feat: added get authorizedRoutes api endpoint

2025-12-10 19:34:34 +00:00 · 2022-07-04 19:14:06 +05:00
parent e54a09db19
commit b10e932605
8 changed files with 109 additions and 42 deletions
--- a/api/public/swagger.yaml
+++ b/api/public/swagger.yaml
@@ -548,6 +548,16 @@ components:
                - runTimes
            type: object
            additionalProperties: false
+        AuthorizedRoutesResponse:
+            properties:
+                routes:
+                    items:
+                        type: string
+                    type: array
+            required:
+                - routes
+            type: object
+            additionalProperties: false
        ExecuteReturnJsonPayload:
            properties:
                _program:
@@ -1593,6 +1603,24 @@ paths:
                - Info
            security: []
            parameters: []
+    /SASjsApi/info/authorizedRoutes:
+        get:
+            operationId: AuthorizedRoutes
+            responses:
+                '200':
+                    description: Ok
+                    content:
+                        application/json:
+                            schema:
+                                $ref: '#/components/schemas/AuthorizedRoutesResponse'
+                            examples:
+                                'Example 1':
+                                    value: {routes: [/AppStream, /SASjsApi/stp/execute]}
+            summary: 'Get authorized routes.'
+            tags:
+                - Info
+            security: []
+            parameters: []
    /SASjsApi/session:
        get:
            operationId: Session
--- a/api/src/controllers/info.ts
+++ b/api/src/controllers/info.ts
@@ -1,4 +1,8 @@
 import { Route, Tags, Example, Get } from 'tsoa'
+import { getAuthorizedRoutes } from '../utils'
+export interface AuthorizedRoutesResponse {
+  URIs: string[]
+}

 export interface InfoResponse {
  mode: string
@@ -36,4 +40,19 @@ export class InfoController {
    }
    return response
  }
+
+  /**
+   * @summary Get authorized routes.
+   *
+   */
+  @Example<AuthorizedRoutesResponse>({
+    URIs: ['/AppStream', '/SASjsApi/stp/execute']
+  })
+  @Get('/authorizedRoutes')
+  public authorizedRoutes(): AuthorizedRoutesResponse {
+    const response = {
+      URIs: getAuthorizedRoutes()
+    }
+    return response
+  }
 }
--- a/api/src/routes/api/info.ts
+++ b/api/src/routes/api/info.ts
@@ -13,4 +13,14 @@ infoRouter.get('/', async (req, res) => {
  }
 })

+infoRouter.get('/authorizedRoutes', async (req, res) => {
+  const controller = new InfoController()
+  try {
+    const response = controller.authorizedRoutes()
+    res.send(response)
+  } catch (err: any) {
+    res.status(403).send(err.toString())
+  }
+})
+
 export default infoRouter
--- a/api/src/utils/getAuthorizedRoutes.ts
+++ b/api/src/utils/getAuthorizedRoutes.ts
@@ -0,0 +1,17 @@
+export const getAuthorizedRoutes = () => {
+  const streamingApps = Object.keys(process.appStreamConfig)
+  const streamingAppsRoutes = streamingApps.map((app) => `/AppStream/${app}`)
+  return [...StaticAuthorizedRoutes, ...streamingAppsRoutes]
+}
+
+const StaticAuthorizedRoutes = [
+  '/AppStream',
+  '/SASjsApi/code/execute',
+  '/SASjsApi/stp/execute',
+  '/SASjsApi/drive/deploy',
+  '/SASjsApi/drive/upload',
+  '/SASjsApi/drive/file',
+  '/SASjsApi/drive/folder',
+  '/SASjsApi/drive/fileTree',
+  '/SASjsApi/permission'
+]
--- a/api/src/utils/index.ts
+++ b/api/src/utils/index.ts
@@ -8,6 +8,7 @@ export * from './file'
 export * from './generateAccessToken'
 export * from './generateAuthCode'
 export * from './generateRefreshToken'
+export * from './getAuthorizedRoutes'
 export * from './getCertificates'
 export * from './getDesktopFields'
 export * from './getPreProgramVariables'
--- a/api/src/utils/validation.ts
+++ b/api/src/utils/validation.ts
@@ -1,5 +1,6 @@
 import Joi from 'joi'
 import { PermissionSetting, PrincipalType } from '../controllers/permission'
+import { getAuthorizedRoutes } from './getAuthorizedRoutes'

 const usernameSchema = Joi.string().lowercase().alphanum().min(3).max(16)
 const passwordSchema = Joi.string().min(6).max(1024)
@@ -88,7 +89,9 @@ export const registerClientValidation = (data: any): Joi.ValidationResult =>

 export const registerPermissionValidation = (data: any): Joi.ValidationResult =>
  Joi.object({
-    uri: Joi.string().required(),
+    uri: Joi.string()
+      .required()
+      .valid(...getAuthorizedRoutes()),
    setting: Joi.string()
      .required()
      .valid(...Object.values(PermissionSetting)),
--- a/web/src/containers/Settings/addPermissionModal.tsx
+++ b/web/src/containers/Settings/addPermissionModal.tsx
@@ -1,10 +1,4 @@
-import React, {
-  useState,
-  useEffect,
-  useMemo,
-  Dispatch,
-  SetStateAction
-} from 'react'
+import React, { useState, useEffect, Dispatch, SetStateAction } from 'react'
 import axios from 'axios'
 import {
  Button,
@@ -13,15 +7,14 @@ import {
  DialogContent,
  DialogActions,
  TextField,
-  CircularProgress
+  CircularProgress,
+  Autocomplete
 } from '@mui/material'
 import { styled } from '@mui/material/styles'
-import Autocomplete, { createFilterOptions } from '@mui/material/Autocomplete'

 import { BootstrapDialogTitle } from '../../components/dialogTitle'

 import {
-  PermissionResponse,
  UserResponse,
  GroupResponse,
  RegisterPermissionPayload
@@ -39,18 +32,16 @@ const BootstrapDialog = styled(Dialog)(({ theme }) => ({
 type AddPermissionModalProps = {
  open: boolean
  handleOpen: Dispatch<SetStateAction<boolean>>
-  permissions: PermissionResponse[]
  addPermission: (addPermissionPayload: RegisterPermissionPayload) => void
 }

-const filter = createFilterOptions<string>()
-
 const AddPermissionModal = ({
  open,
  handleOpen,
-  permissions,
  addPermission
 }: AddPermissionModalProps) => {
+  const [URIs, setURIs] = useState<string[]>([])
+  const [loadingURIs, setLoadingURIs] = useState(false)
  const [uri, setUri] = useState<string>()
  const [principalType, setPrincipalType] = useState('user')
  const [userPrincipal, setUserPrincipal] = useState<UserResponse>()
@@ -60,6 +51,23 @@ const AddPermissionModal = ({
  const [userPrincipals, setUserPrincipals] = useState<UserResponse[]>([])
  const [groupPrincipals, setGroupPrincipals] = useState<GroupResponse[]>([])

+  useEffect(() => {
+    setLoadingURIs(true)
+    axios
+      .get('/SASjsApi/info/authorizedRoutes')
+      .then((res: any) => {
+        if (res.data) {
+          setURIs(res.data.URIs)
+        }
+      })
+      .catch((err) => {
+        console.log(err)
+      })
+      .finally(() => {
+        setLoadingURIs(false)
+      })
+  }, [])
+
  useEffect(() => {
    setLoadingPrincipals(true)
    axios
@@ -97,12 +105,6 @@ const AddPermissionModal = ({
    addPermission(addPermissionPayload)
  }

-  const URIs = useMemo(() => {
-    return permissions
-      .map((permission) => permission.uri)
-      .filter((uri, index, array) => array.indexOf(uri) === index)
-  }, [permissions])
-
  const addButtonDisabled =
    !uri || (principalType === 'user' ? !userPrincipal : !groupPrincipal)

@@ -118,29 +120,17 @@ const AddPermissionModal = ({
        <Grid container spacing={2}>
          <Grid item xs={12}>
            <Autocomplete
+              options={URIs}
              disableClearable
              value={uri}
-              onChange={(event, newValue) => setUri(newValue)}
-              filterOptions={(options, params) => {
-                const filtered = filter(options, params)
-
-                const { inputValue } = params
-
-                const isExisting = options.some(
-                  (option) => inputValue === option
+              onChange={(event: any, newValue: string) => setUri(newValue)}
+              renderInput={(params) =>
+                loadingURIs ? (
+                  <CircularProgress />
+                ) : (
+                  <TextField {...params} label="Principal" />
                )
-                if (inputValue !== '' && !isExisting) {
-                  filtered.push(inputValue)
-                }
-                return filtered
-              }}
-              selectOnFocus
-              clearOnBlur
-              handleHomeEndKeys
-              options={URIs}
-              renderOption={(props, option) => <li {...props}>{option}</li>}
-              freeSolo
-              renderInput={(params) => <TextField {...params} label="URI" />}
+              }
            />
          </Grid>
          <Grid item xs={12}>
--- a/web/src/containers/Settings/permission.tsx
+++ b/web/src/containers/Settings/permission.tsx
@@ -330,7 +330,6 @@ const Permission = () => {
      <AddPermissionModal
        open={addPermissionModalOpen}
        handleOpen={setAddPermissionModalOpen}
-        permissions={permissions}
        addPermission={addPermission}
      />
      <UpdatePermissionModal