VSinerva/freesewing
1
0
Fork 0
Code Activity
freesewing/sites/backend
History
joostdecock d2b4d2d3b3 fix: Merge in develop changes without re-introduced issues 
There were some trouble the snuck in when mergin an earlier PR
2023-07-21 18:19:07 +02:00
..
openapi chore: Linter warnings 2023-07-09 18:59:02 +02:00
prisma fix(backend): Support cset in patterns and sinup-aea links 2023-05-26 15:39:22 +02:00
public feat(backend): Reworked signup flow and translation 2023-01-14 17:04:06 +01:00
scripts chore(backend): Fix linter warnings in backend code 2023-05-19 16:37:32 +02:00
src chore: Linter warnings 2023-07-09 18:59:02 +02:00
tests chore(backend): Fix linter warnings in backend code 2023-05-19 16:37:32 +02:00
.gitignore feat(backend): Bunch of changes for Docker 2022-12-18 14:41:58 +01:00
build.mjs feat(backend): Bunch of changes for Docker 2022-12-18 14:41:58 +01:00
Dockerfile chore: fix UID in dockerfile 2022-12-18 14:43:22 +01:00
example.env feat(backend): No more people, sets instead 2023-02-26 16:04:12 +01:00
local-config.mjs feat(backend): Bunch of changes for Docker 2022-12-18 14:41:58 +01:00
nodemon.json feat(backend): Reworked signup flow and translation 2023-01-14 17:04:06 +01:00
package.json fix: Merge in develop changes without re-introduced issues 2023-07-21 18:19:07 +02:00
README.md wip(backend): Work on routes, auth, and email templates 2022-11-05 18:55:59 +01:00

README.md

FreeSewing backend

This is a work in process to port the v2 backend to a new v3 backend.

It will be based on Express using Prisma with a SQLite database. Watch this space.

Permission levels

There are two different models to authenticate, as user, or with an API key.

The API keys have more granularity, their permission levels are:

  • 0: No permissions. Can only login but not do anything (used for testing)
  • 1: Read access to own people/patterns data
  • 2: Read access to all account data
  • 3: Write access to own people/pattern data
  • 4: Write access to all own account data (this is the user role)
  • 5: Read access to people/pattern data of all users (this is the bughunter role)
  • 6: Read access to all account data of all users
  • 7: Read access to all account data of all users + Write access for specific support functions (this is the support role)
  • 8: Write access to all account data of all users (this is the admin role)

User roles map to these permission levels as such:

  • user: 4 (this is everybody)
  • bughunter: 5 (a small group of people, less than 10)
  • support: 7 (a small number of trusted collaborators, less than 5)
  • admin: 8 (joost)

When using an API key above level 4, you need the following roles:

  • 5: Requires bughunter, support, or admin
  • 6,7,: Requires support or admin
  • 8: Requires admin