From 38336e8d4308bfe3f48b6ffd0a2d2daf83c1e602 Mon Sep 17 00:00:00 2001
From: vck <vcankeklik@gmail.com>
Date: Mon, 14 Mar 2022 12:01:42 +0300
Subject: [PATCH 1/2] [UI][app-select] Optional auth

---
 .../countly/vue/components/helpers.js         | 35 ++++++++++++++++++-
 1 file changed, 34 insertions(+), 1 deletion(-)

diff --git a/frontend/express/public/javascripts/countly/vue/components/helpers.js b/frontend/express/public/javascripts/countly/vue/components/helpers.js
index 64536fac502..f5e6fb9c3b4 100644
--- a/frontend/express/public/javascripts/countly/vue/components/helpers.js
+++ b/frontend/express/public/javascripts/countly/vue/components/helpers.js
@@ -1,4 +1,4 @@
-/* global Vue, CV, app, countlyEvent, countlyGlobal*/
+/* global Vue, CV, app, countlyEvent, countlyGlobal, countlyAuth*/
 
 (function(countlyVue) {
 
@@ -447,6 +447,13 @@
                 type: Number,
                 default: 0,
                 required: false
+            },
+            auth: {
+                type: Object,
+                default: function() {
+                    return {};
+                },
+                required: false
             }
         },
         computed: {
@@ -461,6 +468,32 @@
             },
             apps: function() {
                 var apps = countlyGlobal.apps || {};
+
+                if (this.auth && this.auth.feature && this.auth.permission) {
+                    var expectedPermission = this.auth.permission,
+                        targetFeature = this.auth.feature;
+
+                    return Object.keys(apps).reduce(function(acc, key) {
+                        var hasPermission,
+                            currentApp = apps[key];
+
+                        if (expectedPermission === "r") {
+                            hasPermission = countlyAuth.validateRead(targetFeature, null, currentApp._id);
+                        }
+                        else {
+                            hasPermission = countlyAuth.validateWrite(expectedPermission, targetFeature, null, currentApp._id);
+                        }
+
+                        if (hasPermission) {
+                            acc.push({
+                                label: currentApp.name,
+                                value: currentApp._id
+                            });
+                        }
+                        return acc;
+                    }, []);
+                }
+
                 return Object.keys(apps).map(function(key) {
                     return {
                         label: apps[key].name,

From 4e87db5f01b5d36e27ce6cceba6eb52a5f6a5997 Mon Sep 17 00:00:00 2001
From: vck <vcankeklik@gmail.com>
Date: Mon, 14 Mar 2022 12:51:47 +0300
Subject: [PATCH 2/2] [vue][app-select] Auth fixes

---
 .../public/javascripts/countly/countly.auth.js  | 17 +++++++++++++++++
 .../countly/vue/components/helpers.js           | 12 ++----------
 .../frontend/public/templates/form.html         |  2 +-
 3 files changed, 20 insertions(+), 11 deletions(-)

diff --git a/frontend/express/public/javascripts/countly/countly.auth.js b/frontend/express/public/javascripts/countly/countly.auth.js
index 3bb8ecf2a27..06941a80646 100644
--- a/frontend/express/public/javascripts/countly/countly.auth.js
+++ b/frontend/express/public/javascripts/countly/countly.auth.js
@@ -168,6 +168,23 @@
         return validateWrite('d', feature, member, app_id);
     };
 
+    /**
+     * validate all types of requests for specific feature on specific app
+     * @param {string} accessType - write process type [c, r, u, d]
+     * @param {string} feature - feature name that required access right
+     * @param {object} member - countly member object
+     * @param {string} app_id - countly application id
+     * @return {boolean} result of permission check
+     */
+    countlyAuth.validate = function(accessType, feature, member, app_id) {
+        if (accessType === "r") {
+            return countlyAuth.validateRead(feature, member, app_id);
+        }
+        else {
+            return validateWrite(accessType, feature, member, app_id);
+        }
+    };
+
     /**
      * Validate is this user global admin or not
      * @returns {boolean} is this user global admin or not?
diff --git a/frontend/express/public/javascripts/countly/vue/components/helpers.js b/frontend/express/public/javascripts/countly/vue/components/helpers.js
index f5e6fb9c3b4..0d779f172e8 100644
--- a/frontend/express/public/javascripts/countly/vue/components/helpers.js
+++ b/frontend/express/public/javascripts/countly/vue/components/helpers.js
@@ -474,17 +474,9 @@
                         targetFeature = this.auth.feature;
 
                     return Object.keys(apps).reduce(function(acc, key) {
-                        var hasPermission,
-                            currentApp = apps[key];
+                        var currentApp = apps[key];
 
-                        if (expectedPermission === "r") {
-                            hasPermission = countlyAuth.validateRead(targetFeature, null, currentApp._id);
-                        }
-                        else {
-                            hasPermission = countlyAuth.validateWrite(expectedPermission, targetFeature, null, currentApp._id);
-                        }
-
-                        if (hasPermission) {
+                        if (countlyAuth.validate(expectedPermission, targetFeature, null, currentApp._id)) {
                             acc.push({
                                 label: currentApp.name,
                                 value: currentApp._id
diff --git a/plugins/vue-example/frontend/public/templates/form.html b/plugins/vue-example/frontend/public/templates/form.html
index 1da3c67f981..3f0603f96dc 100644
--- a/plugins/vue-example/frontend/public/templates/form.html
+++ b/plugins/vue-example/frontend/public/templates/form.html
@@ -317,7 +317,7 @@ <h3>Checkbox group - plain</h3>
             </cly-section>
             <cly-section title="Helpers (cly-app-select, single)">
                 <div class="example-cell">
-                    <cly-app-select v-model="selectedApp"></cly-app-select>
+                    <cly-app-select v-model="selectedApp" :auth='{"feature": "drill", "permission": "c"}'></cly-app-select>
                     <cly-app-select v-model="selectedApp" allow-all></cly-app-select>
                 </div>
                 <div class="example-cell">