WIP Roles and permissions access control.

server/src/database/factories/index.js

@@ -7,7 +7,6 @@ const factory = knexFactory(knex);
 
 factory.define('user', 'users', async () => {
   const hashedPassword = await hashPassword('admin');
-
   return {
     first_name: faker.name.firstName(),
     last_name: faker.name.lastName(),
@@ -32,7 +31,6 @@ factory.define('account_type', 'account_types', async () => ({
 
 factory.define('account', 'accounts', async () => {
   const accountType = await factory.create('account_type');
-
   return {
     name: faker.lorem.word(),
     account_type_id: accountType.id,
@@ -59,7 +57,6 @@ factory.define('item_metadata', 'items_metadata', async () => {
 factory.define('item', 'items', async () => {
   const category = await factory.create('item_category');
   const account = await factory.create('account');
-
   return {
     name: faker.lorem.word(),
     note: faker.lorem.paragraph(),
@@ -73,7 +70,6 @@ factory.define('item', 'items', async () => {
 
 factory.define('setting', 'settings', async () => {
   const user = await factory.create('user');
-
   return {
     key: faker.lorem.slug(),
     user_id: user.id,
@@ -83,4 +79,45 @@ factory.define('setting', 'settings', async () => {
   };
 });
 
+factory.define('role', 'roles', async () => ({
+  name: faker.lorem.word(),
+  description: faker.lorem.words(),
+  predefined: false,
+}));
+
+factory.define('user_has_role', 'user_has_roles', async () => {
+  const user = await factory.create('user');
+  const role = await factory.create('role');
+
+  return {
+    user_id: user.id,
+    role_id: role.id,
+  };
+});
+
+factory.define('permission', 'permissions', async () => {
+  const permissions = ['create', 'edit', 'delete', 'view', 'owner'];
+  const randomPermission = permissions[Math.floor(Math.random() * permissions.length)];
+
+  return {
+    name: randomPermission,
+  };
+});
+
+factory.define('role_has_permission', 'role_has_permissions', async () => {
+  const permission = await factory.create('permission');
+  const role = await factory.create('role');
+  const resource = await factory.create('resource');
+
+  return {
+    role_id: role.id,
+    permission_id: permission.id,
+    resource_id: resource.id,
+  };
+});
+
+factory.define('resource', 'resources', () => ({
+  name: faker.lorem.word(),
+}));
+
 export default factory;

server/src/database/migrations/20190423085238_create_permissions_table.js

@@ -0,0 +1,11 @@
+
+exports.up = function (knex) {
+  return knex.schema.createTable('permissions', (table) => {
+    table.increments();
+    table.string('name');
+  });
+};
+
+exports.down = function (knex) {
+  return knex.schema.dropTable('permissions');
+};

server/src/database/migrations/20190423085240_create_resources_table.js

@@ -0,0 +1,11 @@
+
+exports.up = function (knex) {
+  return knex.schema.createTable('resources', (table) => {
+    table.increments();
+    table.string('name');
+  });
+};
+
+exports.down = function (knex) {
+  return knex.schema.dropTable('resources');
+};

server/src/database/migrations/20190822214242_create_users_table.js

@@ -1,5 +1,5 @@
 
-exports.up = function(knex) {
+exports.up = function (knex) {
   return knex.schema.createTable('users', (table) => {
     table.increments();
     table.string('first_name');
@@ -15,6 +15,6 @@ exports.up = function(knex) {
   });
 };
 
-exports.down = function(knex) {
+exports.down = function (knex) {
   return knex.schema.dropTableIfExists('users');
 };

server/src/database/migrations/20190822214244_create_user_has_roles_table.js

@@ -0,0 +1,12 @@
+
+exports.up = function (knex) {
+  return knex.schema.createTable('user_has_roles', (table) => {
+    table.increments();
+    table.integer('user_id').unsigned().references('id').inTable('users');
+    table.integer('role_id').unsigned().references('id').inTable('roles');
+  });
+};
+
+exports.down = function (knex) {
+  return knex.schema.dropTableIfExists('user_has_roles');
+};

server/src/database/migrations/20190822214247_create_oauth_tokens_table.js

@@ -1,6 +1,6 @@
 
 exports.up = function(knex) {
-  return knex.schema.createTable('oauth_tokens', table => {
+  return knex.schema.createTable('oauth_tokens', (table) => {
     table.increments();
     table.string('access_token');
     table.date('access_token_expires_on');

server/src/database/migrations/20190822214905_create_role_has_accounts.js

@@ -0,0 +1,10 @@
+
+exports.up = function (knex) {
+  return knex.schema.createTable('role_has_accounts', (table) => {
+    table.increments();
+    table.integer('role_id').unsigned().references('id').inTable('roles');
+    table.integer('account_id').unsigned().references('id').inTable('accounts');
+  });
+};
+
+exports.down = (knex) => knex.schema.dropTableIfExists('role_has_accounts');

server/src/database/migrations/20190822214905_create_role_has_permissions.js

@@ -0,0 +1,11 @@
+
+exports.up = function (knex) {
+  return knex.schema.createTable('role_has_permissions', (table) => {
+    table.increments();
+    table.integer('role_id').unsigned().references('id').inTable('roles');
+    table.integer('permission_id').unsigned().references('id').inTable('permissions');
+    table.integer('resource_id').unsigned().references('id').inTable('resources');
+  });
+};
+
+exports.down = (knex) => knex.schema.dropTableIfExists('role_has_permissions');