2375 additions and 423 deletions
--- a/packages/db/migrations/mysql/0000_chubby_darkhawk.sql
+++ b/packages/db/migrations/mysql/0000_chubby_darkhawk.sql
@@ -22,11 +22,18 @@ CREATE TABLE `app` (
 	CONSTRAINT `app_id` PRIMARY KEY(`id`)
 );
 --> statement-breakpoint
-CREATE TABLE `boardPermission` (
+CREATE TABLE `boardGroupPermission` (
+	`board_id` text NOT NULL,
+	`group_id` text NOT NULL,
+	`permission` text NOT NULL,
+	CONSTRAINT `boardGroupPermission_board_id_group_id_permission_pk` PRIMARY KEY(`board_id`,`group_id`,`permission`)
+);
+--> statement-breakpoint
+CREATE TABLE `boardUserPermission` (
 	`board_id` text NOT NULL,
 	`user_id` text NOT NULL,
 	`permission` text NOT NULL,
-	CONSTRAINT `boardPermission_board_id_user_id_permission_pk` PRIMARY KEY(`board_id`,`user_id`,`permission`)
+	CONSTRAINT `boardUserPermission_board_id_user_id_permission_pk` PRIMARY KEY(`board_id`,`user_id`,`permission`)
 );
 --> statement-breakpoint
 CREATE TABLE `board` (
@@ -152,8 +159,10 @@ CREATE INDEX `integration_secret__updated_at_idx` ON `integrationSecret` (`updat
 CREATE INDEX `integration__kind_idx` ON `integration` (`kind`);--> statement-breakpoint
 CREATE INDEX `user_id_idx` ON `session` (`userId`);--> statement-breakpoint
 ALTER TABLE `account` ADD CONSTRAINT `account_userId_user_id_fk` FOREIGN KEY (`userId`) REFERENCES `user`(`id`) ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
-ALTER TABLE `boardPermission` ADD CONSTRAINT `boardPermission_board_id_board_id_fk` FOREIGN KEY (`board_id`) REFERENCES `board`(`id`) ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
-ALTER TABLE `boardPermission` ADD CONSTRAINT `boardPermission_user_id_user_id_fk` FOREIGN KEY (`user_id`) REFERENCES `user`(`id`) ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE `boardGroupPermission` ADD CONSTRAINT `boardGroupPermission_board_id_board_id_fk` FOREIGN KEY (`board_id`) REFERENCES `board`(`id`) ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE `boardGroupPermission` ADD CONSTRAINT `boardGroupPermission_group_id_group_id_fk` FOREIGN KEY (`group_id`) REFERENCES `group`(`id`) ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE `boardUserPermission` ADD CONSTRAINT `boardUserPermission_board_id_board_id_fk` FOREIGN KEY (`board_id`) REFERENCES `board`(`id`) ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE `boardUserPermission` ADD CONSTRAINT `boardUserPermission_user_id_user_id_fk` FOREIGN KEY (`user_id`) REFERENCES `user`(`id`) ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
 ALTER TABLE `board` ADD CONSTRAINT `board_creator_id_user_id_fk` FOREIGN KEY (`creator_id`) REFERENCES `user`(`id`) ON DELETE set null ON UPDATE no action;--> statement-breakpoint
 ALTER TABLE `groupMember` ADD CONSTRAINT `groupMember_groupId_group_id_fk` FOREIGN KEY (`groupId`) REFERENCES `group`(`id`) ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
 ALTER TABLE `groupMember` ADD CONSTRAINT `groupMember_userId_user_id_fk` FOREIGN KEY (`userId`) REFERENCES `user`(`id`) ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
--- a/packages/db/migrations/mysql/meta/0000_snapshot.json
+++ b/packages/db/migrations/mysql/meta/0000_snapshot.json
@@ -1,7 +1,7 @@
 {
  "version": "5",
  "dialect": "mysql",
-  "id": "d0a05e9e-107f-4bed-ac54-a4a41369f0da",
+  "id": "47dc6887-a308-480d-8125-183412fe7fa7",
  "prevId": "00000000-0000-0000-0000-000000000000",
  "tables": {
    "account": {
@@ -160,8 +160,62 @@
      },
      "uniqueConstraints": {}
    },
-    "boardPermission": {
-      "name": "boardPermission",
+    "boardGroupPermission": {
+      "name": "boardGroupPermission",
+      "columns": {
+        "board_id": {
+          "name": "board_id",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "group_id": {
+          "name": "group_id",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "permission": {
+          "name": "permission",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "boardGroupPermission_board_id_board_id_fk": {
+          "name": "boardGroupPermission_board_id_board_id_fk",
+          "tableFrom": "boardGroupPermission",
+          "tableTo": "board",
+          "columnsFrom": ["board_id"],
+          "columnsTo": ["id"],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        },
+        "boardGroupPermission_group_id_group_id_fk": {
+          "name": "boardGroupPermission_group_id_group_id_fk",
+          "tableFrom": "boardGroupPermission",
+          "tableTo": "group",
+          "columnsFrom": ["group_id"],
+          "columnsTo": ["id"],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {
+        "boardGroupPermission_board_id_group_id_permission_pk": {
+          "name": "boardGroupPermission_board_id_group_id_permission_pk",
+          "columns": ["board_id", "group_id", "permission"]
+        }
+      },
+      "uniqueConstraints": {}
+    },
+    "boardUserPermission": {
+      "name": "boardUserPermission",
      "columns": {
        "board_id": {
          "name": "board_id",
@@ -187,18 +241,18 @@
      },
      "indexes": {},
      "foreignKeys": {
-        "boardPermission_board_id_board_id_fk": {
-          "name": "boardPermission_board_id_board_id_fk",
-          "tableFrom": "boardPermission",
+        "boardUserPermission_board_id_board_id_fk": {
+          "name": "boardUserPermission_board_id_board_id_fk",
+          "tableFrom": "boardUserPermission",
          "tableTo": "board",
          "columnsFrom": ["board_id"],
          "columnsTo": ["id"],
          "onDelete": "cascade",
          "onUpdate": "no action"
        },
-        "boardPermission_user_id_user_id_fk": {
-          "name": "boardPermission_user_id_user_id_fk",
-          "tableFrom": "boardPermission",
+        "boardUserPermission_user_id_user_id_fk": {
+          "name": "boardUserPermission_user_id_user_id_fk",
+          "tableFrom": "boardUserPermission",
          "tableTo": "user",
          "columnsFrom": ["user_id"],
          "columnsTo": ["id"],
@@ -207,8 +261,8 @@
        }
      },
      "compositePrimaryKeys": {
-        "boardPermission_board_id_user_id_permission_pk": {
-          "name": "boardPermission_board_id_user_id_permission_pk",
+        "boardUserPermission_board_id_user_id_permission_pk": {
+          "name": "boardUserPermission_board_id_user_id_permission_pk",
          "columns": ["board_id", "user_id", "permission"]
        }
      },
--- a/packages/db/migrations/mysql/meta/_journal.json
+++ b/packages/db/migrations/mysql/meta/_journal.json
@@ -5,8 +5,8 @@
    {
      "idx": 0,
      "version": "5",
-      "when": 1714414260766,
-      "tag": "0000_chubby_darkhawk",
+      "when": 1714817536714,
+      "tag": "0000_hot_mandrill",
      "breakpoints": true
    }
  ]
--- a/packages/db/migrations/sqlite/0000_premium_forgotten_one.sql
+++ b/packages/db/migrations/sqlite/0000_premium_forgotten_one.sql
@@ -22,7 +22,16 @@ CREATE TABLE `app` (
 	`href` text
 );
 --> statement-breakpoint
-CREATE TABLE `boardPermission` (
+CREATE TABLE `boardGroupPermission` (
+	`board_id` text NOT NULL,
+	`group_id` text NOT NULL,
+	`permission` text NOT NULL,
+	PRIMARY KEY(`board_id`, `group_id`, `permission`),
+	FOREIGN KEY (`board_id`) REFERENCES `board`(`id`) ON UPDATE no action ON DELETE cascade,
+	FOREIGN KEY (`group_id`) REFERENCES `group`(`id`) ON UPDATE no action ON DELETE cascade
+);
+--> statement-breakpoint
+CREATE TABLE `boardUserPermission` (
 	`board_id` text NOT NULL,
 	`user_id` text NOT NULL,
 	`permission` text NOT NULL,
--- a/packages/db/migrations/sqlite/meta/0000_snapshot.json
+++ b/packages/db/migrations/sqlite/meta/0000_snapshot.json
@@ -1,7 +1,7 @@
 {
  "version": "5",
  "dialect": "sqlite",
-  "id": "e3ff4a97-d357-4a64-989b-78668b36c82d",
+  "id": "116fcd87-09c7-4c7c-b590-0ed5681ffdc5",
  "prevId": "00000000-0000-0000-0000-000000000000",
  "tables": {
    "account": {
@@ -155,8 +155,62 @@
      "compositePrimaryKeys": {},
      "uniqueConstraints": {}
    },
-    "boardPermission": {
-      "name": "boardPermission",
+    "boardGroupPermission": {
+      "name": "boardGroupPermission",
+      "columns": {
+        "board_id": {
+          "name": "board_id",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "group_id": {
+          "name": "group_id",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "permission": {
+          "name": "permission",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {
+        "boardGroupPermission_board_id_board_id_fk": {
+          "name": "boardGroupPermission_board_id_board_id_fk",
+          "tableFrom": "boardGroupPermission",
+          "tableTo": "board",
+          "columnsFrom": ["board_id"],
+          "columnsTo": ["id"],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        },
+        "boardGroupPermission_group_id_group_id_fk": {
+          "name": "boardGroupPermission_group_id_group_id_fk",
+          "tableFrom": "boardGroupPermission",
+          "tableTo": "group",
+          "columnsFrom": ["group_id"],
+          "columnsTo": ["id"],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {
+        "boardGroupPermission_board_id_group_id_permission_pk": {
+          "columns": ["board_id", "group_id", "permission"],
+          "name": "boardGroupPermission_board_id_group_id_permission_pk"
+        }
+      },
+      "uniqueConstraints": {}
+    },
+    "boardUserPermission": {
+      "name": "boardUserPermission",
      "columns": {
        "board_id": {
          "name": "board_id",
@@ -182,18 +236,18 @@
      },
      "indexes": {},
      "foreignKeys": {
-        "boardPermission_board_id_board_id_fk": {
-          "name": "boardPermission_board_id_board_id_fk",
-          "tableFrom": "boardPermission",
+        "boardUserPermission_board_id_board_id_fk": {
+          "name": "boardUserPermission_board_id_board_id_fk",
+          "tableFrom": "boardUserPermission",
          "tableTo": "board",
          "columnsFrom": ["board_id"],
          "columnsTo": ["id"],
          "onDelete": "cascade",
          "onUpdate": "no action"
        },
-        "boardPermission_user_id_user_id_fk": {
-          "name": "boardPermission_user_id_user_id_fk",
-          "tableFrom": "boardPermission",
+        "boardUserPermission_user_id_user_id_fk": {
+          "name": "boardUserPermission_user_id_user_id_fk",
+          "tableFrom": "boardUserPermission",
          "tableTo": "user",
          "columnsFrom": ["user_id"],
          "columnsTo": ["id"],
@@ -202,9 +256,9 @@
        }
      },
      "compositePrimaryKeys": {
-        "boardPermission_board_id_user_id_permission_pk": {
+        "boardUserPermission_board_id_user_id_permission_pk": {
          "columns": ["board_id", "permission", "user_id"],
-          "name": "boardPermission_board_id_user_id_permission_pk"
+          "name": "boardUserPermission_board_id_user_id_permission_pk"
        }
      },
      "uniqueConstraints": {}
--- a/packages/db/migrations/sqlite/meta/_journal.json
+++ b/packages/db/migrations/sqlite/meta/_journal.json
@@ -5,8 +5,8 @@
    {
      "idx": 0,
      "version": "5",
-      "when": 1714414359385,
-      "tag": "0000_abnormal_kree",
+      "when": 1714817544524,
+      "tag": "0000_premium_forgotten_one",
      "breakpoints": true
    }
  ]