JasonFraser
/
enterprise_assest_management_app
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
enterprise_assest_managemen.../scripts/setup-permissions-enhanced.sh

269 lines
7.6 KiB
Bash
Executable File
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
# Enhanced Directus Permissions Setup Script
# This script grants permissions and verifies they work correctly
DIRECTUS_URL="http://localhost:8055"
ADMIN_EMAIL="admin@assetmanagement.com"
ADMIN_PASSWORD="AssetAdmin2024!"
echo "🔐 Enhanced Directus Permissions Setup..."
echo
# Function to wait for Directus to be ready
wait_for_directus() {
echo "⏳ Waiting for Directus to be ready..."
while ! curl -s "$DIRECTUS_URL/server/health" > /dev/null; do
echo " Waiting for Directus..."
sleep 2
done
echo "✅ Directus is ready"
}
# Function to authenticate and get token
authenticate() {
echo "🔑 Authenticating with Directus..."
local max_attempts=3
local attempt=1
while [ $attempt -le $max_attempts ]; do
AUTH_RESPONSE=$(curl -s -X POST "$DIRECTUS_URL/auth/login" \
-H "Content-Type: application/json" \
-d "{\"email\":\"$ADMIN_EMAIL\",\"password\":\"$ADMIN_PASSWORD\"}")
ACCESS_TOKEN=$(echo $AUTH_RESPONSE | grep -o '"access_token":"[^"]*"' | cut -d'"' -f4)
if [ -n "$ACCESS_TOKEN" ]; then
echo "✅ Authentication successful (attempt $attempt)"
return 0
else
echo "❌ Authentication failed (attempt $attempt/$max_attempts)"
echo "Response: $AUTH_RESPONSE"
attempt=$((attempt + 1))
sleep 2
fi
done
echo "❌ Authentication failed after $max_attempts attempts"
exit 1
}
# Function to get admin role ID
get_admin_role() {
echo "👤 Getting admin role ID..."
ROLES_RESPONSE=$(curl -s -H "Authorization: Bearer $ACCESS_TOKEN" \
"$DIRECTUS_URL/roles")
ADMIN_ROLE_ID=$(echo $ROLES_RESPONSE | grep -o '"id":"[^"]*","name":"Administrator"' | cut -d'"' -f4)
if [ -z "$ADMIN_ROLE_ID" ]; then
echo "❌ Could not find Administrator role"
echo "Available roles:"
echo $ROLES_RESPONSE | grep -o '"name":"[^"]*"' | cut -d'"' -f4
exit 1
fi
echo "✅ Found admin role: $ADMIN_ROLE_ID"
}
# Function to check if collection exists
collection_exists() {
local collection=$1
COLLECTION_CHECK=$(curl -s -H "Authorization: Bearer $ACCESS_TOKEN" \
"$DIRECTUS_URL/collections/$collection")
if echo "$COLLECTION_CHECK" | grep -q '"collection"'; then
return 0
else
return 1
fi
}
# Function to create permission with validation
create_permission() {
local collection=$1
local action=$2
# Check if collection exists first
if ! collection_exists "$collection"; then
echo " ⚠️ Collection '$collection' does not exist, skipping..."
return 1
fi
echo " 📋 Granting $action permission for $collection..."
# Check if permission already exists
EXISTING_PERMISSION=$(curl -s -H "Authorization: Bearer $ACCESS_TOKEN" \
"$DIRECTUS_URL/permissions?filter[role][_eq]=$ADMIN_ROLE_ID&filter[collection][_eq]=$collection&filter[action][_eq]=$action")
if echo "$EXISTING_PERMISSION" | grep -q '"id"'; then
echo " Permission already exists"
return 0
fi
PERMISSION_DATA="{
\"role\": \"$ADMIN_ROLE_ID\",
\"collection\": \"$collection\",
\"action\": \"$action\",
\"permissions\": {},
\"validation\": {},
\"presets\": null,
\"fields\": [\"*\"]
}"
RESPONSE=$(curl -s -X POST "$DIRECTUS_URL/permissions" \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d "$PERMISSION_DATA")
if echo "$RESPONSE" | grep -q '"id"'; then
echo " ✅ Permission created successfully"
return 0
else
echo " ❌ Failed to create permission: $(echo $RESPONSE | grep -o '"message":"[^"]*"' | cut -d'"' -f4)"
return 1
fi
}
# Function to verify permissions work
verify_permissions() {
local collection=$1
echo " 🔍 Verifying $collection permissions..."
# Test read permission
READ_TEST=$(curl -s -H "Authorization: Bearer $ACCESS_TOKEN" \
"$DIRECTUS_URL/items/$collection?limit=1")
if echo "$READ_TEST" | grep -q '"data"'; then
echo " ✅ Read permission verified"
else
echo " ❌ Read permission failed: $(echo $READ_TEST | grep -o '"message":"[^"]*"' | cut -d'"' -f4)"
return 1
fi
return 0
}
# Function to invalidate cache
invalidate_cache() {
echo "🗑️ Invalidating Directus cache..."
CACHE_RESPONSE=$(curl -s -X POST "$DIRECTUS_URL/utils/cache/clear" \
-H "Authorization: Bearer $ACCESS_TOKEN")
if echo "$CACHE_RESPONSE" | grep -q -v "error"; then
echo "✅ Cache cleared successfully"
else
echo "⚠️ Cache clear may have failed, but continuing..."
fi
}
# Main execution
wait_for_directus
authenticate
get_admin_role
# Collections that need permissions
COLLECTIONS=(
"organizations"
"subscription_plans"
"asset_categories"
"locations"
"vendors"
"assets"
"asset_components"
"asset_qr_codes"
"work_order_types"
"work_orders"
"asset_reminders"
)
echo
echo "🔓 Creating and verifying permissions for all collections..."
SUCCESS_COUNT=0
TOTAL_COUNT=0
for collection in "${COLLECTIONS[@]}"; do
echo "📁 Processing collection: $collection"
COLLECTION_SUCCESS=0
for action in "create" "read" "update" "delete"; do
if create_permission "$collection" "$action"; then
COLLECTION_SUCCESS=$((COLLECTION_SUCCESS + 1))
fi
TOTAL_COUNT=$((TOTAL_COUNT + 1))
done
# Verify permissions for this collection
if [ $COLLECTION_SUCCESS -gt 0 ]; then
if verify_permissions "$collection"; then
SUCCESS_COUNT=$((SUCCESS_COUNT + COLLECTION_SUCCESS))
fi
fi
echo
done
# Clear cache after permission changes
invalidate_cache
echo "📊 Permission Setup Summary:"
echo " ✅ Successful: $SUCCESS_COUNT/$TOTAL_COUNT permissions"
echo " 📁 Collections processed: ${#COLLECTIONS[@]}"
if [ $SUCCESS_COUNT -gt 0 ]; then
echo
echo "🧪 Running comprehensive test..."
# Test asset creation
echo "📋 Testing asset creation..."
# Get required IDs
ORG_ID=$(curl -s -H "Authorization: Bearer $ACCESS_TOKEN" "$DIRECTUS_URL/items/organizations?limit=1" | grep -o '"id":"[^"]*"' | head -1 | cut -d'"' -f4)
CAT_ID=$(curl -s -H "Authorization: Bearer $ACCESS_TOKEN" "$DIRECTUS_URL/items/asset_categories?limit=1" | grep -o '"id":"[^"]*"' | head -1 | cut -d'"' -f4)
LOC_ID=$(curl -s -H "Authorization: Bearer $ACCESS_TOKEN" "$DIRECTUS_URL/items/locations?limit=1" | grep -o '"id":"[^"]*"' | head -1 | cut -d'"' -f4)
if [ -n "$ORG_ID" ] && [ -n "$CAT_ID" ] && [ -n "$LOC_ID" ]; then
TEST_ASSET_DATA="{
\"organization_id\": \"$ORG_ID\",
\"name\": \"Permission Test Asset\",
\"asset_identifier\": \"PERM-TEST-$(date +%s)\",
\"category_id\": \"$CAT_ID\",
\"location_id\": \"$LOC_ID\",
\"acquisition_cost\": 999.99
}"
CREATE_RESPONSE=$(curl -s -X POST "$DIRECTUS_URL/items/assets" \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d "$TEST_ASSET_DATA")
if echo "$CREATE_RESPONSE" | grep -q '"id"'; then
echo "✅ Asset creation test successful"
echo "🎯 Frontend should work correctly now"
else
echo "❌ Asset creation test failed:"
echo "$CREATE_RESPONSE" | head -c 200
fi
else
echo "⚠️ Missing required data for asset test (org: $ORG_ID, cat: $CAT_ID, loc: $LOC_ID)"
fi
echo
echo "🎉 Enhanced permission setup completed!"
echo
echo "📋 Next steps:"
echo "1. Try your frontend application"
echo "2. Check Directus admin: http://localhost:8055/admin"
echo "3. Monitor console logs for any permission issues"
echo "4. Run ./scripts/verify-permissions.sh anytime to check status"
else
echo "❌ Permission setup failed. Check Directus logs and configuration."
exit 1
fi
Reference in New Issue View Git Blame Copy Permalink