directus
1import type { Accountability, SchemaOverview } from '@directus/types';2import type { Knex } from 'knex';3import { getPermissions } from './get-permissions.js';4
5export async function getAccountabilityForRole(6role: null | string,7context: {8accountability: null | Accountability;9schema: SchemaOverview;10database: Knex;11},12): Promise<Accountability> {13let generatedAccountability: Accountability | null = context.accountability;14
15if (role === null) {16generatedAccountability = {17role: null,18user: null,19admin: false,20app: false,21};22
23generatedAccountability.permissions = await getPermissions(generatedAccountability, context.schema);24} else if (role === 'system') {25generatedAccountability = {26user: null,27role: null,28admin: true,29app: true,30permissions: [],31};32} else {33const roleInfo = await context.database34.select(['app_access', 'admin_access'])35.from('directus_roles')36.where({ id: role })37.first();38
39if (!roleInfo) {40throw new Error(`Configured role "${role}" isn't a valid role ID or doesn't exist.`);41}42
43generatedAccountability = {44role,45user: null,46admin: roleInfo.admin_access === 1 || roleInfo.admin_access === '1' || roleInfo.admin_access === true,47app: roleInfo.app_access === 1 || roleInfo.app_access === '1' || roleInfo.app_access === true,48};49
50generatedAccountability.permissions = await getPermissions(generatedAccountability, context.schema);51}52
53return generatedAccountability;54}
55