Merge pull request #27 from storyblok/EXT-2001-broken-links-checker-o…

…nly-admins-can-run-checks fix: add custom role type and validation
storyblok · Sep 21, 2023 · b46f79c · b46f79c
2 parents fe06a49 + d604594
commit b46f79c
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 4 deletions.
diff --git a/src/storyblok-auth-api/handle-requests/handleCallback/fetchAppSession.ts b/src/storyblok-auth-api/handle-requests/handleCallback/fetchAppSession.ts
@@ -3,7 +3,7 @@ import { AppSession, Region } from '../../../session'
 import { openidClient } from '../openidClient'
 import { redirectUri } from '../redirectUri'
 import { isTokenSet } from './isTokenSet'
-import { isUserInfo } from '../../user-info'
+import { isStoryblokRole, isUserInfo, Role } from '../../user-info'
 
 export const fetchAppSession = async (
   params: AuthHandlerParams,
@@ -41,11 +41,19 @@ export const fetchAppSession = async (
     accessToken: tokenSet.access_token,
     expiresAt: Date.now() + tokenSet.expires_in * 1000,
     appClientId: params.clientId,
-    roles: userInfo.roles.map((role) => role.name),
+    roles: userInfo.roles.map((role) => getRoleName(role)),
     spaceId: userInfo.space.id,
     spaceName: userInfo.space.name,
     userId: userInfo.user.id,
     userName: userInfo.user.friendly_name,
     region,
   }
 }
+
+const getRoleName = (role: Role): string => {
+  if (isStoryblokRole(role)) {
+    return role.name
+  }
+
+  return role.role
+}
diff --git a/src/storyblok-auth-api/user-info/Role/Role.ts b/src/storyblok-auth-api/user-info/Role/Role.ts
@@ -1,3 +1,22 @@
-export type Role = {
+export type Role = StoryblokRole | CustomRole
+
+export type StoryblokRole = {
   name: string
 }
+
+export type CustomRole = {
+  id: number
+  resolved_allowed_paths: string[]
+  allowed_paths: number[]
+  field_permissions: string[]
+  readonly_field_permissions: string[]
+  permissions: string[]
+  role: string
+  subtitle: string | null
+  datasource_ids: number[]
+  component_ids: number[]
+  branch_ids: number[]
+  allowed_languages: string[]
+  asset_folder_ids: number[]
+  ext_id: string | null
+}
diff --git a/src/storyblok-auth-api/user-info/Role/isRole.ts b/src/storyblok-auth-api/user-info/Role/isRole.ts
@@ -1,5 +1,14 @@
 import { hasKey } from '../../../utils'
-import { Role } from './Role'
+import { CustomRole, Role, StoryblokRole } from './Role'
 
 export const isRole = (obj: unknown): obj is Role =>
+  isStoryblokRole(obj) || isCustomRole(obj)
+
+export const isStoryblokRole = (obj: unknown): obj is StoryblokRole =>
   hasKey(obj, 'name') && typeof obj.name === 'string'
+
+export const isCustomRole = (obj: unknown): obj is CustomRole =>
+  hasKey(obj, 'id') &&
+  typeof obj.id === 'number' &&
+  hasKey(obj, 'role') &&
+  typeof obj.role === 'string'