manuel.sowada/radixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add permission view

Browse Source
This commit is contained in:
Manuel Sowada
2026-05-05 14:49:34 +02:00
parent f09f148aea
commit e5ee067db4
8 changed files with 154 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
dbcreate.sql
View File

@@ -24,6 +24,7 @@ GO
-- DROP VIEW IF EXISTS dbo.vAuthentications; -- DROP VIEW IF EXISTS dbo.vAuthentications;
-- DROP VIEW IF EXISTS dbo.vEventLog; -- DROP VIEW IF EXISTS dbo.vEventLog;
-- DROP VIEW IF EXISTS dbo.vNotifyTray; -- DROP VIEW IF EXISTS dbo.vNotifyTray;
-- DROP VIEW IF EXISTS dbo.vPermissionOverview;s
-- DROP TABLE IF EXISTS dbo.AuthenticationRoles; -- DROP TABLE IF EXISTS dbo.AuthenticationRoles;
-- DROP TABLE IF EXISTS dbo.AuthenticationGroups; -- DROP TABLE IF EXISTS dbo.AuthenticationGroups;
@@ -550,6 +551,55 @@ JOIN dbo.Permission p
GO GO
CREATE OR ALTER VIEW dbo.vPermissionOverview AS
SELECT
p.ID AS Permission_ID,
p.Scope,
p.Resource,
p.Action,
p.Scope + '.' + p.Resource + '.' + p.Action AS PermissionKey,
r.ID AS Role_ID,
-- 🔥 NEU: Anzahl Rollen pro Permission
COUNT(r.ID) OVER (PARTITION BY p.ID) AS RoleCount,
COUNT(gr.Group_ObjectGUID) AS GroupCount,
COUNT(ar.Authentication_ObjectGUID) AS DirectUserCount,
COUNT(ag.Authentication_ObjectGUID) AS GroupUserCount,
COUNT(
COALESCE(ar.Authentication_ObjectGUID, ag.Authentication_ObjectGUID)
) AS TotalUserCount
FROM dbo.Permission AS p
INNER JOIN dbo.RolePermissions AS rp
ON rp.Permission_ID = p.ID
INNER JOIN dbo.Role AS r
ON r.ID = rp.Role_ID
LEFT JOIN dbo.GroupRoles AS gr
ON gr.Role_ID = r.ID
LEFT JOIN dbo.AuthenticationRoles AS ar
ON ar.Role_ID = r.ID
LEFT JOIN dbo.AuthenticationGroups AS ag
ON ag.Group_ObjectGUID = gr.Group_ObjectGUID
GROUP BY
p.ID,
p.Scope,
p.Resource,
p.Action,
r.ID,
r.Name;
GO
-- ======================================================== -- ========================================================
-- 5. PERMISSION MATRIX (FAST LOOKUP) -- 5. PERMISSION MATRIX (FAST LOOKUP)
-- ======================================================== -- ========================================================

11
public/javascript/rbacAPI.js
View File

@@ -235,10 +235,13 @@ const rbacPermissionsVT = virtualTable({
deletePermission(row['ID'], `${row['Scope']}.${row['Resource']}.${row['Action']}`); deletePermission(row['ID'], `${row['Scope']}.${row['Resource']}.${row['Action']}`);
} }
}); });
createTd(tr, row['ID'], { classes: [ 'text-align:left' ], styles: { 'max-width': '100px' } } ); createTd(tr, row['Permission_ID'], { classes: [ 'text-align:left' ], styles: { 'width': '100px' } } );
createTd(tr, row['Scope'], { classes: [ 'text-align:left' ] }); createTd(tr, row['GroupUserCount'], { classes: [ 'text-align:center' ] });
createTd(tr, row['Resource'], { classes: [ 'text-align:center' ] }); createTd(tr, row['TotalUserCount'], { classes: [ 'text-align:center' ] });
createTd(tr, row['Action'], { classes: [ 'text-align:center' ] }); createTd(tr, row['RoleCount'], { classes: [ 'text-align:center' ], styles: { 'width': '100px' } });
createTd(tr, row['Scope'], { classes: [ 'text-align:right' ], styles: { 'width': '100px' } });
createTd(tr, row['Resource'], { classes: [ 'text-align:center' ], styles: { 'width': '100px' } });
createTd(tr, row['Action'], { classes: [ 'text-align:left' ], styles: { 'width': '100px' } });
} }
}); });

53
public/views/rbac.hbs
View File

@@ -67,7 +67,7 @@ input {
<div class="card" style="flex:1 1 auto;min-width:300px"> <div class="card" style="flex:1 1 auto;min-width:300px">
Users <input id="newUserName" placeholder="sAMAccountName" /> <button class="bluebutton" onclick="createUser()">Create User</button> Users <input id="newUserName" placeholder="sAMAccountName" /> <button class="bluebutton" onclick="createUser()">Create User</button>
<div class="table-wrapper fit-table"> <div class="table-wrapper fit-table">
<table id="rbacUsersTable" style="height:100%"> <table id="rbacUsersTable" style="">
<thead> <thead>
<tr> <tr>
<th class="text-align:left"></th> <th class="text-align:left"></th>
@@ -87,6 +87,33 @@ input {
</table> </table>
</div> </div>
</div> </div>
<!-- PERMISSIONS -->
<div class="card" style="min-width:300px;flex:1 1 auto">
<input id="permScope" placeholder="Scope" />.<input id="permResource" placeholder="Resource" />.<input id="permAction" placeholder="Action" />
<button class="bluebutton" onclick="createPermission()">Create Permission</button>
<div class="table-wrapper fit-table">
<table id="rbacPermissionsTable" style="">
<thead>
<tr>
<th class="text-align:left"></th>
<th class="text-align:left">ID</th>
<th class="text-align:center">Gruppen</th>
<th class="text-align:center">Benutzer</th>
<th class="text-align:center">Rollen</th>
<th class="text-align:right">Scope</th>
<th class="text-align:center">Resource</th>
<th class="text-align:left">Action</th>
</tr>
</thead>
<tbody>
<tr><td colspan="100%">BERECHTIGUNGEN WERDEN GELADEN . . .</td></tr>
</tbody>
</table>
</div>
</div>
<!-- GROUPS --> <!-- GROUPS -->
<div class="card" style="min-width:300px;flex:1 1 calc(300px)"> <div class="card" style="min-width:300px;flex:1 1 calc(300px)">
@@ -106,30 +133,6 @@ input {
<span>ROLLEN WERDEN GELADEN . . .</span> <span>ROLLEN WERDEN GELADEN . . .</span>
</div> </div>
</div> </div>
<!-- PERMISSIONS -->
<div class="card" style="min-width:300px;flex:1 1 auto">
<input id="permScope" placeholder="Scope" />.<input id="permResource" placeholder="Resource" />.<input id="permAction" placeholder="Action" />
<button class="bluebutton" onclick="createPermission()">Create Permission</button>
<div class="table-wrapper fit-table">
<table id="rbacPermissionsTable" style="height:100%">
<thead>
<tr>
<th class="text-align:left"></th>
<th class="text-align:left">ID</th>
<th class="text-align:left">Scope</th>
<th class="text-align:center">Resource</th>
<th class="text-align:center">Action</th>
</tr>
</thead>
<tbody>
<tr><td colspan="100%">BERECHTIGUNGEN WERDEN GELADEN . . .</td></tr>
</tbody>
</table>
</div>
</div>
</div> </div>
</body> </body>

4
server.js
View File

@@ -117,8 +117,8 @@ const server = https.createServer(httpsOptions, app);
databaseModel.set('authenticationOverviewView', require(`@models/authenticationOverviewView`)(service.get('sqlManager').getInstance('main'))); databaseModel.set('authenticationOverviewView', require(`@models/authenticationOverviewView`)(service.get('sqlManager').getInstance('main')));
databaseModel.set('groupOverviewView', require(`@models/groupOverviewView`)(service.get('sqlManager').getInstance('main'))); databaseModel.set('groupOverviewView', require(`@models/groupOverviewView`)(service.get('sqlManager').getInstance('main')));
databaseModel.set('roleOverviewView', require(`@models/roleOverviewView`)(service.get('sqlManager').getInstance('main'))); databaseModel.set('roleOverviewView', require(`@models/roleOverviewView`)(service.get('sqlManager').getInstance('main')));
databaseModel.set('PermissionTraceView', require(`@models/PermissionTraceView`)(service.get('sqlManager').getInstance('main'))); databaseModel.set('permissionTraceView', require(`@models/permissionTraceView`)(service.get('sqlManager').getInstance('main')));
databaseModel.set('permissionOverviewView', require(`@models/permissionOverviewView`)(service.get('sqlManager').getInstance('main')));
service.set('rbacManager', new RBACManager(databaseModel, runtimeFile.configuration.live.integration.token.secret)); service.set('rbacManager', new RBACManager(databaseModel, runtimeFile.configuration.live.integration.token.secret));

65
src/models/permissionOverviewView.js Normal file
View File

@@ -0,0 +1,65 @@
const { DataTypes } = require('sequelize');
module.exports = (sequelize) => {
const VPermissionOverviewView = sequelize.define(
'vPermissionOverviewView',
{
Permission_ID: {
type: DataTypes.INTEGER,
primaryKey: true
},
Scope: {
type: DataTypes.STRING
},
Resource: {
type: DataTypes.STRING
},
Action: {
type: DataTypes.STRING
},
PermissionKey: {
type: DataTypes.STRING
},
Role_ID: {
type: DataTypes.INTEGER,
primaryKey: true
},
RoleCount: {
type: DataTypes.INTEGER
},
GroupCount: {
type: DataTypes.INTEGER
},
DirectUserCount: {
type: DataTypes.INTEGER
},
GroupUserCount: {
type: DataTypes.INTEGER
},
TotalUserCount: {
type: DataTypes.INTEGER
}
},
{
tableName: 'vPermissionOverview', // ⚠️ exakt dein SQL View Name
timestamps: false,
freezeTableName: true,
// 🔒 Wichtig für Views
createdAt: false,
updatedAt: false
}
);
// 🚫 keine Mutationen erlauben (View!)
VPermissionOverviewView.removeAttribute('id');
return VPermissionOverviewView;
};

0
src/models/PermissionTraceView.js → src/models/permissionTraceView.js
View File

1
src/routes/adminRoutes.js
View File

@@ -351,6 +351,7 @@ module.exports = {
app.post('/api/rbac/permission/get', async (req, res) => { app.post('/api/rbac/permission/get', async (req, res) => {
try { try {
rbacPermissions = await service.get('rbacManager').getPermission(); rbacPermissions = await service.get('rbacManager').getPermission();
console.log(rbacPermissions)
res.json(rbacPermissions); res.json(rbacPermissions);
} catch (err) { } catch (err) {
res.status(500).json({ error: err.message }); res.status(500).json({ error: err.message });

3
src/services/rbacManager.js
View File

@@ -425,8 +425,7 @@ async removeRoleFromUser(authId, roleId) {
// 🔐 PERMISSION CRUD // 🔐 PERMISSION CRUD
// ========================================================= // =========================================================
async getPermission() { async getPermission() {
const permission = this.db.get('permissionModel'); const permission = this.db.get('permissionOverviewView');
console.log(permission)
return await permission.findAll({ raw: true }) || []; return await permission.findAll({ raw: true }) || [];
} }