diff --git a/packages/rocketchat-api/package.js b/packages/rocketchat-api/package.js index 859ca35ffdf0..8bee05c46cae 100644 --- a/packages/rocketchat-api/package.js +++ b/packages/rocketchat-api/package.js @@ -40,6 +40,7 @@ Package.onUse(function(api) { api.addFiles('server/v1/im.js', 'server'); api.addFiles('server/v1/integrations.js', 'server'); api.addFiles('server/v1/misc.js', 'server'); + api.addFiles('server/v1/permissions.js', 'server'); api.addFiles('server/v1/push.js', 'server'); api.addFiles('server/v1/settings.js', 'server'); api.addFiles('server/v1/stats.js', 'server'); diff --git a/packages/rocketchat-api/server/v1/permissions.js b/packages/rocketchat-api/server/v1/permissions.js new file mode 100644 index 000000000000..68ccb81c01e7 --- /dev/null +++ b/packages/rocketchat-api/server/v1/permissions.js @@ -0,0 +1,14 @@ +/** + This API returns all permissions that exists + on the server, with respective roles. + + Method: GET + Route: api/v1/permissions + */ +RocketChat.API.v1.addRoute('permissions', { authRequired: true }, { + get() { + const result = Meteor.runAsUser(this.userId, () => Meteor.call('permissions/get')); + + return RocketChat.API.v1.success(result); + } +}); diff --git a/packages/rocketchat-api/server/v1/users.js b/packages/rocketchat-api/server/v1/users.js index 234e73e83ac6..922beea7224e 100644 --- a/packages/rocketchat-api/server/v1/users.js +++ b/packages/rocketchat-api/server/v1/users.js @@ -270,3 +270,24 @@ RocketChat.API.v1.addRoute('users.createToken', { authRequired: true }, { return data ? RocketChat.API.v1.success({data}) : RocketChat.API.v1.unauthorized(); } }); + +/** + This API returns the logged user roles. + + Method: GET + Route: api/v1/user.roles + */ +RocketChat.API.v1.addRoute('user.roles', { authRequired: true }, { + get() { + let currentUserRoles = {}; + + const result = Meteor.runAsUser(this.userId, () => Meteor.call('getUserRoles')); + + if (Array.isArray(result) && result.length > 0) { + currentUserRoles = result[0]; + } + + return RocketChat.API.v1.success(currentUserRoles); + } +}); + diff --git a/tests/end-to-end/api/01-users.js b/tests/end-to-end/api/01-users.js index b92fa23b7e87..77bf902518cb 100644 --- a/tests/end-to-end/api/01-users.js +++ b/tests/end-to-end/api/01-users.js @@ -360,4 +360,21 @@ describe('[Users]', function() { }); }); }); + + describe('[/user.roles]', () => { + + it('should return id and name of user, and an array of roles', (done) => { + request.get(api('user.roles')) + .set(credentials) + .expect(200) + .expect('Content-Type', 'application/json') + .expect((res) => { + expect(res.body).to.have.property('username'); + expect(res.body).to.have.property('roles').and.to.be.a('array'); + expect(res.body).to.have.property('_id'); + expect(res.body).to.have.property('success', true); + }) + .end(done); + }); + }); }); diff --git a/tests/end-to-end/api/11-permissions.js b/tests/end-to-end/api/11-permissions.js new file mode 100644 index 000000000000..86b702342c01 --- /dev/null +++ b/tests/end-to-end/api/11-permissions.js @@ -0,0 +1,33 @@ +/* eslint-env mocha */ +/* globals expect */ + +import { getCredentials, api, request, credentials } from '../../data/api-data.js'; + +describe('[Permissions]', function() { + this.retries(0); + + before(done => getCredentials(done)); + + describe('[/permissions]', () => { + it('should return all permissions that exists on the server, with respective roles', (done) => { + request.get(api('permissions')) + .set(credentials) + .expect('Content-Type', 'application/json') + .expect(200) + .expect((res) => { + expect(res.body).to.be.a('array'); + + const firstElement = res.body[0]; + expect(firstElement).to.have.property('_id'); + expect(firstElement).to.have.property('roles').and.to.be.a('array'); + expect(firstElement).to.have.property('_updatedAt'); + expect(firstElement).to.have.property('meta'); + expect(firstElement.meta).to.have.property('revision'); + expect(firstElement.meta).to.have.property('created'); + expect(firstElement.meta).to.have.property('version'); + expect(firstElement).to.have.property('$loki'); + }) + .end(done); + }); + }); +});