add queryas to query

Author: skadefro

OpenFlow/src/DatabaseConnection.ts

@@ -188,7 +188,7 @@ export class DatabaseConnection {
      * @returns Promise<T[]> Array of results
      */
     // tslint:disable-next-line: max-line-length
-    async query<T extends Base>(query: any, projection: Object, top: number, skip: number, orderby: Object | string, collectionname: string, jwt: string): Promise<T[]> {
+    async query<T extends Base>(query: any, projection: Object, top: number, skip: number, orderby: Object | string, collectionname: string, jwt: string, queryas: string = null): Promise<T[]> {
         var arr: T[] = [];
         await this.connect();
         var mysort: Object = {};
@@ -236,13 +236,22 @@ export class DatabaseConnection {
         var _query: Object = {};
         if (collectionname === "files") { collectionname = "fs.files"; }
         if (collectionname === "fs.files") {
-            _query = { $and: [query, this.getbasequery(jwt, "metadata._acl", [Rights.read])] };
+            if (!Util.IsNullEmpty(queryas)) {
+                _query = { $and: [query, this.getbasequery(jwt, "metadata._acl", [Rights.read]), await this.getbasequeryuserid(queryas, "metadata._acl", [Rights.read])] };
+            } else {
+                _query = { $and: [query, this.getbasequery(jwt, "metadata._acl", [Rights.read])] };
+            }
             projection = null;
         } else {
-            if (!collectionname.endsWith("_hist")) {
-                _query = { $and: [query, this.getbasequery(jwt, "_acl", [Rights.read])] };
+            // if (!collectionname.endsWith("_hist")) {
+            //     _query = { $and: [query, this.getbasequery(jwt, "_acl", [Rights.read])] };
+            // } else {
+            //     // todo: enforcer permissions when fetching _hist ?
+            //     _query = { $and: [query, this.getbasequery(jwt, "_acl", [Rights.read])] };
+            // }
+            if (!Util.IsNullEmpty(queryas)) {
+                _query = { $and: [query, this.getbasequery(jwt, "_acl", [Rights.read]), await this.getbasequeryuserid(queryas, "_acl", [Rights.read])] };
             } else {
-                // todo: enforcer permissions when fetching _hist ?
                 _query = { $and: [query, this.getbasequery(jwt, "_acl", [Rights.read])] };
             }
         }
@@ -936,31 +945,13 @@ export class DatabaseConnection {
             };
             finalor.push(q2);
         }
-        // 
-        // if (bits.length > 0 && (bits[0] + 1) == Rights.read) {
-        //     this._logger.debug("[" + user.username + "] Include isme in base query");
-        //     return { $or: finalor.concat(isme) };
-        // } else if (bits.length > 0) {
-        //     this._logger.debug("[" + user.username + "] Skip isme in base query, not read (" + bits[0] + ")");
-        // } else {
-        //     this._logger.debug("[" + user.username + "] Skip isme in base query, bits missing!");
-        // }
-        // if(bits.length==1 && (bits[0]+1) == Rights.read)
-        // {
-        //     for (var i: number = 0; i < user.roles.length; i++) {
-        //         var role = user.roles[i];
-        //         if(role._id!=WellknownIds.admins && role._id!=WellknownIds.robots && role._id!=WellknownIds.nodered_users && 
-        //             role._id!=WellknownIds.nodered_admins && role._id!=WellknownIds.nodered_api_users && role._id!=WellknownIds.filestore_users && 
-        //             role._id!=WellknownIds.filestore_admins && role._id!=WellknownIds.robot_users && role._id!=WellknownIds.robot_admins
-        //             && role._id!=WellknownIds.personal_nodered_users)
-        //             {
-
-        //             }
-        //     }
-
-        // }
         return { $or: finalor.concat() };
     }
+    private async getbasequeryuserid(userid: string, field: string, bits: number[]): Promise<Object> {
+        var user = await User.FindByUsernameOrId(null, userid);
+        var jwt = Crypt.createToken(user, "5m");
+        return this.getbasequery(jwt, field, bits);
+    }
     /**
      * Ensure _type and _acs on object
      * @param  {T} item Object to validate

OpenFlow/src/Messages/Message.ts

@@ -342,7 +342,7 @@ export class Message {
         try {
             msg = QueryMessage.assign(this.data);
             if (Util.IsNullEmpty(msg.jwt)) { msg.jwt = cli.jwt; }
-            msg.result = await Config.db.query(msg.query, msg.projection, msg.top, msg.skip, msg.orderby, msg.collectionname, msg.jwt);
+            msg.result = await Config.db.query(msg.query, msg.projection, msg.top, msg.skip, msg.orderby, msg.collectionname, msg.jwt, msg.queryas);
         } catch (error) {
             cli._logger.error(error);
             if (Util.IsNullUndefinded(msg)) { (msg as any) = {}; }

OpenFlow/src/Messages/QueryMessage.ts

@@ -2,16 +2,17 @@ import { Base } from "../base";
 
 export class QueryMessage<T extends Base> implements IReplyMessage {
     public error: string;
-    public jwt:any;
+    public jwt: any;
 
-    public query:any;
-    public projection:Object;
-    public top:number;
-    public skip:number;
-    public orderby:Object | string;
-    public collectionname:string;
-    public result:T[];
-    static assign<T extends Base>(o:any):QueryMessage<T> {
+    public query: any;
+    public projection: Object;
+    public top: number;
+    public skip: number;
+    public orderby: Object | string;
+    public collectionname: string;
+    public result: T[];
+    public queryas: string;
+    static assign<T extends Base>(o: any): QueryMessage<T> {
         if (typeof o === "string" || o instanceof String) {
             return Object.assign(new QueryMessage(), JSON.parse(o.toString()));
         }

OpenFlowNodeRED/src/Message.ts

@@ -93,6 +93,7 @@ export class QueryMessage {
     public orderby: Object | string;
     public collectionname: string;
     public result: any[];
+    public queryas: string;
     static assign(o: any): QueryMessage {
         if (typeof o === "string" || o instanceof String) {
             return Object.assign(new QueryMessage(), JSON.parse(o.toString()));

OpenFlowNodeRED/src/nodered/nodes/NoderedUtil.ts

@@ -74,9 +74,9 @@ export class NoderedUtil {
 
 
 
-    public static async Query(collection: string, query: any, projection: any, orderby: any, top: number, skip: number, jwt: string): Promise<any[]> {
+    public static async Query(collection: string, query: any, projection: any, orderby: any, top: number, skip: number, jwt: string, queryas: string = null): Promise<any[]> {
         var q: QueryMessage = new QueryMessage(); q.collectionname = collection;
-        q.orderby = orderby; q.projection = projection;
+        q.orderby = orderby; q.projection = projection; q.queryas = queryas;
         //q.query = query;
         q.query = JSON.stringify(query, (key, value) => {
             var t = typeof value;

OpenFlowNodeRED/src/nodered/nodes/rpa_nodes.ts

@@ -220,25 +220,25 @@ export async function get_rpa_workflows(req, res) {
         var token = await NoderedUtil.GetTokenFromSAML(rawAssertion);
         var q: any = { _type: "workflow" };
         if (req.query.queue != null && req.query.queue != undefined && req.query.queue != "" && req.query.queue != "none") {
-            q = {
-                _type: "workflow",
-                $or: [
-                    { _createdbyid: req.query.queue },
-                    { _modifiedbyid: req.query.queue },
-                    {
-                        _acl: {
-                            $elemMatch: {
-                                rights: { $bitsAllSet: [2] },
-                                deny: false,
-                                _id: req.query.queue
-                            }
-                        }
-                    }
-                ]
-            };
+            // q = {
+            //     _type: "workflow",
+            //     $or: [
+            //         { _createdbyid: req.query.queue },
+            //         { _modifiedbyid: req.query.queue },
+            //         {
+            //             _acl: {
+            //                 $elemMatch: {
+            //                     rights: { $bitsAllSet: [2] },
+            //                     deny: false,
+            //                     _id: req.query.queue
+            //                 }
+            //             }
+            //         }
+            //     ]
+            // };
         }
         var result: any[] = await NoderedUtil.Query('openrpa', q,
-            { name: 1 }, { name: -1 }, 1000, 0, token.jwt)
+            { name: 1 }, { name: -1 }, 1000, 0, token.jwt, req.query.queue)
         res.json(result);
     } catch (error) {
         res.status(500).json(error);

VERSION

@@ -1 +1 @@
-0.0.401
+0.0.402