in package/src/rbac.ts [240:291]
export function addAction(role_id: string, action: string, actionType: ActionType): IdentityResponse {
let exists: boolean = false;
if (roleExists(role_id)) {
let role = getRole(role_id);
if (role as IRoleDefinition) {
let rd = role as IRoleDefinition;
if (actionType === ActionType.Allowed) {
if (rd.permissions) {
let sresult = rd.permissions.actions.some((element) => {
return element === action;
});
if (sresult) {
return { message: "Action is already defined in the allowed permissions." };
}
} else {
rd.permissions = { actions: [], notActions: [] };
}
if (rd.permissions.actions) {
rd.permissions.actions.push(action);
} else {
rd.permissions.actions = new Array<string>(action);
}
updateRole(rd);
return { message: "Action successfully added to allowed permissions" };
} else if (actionType === ActionType.Denied) {
if (rd.permissions) {
let sresult = rd.permissions.notActions.some((element) => {
return element === action;
});
if (sresult) {
return { message: "Action is already defined in the denied permissions." };
}
} else {
rd.permissions = { actions: [], notActions: [] };
}
if (rd.permissions.actions) {
rd.permissions.notActions.push(action);
} else {
rd.permissions.notActions = new Array<string>(action);
}
updateRole(rd);
return { message: "Action successfully added to denied permissions" };
} else {
return { message: "Action type invalid." };
}
}
return { message: "Role returned is invalid" };
}
return { message: "Role does not exist" };
}