VSinerva/freesewing
1
0
Fork 0
Code Activity
freesewing/sites/backend
History
joostdecock 59242f16cd fix(backen): Incorrect refactor
2023-08-13 10:51:44 +02:00
..
openapi chore: Linter warnings 2023-07-09 18:59:02 +02:00
prisma feat(backend): Track jwt/key calls seperately 2023-08-13 10:41:11 +02:00
public feqt(backend): Ported to site prebuild system 2023-07-31 18:16:45 +02:00
scripts wip(backend): More data migration code 2023-08-09 20:40:38 +02:00
src fix(backen): Incorrect refactor 2023-08-13 10:51:44 +02:00
tests chore: Linter issues 2023-08-13 09:49:17 +02:00
v2-v3 chore: linter issues 2023-08-13 09:54:56 +02:00
.gitignore feat(backend): Bunch of changes for Docker 2022-12-18 14:41:58 +01:00
build.mjs feat(backend): Bunch of changes for Docker 2022-12-18 14:41:58 +01:00
Dockerfile chore: fix UID in dockerfile 2022-12-18 14:43:22 +01:00
example.env chore(backend): Migrated from sanity to cloudflare images 2023-08-08 06:51:56 +02:00
local-config.mjs feat(backend): Bunch of changes for Docker 2022-12-18 14:41:58 +01:00
nodemon.json feat(backend): Reworked signup flow and translation 2023-01-14 17:04:06 +01:00
package.json Merge branch 'develop' into joost 2023-08-08 08:19:58 +02:00
README.md wip(backend): Work on routes, auth, and email templates 2022-11-05 18:55:59 +01:00

README.md

FreeSewing backend

This is a work in process to port the v2 backend to a new v3 backend.

It will be based on Express using Prisma with a SQLite database. Watch this space.

Permission levels

There are two different models to authenticate, as user, or with an API key.

The API keys have more granularity, their permission levels are:

  • 0: No permissions. Can only login but not do anything (used for testing)
  • 1: Read access to own people/patterns data
  • 2: Read access to all account data
  • 3: Write access to own people/pattern data
  • 4: Write access to all own account data (this is the user role)
  • 5: Read access to people/pattern data of all users (this is the bughunter role)
  • 6: Read access to all account data of all users
  • 7: Read access to all account data of all users + Write access for specific support functions (this is the support role)
  • 8: Write access to all account data of all users (this is the admin role)

User roles map to these permission levels as such:

  • user: 4 (this is everybody)
  • bughunter: 5 (a small group of people, less than 10)
  • support: 7 (a small number of trusted collaborators, less than 5)
  • admin: 8 (joost)

When using an API key above level 4, you need the following roles:

  • 5: Requires bughunter, support, or admin
  • 6,7,: Requires support or admin
  • 8: Requires admin