Nodarx/server
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

improved permissions

Browse Source
This commit is contained in:
root
2025-12-23 17:43:36 -05:00
parent d8fa85a4a8
commit 205473a23f
2 changed files with 40 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
core/lib/Models/Identity/User.php
View File

@@ -21,21 +21,21 @@ class User
$this->id = $data['uid'] ?? null; // 'uid' maps to 'id' $this->id = $data['uid'] ?? null; // 'uid' maps to 'id'
$this->identity = $data['identity'] ?? null; $this->identity = $data['identity'] ?? null;
$this->label = $data['label'] ?? null; $this->label = $data['label'] ?? null;
$this->roles = (array)$data['roles'] ?? []; $this->roles = (array)($data['roles'] ?? []);
$this->enabled = $data['enabled'] ?? null; $this->enabled = $data['enabled'] ?? null;
$this->provider = $data['provider'] ?? null; $this->provider = $data['provider'] ?? null;
$this->externalSubject = $data['external_subject'] ?? null; $this->externalSubject = $data['external_subject'] ?? null;
$this->initialLogin = $data['initial_login'] ?? null; $this->initialLogin = $data['initial_login'] ?? null;
$this->recentLogin = $data['recent_login'] ?? null; $this->recentLogin = $data['recent_login'] ?? null;
$this->permissions = (array)$data['permissions'] ?? []; $this->permissions = (array)($data['permissions'] ?? []);
} }
if ($source === 'jwt') { if ($source === 'jwt') {
$this->id = $data['identifier'] ?? null; $this->id = $data['identifier'] ?? null;
$this->identity = $data['identity'] ?? null; $this->identity = $data['identity'] ?? null;
$this->label = $data['label'] ?? null; $this->label = $data['label'] ?? null;
$this->roles = (array)$data['role'] ?? []; $this->roles = (array)($data['role'] ?? []);
$this->permissions = (array)$data['permissions'] ?? []; $this->permissions = (array)($data['permissions'] ?? []);
$this->enabled = true; $this->enabled = true;
} }

37
core/lib/Stores/UserStore.php
View File

@@ -62,7 +62,42 @@ class UserStore
public function fetchByIdentifier(string $tenant, string $identifier): array | null public function fetchByIdentifier(string $tenant, string $identifier): array | null
{ {
$entry = $this->store->selectCollection('users')->findOne(['tid' => $tenant, 'uid' => $identifier]); $pipeline = [
[
'$match' => [
'tid' => $tenant,
'uid' => $identifier
]
],
[
'$lookup' => [
'from' => 'user_roles',
'localField' => 'roles',
'foreignField' => 'rid',
'as' => 'role_details'
]
],
[
'$addFields' => [
'permissions' => [
'$reduce' => [
'input' => [
'$map' => [
'input' => '$role_details',
'as' => 'r',
'in' => [ '$ifNull' => ['$$r.permissions', []] ]
]
],
'initialValue' => [],
'in' => [ '$setUnion' => ['$$value', '$$this'] ]
]
]
]
],
[ '$unset' => 'role_details' ]
];
$entry = $this->store->selectCollection('users')->aggregate($pipeline)->toArray()[0] ?? null;
if (!$entry) { return null; } if (!$entry) { return null; }
return (array)$entry; return (array)$entry;
} }