nocodb/packages/nc-gui/composables/useUIPermission/index.ts

import { isString } from '@vueuse/core'
import { createSharedComposable, rolePermissions, useGlobal, useRoles } from '#imports'
import type { Permission, ProjectRole, Role } from '~/lib'

const hasPermission = (role: Role | ProjectRole, hasRole: boolean, permission: Permission | string) => {
  const rolePermission = rolePermissions[role]

  if (!hasRole || !rolePermission) return false

  if (isString(rolePermission) && rolePermission === '*') return true

  if ('include' in rolePermission && rolePermission.include) {
    return !!rolePermission.include[permission as keyof typeof rolePermission.include]
  }

  if ('exclude' in rolePermission && rolePermission.exclude) {
    return !rolePermission.exclude[permission as keyof typeof rolePermission.exclude]
  }

  return rolePermission[permission as keyof typeof rolePermission]
}

export const useUIPermission = createSharedComposable(() => {
  const { previewAs } = useGlobal()
  const { allRoles } = useRoles()

  const isUIAllowed = (
    permission: Permission | string,
    skipPreviewAs = false,
    userRoles?: string | Record<string, boolean> | string[],
  ) => {
    if (previewAs.value && !skipPreviewAs) {
      return hasPermission(previewAs.value, true, permission)
    }

    let roles: Record<string, boolean> = {}

    if (!userRoles) {
      roles = allRoles.value
    } else if (Array.isArray(userRoles) || typeof userRoles === 'string') {
      roles = (Array.isArray(userRoles) ? userRoles : userRoles.split(','))
        // filter out any empty-string/null/undefined values
        .filter(Boolean)
        .reduce<Record<string, boolean>>((acc, role) => {
          acc[role] = true
          return acc
        }, {})
    } else if (typeof userRoles === 'object') {
      roles = userRoles
    }

    return Object.entries(roles).some(([role, hasRole]) => hasPermission(role as Role | ProjectRole, hasRole, permission))
  }

  return { isUIAllowed }
})
fix(nc-gui): cleanup sidebar state on scope dispose 2 years ago			`import { isString } from '@vueuse/core'`
refactor(nc-gui): use lazy load and cleanup imports 2 years ago			`import { createSharedComposable, rolePermissions, useGlobal, useRoles } from '#imports'`
			`import type { Permission, ProjectRole, Role } from '~/lib'`
feat: add isUIAllowed composable Signed-off-by: Pranav C <pranavxc@gmail.com> 2 years ago
refactor(nc-gui): remove `useInjectionState` from `useUIPermission` 2 years ago			`const hasPermission = (role: Role \| ProjectRole, hasRole: boolean, permission: Permission \| string) => {`
			`const rolePermission = rolePermissions[role]`
refactor(nc-gui): use injection state for `useUIPermission` 2 years ago
refactor(nc-gui): remove `useInjectionState` from `useUIPermission` 2 years ago			`if (!hasRole \|\| !rolePermission) return false`
refactor(gui-v2): isUIAllowed 2 years ago
refactor(nc-gui): remove `useInjectionState` from `useUIPermission` 2 years ago			`if (isString(rolePermission) && rolePermission === '*') return true`
refactor(nc-gui): stop duplicating allRoles & check preview permissions separately 2 years ago
fix(gui): type correction Signed-off-by: Pranav C <pranavxc@gmail.com> 2 years ago			`if ('include' in rolePermission && rolePermission.include) {`
refactor(gui): linting and type correction Signed-off-by: Pranav C <pranavxc@gmail.com> 2 years ago			`return !!rolePermission.include[permission as keyof typeof rolePermission.include]`
feat(gui): show app store only for super admin user Signed-off-by: Pranav C <pranavxc@gmail.com> 2 years ago			`}`
refactor(gui): linting and type correction Signed-off-by: Pranav C <pranavxc@gmail.com> 2 years ago
fix(gui): type correction Signed-off-by: Pranav C <pranavxc@gmail.com> 2 years ago			`if ('exclude' in rolePermission && rolePermission.exclude) {`
refactor(gui): linting and type correction Signed-off-by: Pranav C <pranavxc@gmail.com> 2 years ago			`return !rolePermission.exclude[permission as keyof typeof rolePermission.exclude]`
feat(gui): show app store only for super admin user Signed-off-by: Pranav C <pranavxc@gmail.com> 2 years ago			`}`

refactor(nc-gui): remove `useInjectionState` from `useUIPermission` 2 years ago			`return rolePermission[permission as keyof typeof rolePermission]`
			`}`
refactor(nc-gui): cancel permission check if prematurely caught 2 years ago
refactor(nc-gui): use shared composable instead of injection state for permissions 2 years ago			`export const useUIPermission = createSharedComposable(() => {`
refactor(nc-gui): remove `useInjectionState` from `useUIPermission` 2 years ago			`const { previewAs } = useGlobal()`
			`const { allRoles } = useRoles()`
fix(nc-gui): auth tab constantly re-opening * Only reload project if it's not loaded already * Prevent tab from re-opening 2 years ago
feat(gui): update method to support custom role Signed-off-by: Pranav C <pranavxc@gmail.com> 1 year ago			`const isUIAllowed = (`
			`permission: Permission \| string,`
			`skipPreviewAs = false,`
			`userRoles?: string \| Record<string, boolean> \| string[],`
			`) => {`
refactor(gui-v2): project list page style fixes 2 years ago			`if (previewAs.value && !skipPreviewAs) {`
fix(nc-gui): use preview permissions 2 years ago			`return hasPermission(previewAs.value, true, permission)`
feat(gui-v2): add preview as option Signed-off-by: Pranav C <pranavxc@gmail.com> 2 years ago			`}`
feat(gui-v2): Load project specific role and use it in ui permission composable Signed-off-by: Pranav C <pranavxc@gmail.com> 2 years ago
feat(gui): update method to support custom role Signed-off-by: Pranav C <pranavxc@gmail.com> 1 year ago			`let roles: Record<string, boolean> = {}`

			`if (!userRoles) {`
			`roles = allRoles.value`
			`} else if (Array.isArray(userRoles) \|\| typeof userRoles === 'string') {`
			`roles = (Array.isArray(userRoles) ? userRoles : userRoles.split(','))`
			`// filter out any empty-string/null/undefined values`
			`.filter(Boolean)`
			`.reduce<Record<string, boolean>>((acc, role) => {`
			`acc[role] = true`
			`return acc`
			`}, {})`
			`} else if (typeof userRoles === 'object') {`
			`roles = userRoles`
			`}`

			`return Object.entries(roles).some(([role, hasRole]) => hasPermission(role as Role \| ProjectRole, hasRole, permission))`
feat: add isUIAllowed composable Signed-off-by: Pranav C <pranavxc@gmail.com> 2 years ago			`}`

chore(nc-gui): remove unused var 2 years ago			`return { isUIAllowed }`
refactor(nc-gui): use shared composable instead of injection state for permissions 2 years ago			`})`