github
/
nocodb
mirror of https://github.com/nocodb/nocodb
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

fix: permission correction

pull/8708/head
Pranav C 4 months ago
parent
e1174bbf72
commit
17bbfd3532
3 changed files with 201 additions and 205 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      packages/nc-gui/components/dashboard/TreeView/ProjectNode.vue
  2. 106
      packages/nc-gui/components/dashboard/settings/data-sources/CreateBase.vue
  3. 38
      packages/nocodb/src/utils/acl.ts

2
packages/nc-gui/components/dashboard/TreeView/ProjectNode.vue
Unescape View File

@ -104,7 +104,7 @@ const showBaseOption = (source: SourceType) => {
return ['airtableImport', 'csvImport', 'jsonImport', 'excelImport'].some((permission) => return ['airtableImport', 'csvImport', 'jsonImport', 'excelImport'].some((permission) =>
isUIAllowed(permission, { source }), isUIAllowed(permission, { source }),
) )
}) }
const enableEditMode = () => { const enableEditMode = () => {
editMode.value = true editMode.value = true

106
packages/nc-gui/components/dashboard/settings/data-sources/CreateBase.vue
Unescape View File

@ -1,7 +1,7 @@
<script lang="ts" setup> <script lang="ts" setup>
import {Form, message} from 'ant-design-vue' import { Form, message } from 'ant-design-vue'
import type {SelectHandler} from 'ant-design-vue/es/vc-select/Select' import type { SelectHandler } from 'ant-design-vue/es/vc-select/Select'
import {SourceRestriction} from 'nocodb-sdk' import { SourceRestriction } from 'nocodb-sdk'
import { import {
type CertTypes, type CertTypes,
ClientType, ClientType,
@ -21,12 +21,12 @@ const vOpen = useVModel(props, 'open', emit)
const connectionType = computed(() => props.connectionType ?? ClientType.MYSQL) const connectionType = computed(() => props.connectionType ?? ClientType.MYSQL)
const baseStore = useBase() const baseStore = useBase()
const {loadProject} = useBases() const { loadProject } = useBases()
const {base} = storeToRefs(baseStore) const { base } = storeToRefs(baseStore)
const {loadProjectTables} = useTablesStore() const { loadProjectTables } = useTablesStore()
const {refreshCommandPalette} = useCommandPalette() const { refreshCommandPalette } = useCommandPalette()
const _projectId = inject(ProjectIdInj, undefined) const _projectId = inject(ProjectIdInj, undefined)
const baseId = computed(() => _projectId?.value ?? base.value?.id) const baseId = computed(() => _projectId?.value ?? base.value?.id)
@ -39,31 +39,30 @@ const testingConnection = ref(false)
const form = ref<typeof Form>() const form = ref<typeof Form>()
const {api} = useApi() const { api } = useApi()
const {$e} = useNuxtApp() const { $e } = useNuxtApp()
const {t} = useI18n() const { t } = useI18n()
const creatingSource = ref(false) const creatingSource = ref(false)
const formState = ref<ProjectCreateForm>({ const formState = ref<ProjectCreateForm>({
title: '', title: '',
dataSource: {...getDefaultConnectionConfig(ClientType.MYSQL)}, dataSource: { ...getDefaultConnectionConfig(ClientType.MYSQL) },
inflection: { inflection: {
inflectionColumn: 'none', inflectionColumn: 'none',
inflectionTable: 'none', inflectionTable: 'none',
}, },
sslUse: SSLUsage.No, sslUse: SSLUsage.No,
extraParameters: [], extraParameters: [],
'is_schema_readonly': true, is_schema_readonly: true,
'is_data_readonly': false, is_data_readonly: false,
},
}) })
const customFormState = ref<ProjectCreateForm>({ const customFormState = ref<ProjectCreateForm>({
title: '', title: '',
dataSource: {...getDefaultConnectionConfig(ClientType.MYSQL)}, dataSource: { ...getDefaultConnectionConfig(ClientType.MYSQL) },
inflection: { inflection: {
inflectionColumn: 'none', inflectionColumn: 'none',
inflectionTable: 'none', inflectionTable: 'none',
@ -134,14 +133,14 @@ const validators = computed(() => {
} }
}) })
const {validate, validateInfos} = useForm(formState.value, validators) const { validate, validateInfos } = useForm(formState.value, validators)
const populateName = (v: string) => { const populateName = (v: string) => {
formState.value.dataSource.connection.database = `${v.trim()}_noco` formState.value.dataSource.connection.database = `${v.trim()}_noco`
} }
const onClientChange = () => { const onClientChange = () => {
formState.value.dataSource = {...getDefaultConnectionConfig(formState.value.dataSource.client)} formState.value.dataSource = { ...getDefaultConnectionConfig(formState.value.dataSource.client) }
populateName(formState.value.title) populateName(formState.value.title)
} }
@ -182,7 +181,7 @@ const updateSSLUse = () => {
} }
const addNewParam = () => { const addNewParam = () => {
formState.value.extraParameters.push({key: '', value: ''}) formState.value.extraParameters.push({ key: '', value: '' })
} }
const removeParam = (index: number) => { const removeParam = (index: number) => {
@ -234,7 +233,7 @@ const focusInvalidInput = () => {
form.value?.$el.querySelector('.ant-form-item-explain-error')?.parentNode?.parentNode?.querySelector('input')?.focus() form.value?.$el.querySelector('.ant-form-item-explain-error')?.parentNode?.parentNode?.querySelector('input')?.focus()
} }
const {$poller} = useNuxtApp() const { $poller } = useNuxtApp()
const createSource = async () => { const createSource = async () => {
try { try {
@ -251,7 +250,7 @@ const createSource = async () => {
const connection = getConnectionConfig() const connection = getConnectionConfig()
const config = {...formState.value.dataSource, connection} const config = { ...formState.value.dataSource, connection }
const jobData = await api.source.create(baseId.value, { const jobData = await api.source.create(baseId.value, {
alias: formState.value.title, alias: formState.value.title,
@ -264,7 +263,7 @@ const createSource = async () => {
}) })
$poller.subscribe( $poller.subscribe(
{id: jobData.id}, { id: jobData.id },
async (data: { async (data: {
id: string id: string
status?: string status?: string
@ -350,11 +349,11 @@ const testConnection = async () => {
const handleImportURL = async () => { const handleImportURL = async () => {
if (!importURL.value || importURL.value === '') return if (!importURL.value || importURL.value === '') return
const connectionConfig = await api.utils.urlToConfig({url: importURL.value}) const connectionConfig = await api.utils.urlToConfig({ url: importURL.value })
if (connectionConfig) { if (connectionConfig) {
formState.value.dataSource.client = connectionConfig.client formState.value.dataSource.client = connectionConfig.client
formState.value.dataSource.connection = {...connectionConfig.connection} formState.value.dataSource.connection = { ...connectionConfig.connection }
} else { } else {
message.error(t('msg.error.invalidURL')) message.error(t('msg.error.invalidURL'))
} }
@ -363,12 +362,12 @@ const handleImportURL = async () => {
} }
const handleEditJSON = () => { const handleEditJSON = () => {
customFormState.value = {...formState.value} customFormState.value = { ...formState.value }
configEditDlg.value = true configEditDlg.value = true
} }
const handleOk = () => { const handleOk = () => {
formState.value = {...customFormState.value} formState.value = { ...customFormState.value }
configEditDlg.value = false configEditDlg.value = false
updateSSLUse() updateSSLUse()
} }
@ -377,7 +376,7 @@ const handleOk = () => {
watch( watch(
() => formState.value.dataSource, () => formState.value.dataSource,
() => (testSuccess.value = false), () => (testSuccess.value = false),
{deep: true}, { deep: true },
) )
// populate database name based on title // populate database name based on title
@ -405,7 +404,7 @@ watch(
formState.value.dataSource.client = v formState.value.dataSource.client = v
onClientChange() onClientChange()
}, },
{immediate: true}, { immediate: true },
) )
const toggleModal = (val: boolean) => { const toggleModal = (val: boolean) => {
vOpen.value = val vOpen.value = val
@ -445,7 +444,7 @@ const allowDataWrite = computed({
<div class="create-source bg-white relative flex flex-col justify-center gap-2 w-full"> <div class="create-source bg-white relative flex flex-col justify-center gap-2 w-full">
<h1 class="prose-xl font-bold self-start mb-4 flex items-center gap-2"> <h1 class="prose-xl font-bold self-start mb-4 flex items-center gap-2">
{{ $t('title.newBase') }} {{ $t('title.newBase') }}
<DashboardSettingsDataSourcesInfo/> <DashboardSettingsDataSourcesInfo />
<span class="flex-grow"></span> <span class="flex-grow"></span>
</h1> </h1>
@ -464,7 +463,7 @@ const allowDataWrite = computed({
}" }"
> >
<a-form-item label="Source Name" v-bind="validateInfos.title"> <a-form-item label="Source Name" v-bind="validateInfos.title">
<a-input v-model:value="formState.title" class="nc-extdb-proj-name"/> <a-input v-model:value="formState.title" class="nc-extdb-proj-name" />
</a-form-item> </a-form-item>
<a-form-item :label="$t('labels.dbType')" v-bind="validateInfos['dataSource.client']"> <a-form-item :label="$t('labels.dbType')" v-bind="validateInfos['dataSource.client']">
@ -494,7 +493,7 @@ const allowDataWrite = computed({
:label="$t('labels.sqliteFile')" :label="$t('labels.sqliteFile')"
v-bind="validateInfos['dataSource.connection.connection.filename']" v-bind="validateInfos['dataSource.connection.connection.filename']"
> >
<a-input v-model:value="(formState.dataSource.connection as SQLiteConnection).connection.filename"/> <a-input v-model:value="(formState.dataSource.connection as SQLiteConnection).connection.filename" />
</a-form-item> </a-form-item>
<template v-else> <template v-else>
@ -516,8 +515,7 @@ const allowDataWrite = computed({
<!-- Username --> <!-- Username -->
<a-form-item :label="$t('labels.username')" v-bind="validateInfos['dataSource.connection.user']"> <a-form-item :label="$t('labels.username')" v-bind="validateInfos['dataSource.connection.user']">
<a-input v-model:value="(formState.dataSource.connection as DefaultConnection).user" <a-input v-model:value="(formState.dataSource.connection as DefaultConnection).user" class="nc-extdb-host-user" />
class="nc-extdb-host-user"/>
</a-form-item> </a-form-item>
<!-- Password --> <!-- Password -->
@ -544,7 +542,7 @@ const allowDataWrite = computed({
:label="$t('labels.schemaName')" :label="$t('labels.schemaName')"
v-bind="validateInfos['dataSource.searchPath.0']" v-bind="validateInfos['dataSource.searchPath.0']"
> >
<a-input v-model:value="formState.dataSource.searchPath[0]"/> <a-input v-model:value="formState.dataSource.searchPath[0]" />
</a-form-item> </a-form-item>
<a-form-item> <a-form-item>
<template #label> <template #label>
@ -556,7 +554,7 @@ const allowDataWrite = computed({
<template #title> <template #title>
<span>{{ $t('tooltip.allowMetaWrite') }}</span> <span>{{ $t('tooltip.allowMetaWrite') }}</span>
</template> </template>
<GeneralIcon class="text-gray-500" icon="info"/> <GeneralIcon class="text-gray-500" icon="info" />
</NcTooltip> </NcTooltip>
</div> </div>
</template> </template>
@ -593,8 +591,7 @@ const allowDataWrite = computed({
<div class="flex items-right justify-end gap-2"> <div class="flex items-right justify-end gap-2">
<!-- Use Connection URL --> <!-- Use Connection URL -->
<NcButton type="ghost" size="small" class="nc-extdb-btn-import-url !rounded-md" <NcButton type="ghost" size="small" class="nc-extdb-btn-import-url !rounded-md" @click.stop="importURLDlg = true">
@click.stop="importURLDlg = true">
{{ $t('activity.useConnectionUrl') }} {{ $t('activity.useConnectionUrl') }}
</NcButton> </NcButton>
</div> </div>
@ -632,8 +629,7 @@ const allowDataWrite = computed({
<span>{{ $t('tooltip.clientCert') }}</span> <span>{{ $t('tooltip.clientCert') }}</span>
</template> </template>
<NcButton size="small" :disabled="!sslFilesRequired" class="shadow" <NcButton size="small" :disabled="!sslFilesRequired" class="shadow" @click="certFileInput?.click()">
@click="certFileInput?.click()">
{{ $t('labels.clientCert') }} {{ $t('labels.clientCert') }}
</NcButton> </NcButton>
</a-tooltip> </a-tooltip>
@ -643,8 +639,7 @@ const allowDataWrite = computed({
<template #title> <template #title>
<span>{{ $t('tooltip.clientKey') }}</span> <span>{{ $t('tooltip.clientKey') }}</span>
</template> </template>
<NcButton size="small" :disabled="!sslFilesRequired" class="shadow" <NcButton size="small" :disabled="!sslFilesRequired" class="shadow" @click="keyFileInput?.click()">
@click="keyFileInput?.click()">
{{ $t('labels.clientKey') }} {{ $t('labels.clientKey') }}
</NcButton> </NcButton>
</a-tooltip> </a-tooltip>
@ -655,24 +650,20 @@ const allowDataWrite = computed({
<span>{{ $t('tooltip.clientCA') }}</span> <span>{{ $t('tooltip.clientCA') }}</span>
</template> </template>
<NcButton size="small" :disabled="!sslFilesRequired" class="shadow" <NcButton size="small" :disabled="!sslFilesRequired" class="shadow" @click="caFileInput?.click()">
@click="caFileInput?.click()">
{{ $t('labels.serverCA') }} {{ $t('labels.serverCA') }}
</NcButton> </NcButton>
</a-tooltip> </a-tooltip>
</div> </div>
</a-form-item> </a-form-item>
<input ref="caFileInput" type="file" class="!hidden" <input ref="caFileInput" type="file" class="!hidden" @change="onFileSelect(CertTypes.ca, caFileInput)" />
@change="onFileSelect(CertTypes.ca, caFileInput)"/>
<input ref="certFileInput" type="file" class="!hidden" <input ref="certFileInput" type="file" class="!hidden" @change="onFileSelect(CertTypes.cert, certFileInput)" />
@change="onFileSelect(CertTypes.cert, certFileInput)"/>
<input ref="keyFileInput" type="file" class="!hidden" <input ref="keyFileInput" type="file" class="!hidden" @change="onFileSelect(CertTypes.key, keyFileInput)" />
@change="onFileSelect(CertTypes.key, keyFileInput)"/>
<a-divider/> <a-divider />
<!-- Extra connection parameters --> <!-- Extra connection parameters -->
<a-form-item <a-form-item
@ -683,11 +674,11 @@ const allowDataWrite = computed({
<a-card> <a-card>
<div v-for="(item, index) of formState.extraParameters" :key="index"> <div v-for="(item, index) of formState.extraParameters" :key="index">
<div class="flex py-1 items-center gap-1"> <div class="flex py-1 items-center gap-1">
<a-input v-model:value="item.key"/> <a-input v-model:value="item.key" />
<span>:</span> <span>:</span>
<a-input v-model:value="item.value"/> <a-input v-model:value="item.value" />
<component <component
:is="iconMap.close" :is="iconMap.close"
@ -698,13 +689,13 @@ const allowDataWrite = computed({
</div> </div>
<NcButton size="small" type="dashed" class="w-full caption mt-2" @click="addNewParam"> <NcButton size="small" type="dashed" class="w-full caption mt-2" @click="addNewParam">
<div class="flex items-center justify-center"> <div class="flex items-center justify-center">
<component :is="iconMap.plus"/> <component :is="iconMap.plus" />
</div> </div>
</NcButton> </NcButton>
</a-card> </a-card>
</a-form-item> </a-form-item>
<a-divider/> <a-divider />
<a-form-item :label="$t('labels.inflection.tableName')"> <a-form-item :label="$t('labels.inflection.tableName')">
<a-select <a-select
v-model:value="formState.inflection.inflectionTable" v-model:value="formState.inflection.inflectionTable"
@ -729,8 +720,7 @@ const allowDataWrite = computed({
v-model:value="formState.inflection.inflectionColumn" v-model:value="formState.inflection.inflectionColumn"
dropdown-class-name="nc-dropdown-inflection-column-name" dropdown-class-name="nc-dropdown-inflection-column-name"
> >
<a-select-option v-for="tp in inflectionTypes" :key="tp" :value="tp" <a-select-option v-for="tp in inflectionTypes" :key="tp" :value="tp">
>
<div class="flex items-center gap-2 justify-between"> <div class="flex items-center gap-2 justify-between">
<div>{{ tp }}</div> <div>{{ tp }}</div>
<component <component
@ -765,7 +755,7 @@ const allowDataWrite = computed({
:loading="testingConnection" :loading="testingConnection"
@click="testConnection" @click="testConnection"
> >
<GeneralIcon v-if="testSuccess" icon="circleCheck" class="text-primary mr-2"/> <GeneralIcon v-if="testSuccess" icon="circleCheck" class="text-primary mr-2" />
{{ $t('activity.testDbConn') }} {{ $t('activity.testDbConn') }}
</NcButton> </NcButton>
@ -790,7 +780,7 @@ const allowDataWrite = computed({
wrap-class-name="nc-modal-edit-connection-json" wrap-class-name="nc-modal-edit-connection-json"
@ok="handleOk" @ok="handleOk"
> >
<MonacoEditor v-if="configEditDlg" v-model="customFormState" class="h-[400px] w-full"/> <MonacoEditor v-if="configEditDlg" v-model="customFormState" class="h-[400px] w-full" />
</a-modal> </a-modal>
<!-- Use Connection URL --> <!-- Use Connection URL -->
@ -803,7 +793,7 @@ const allowDataWrite = computed({
wrap-class-name="nc-modal-connection-url" wrap-class-name="nc-modal-connection-url"
@ok="handleImportURL" @ok="handleImportURL"
> >
<a-input v-model:value="importURL"/> <a-input v-model:value="importURL" />
</a-modal> </a-modal>
</div> </div>
</div> </div>

38
packages/nocodb/src/utils/acl.ts
Unescape View File

@ -450,28 +450,34 @@ Object.values(rolePermissions).forEach((role) => {
} }
}); });
// excluded/restricted permissions at source level based on source restriction // Excluded permissions for source restrictions
// `true` means permission is restricted and `false`/missing means permission is allowed // `true` means permission is restricted and `false`/missing means permission is allowed
export const sourceRestrictions = { export const sourceRestrictions = {
[SourceRestriction.DATA_READONLY]: {
dataInsert: true,
dataEdit: true,
dataDelete: true,
airtableImport: true,
csvImport: true,
jsonImport: true,
excelImport: true,
},
[SourceRestriction.SCHEMA_READONLY]: { [SourceRestriction.SCHEMA_READONLY]: {
tableCreate: true, tableCreate: true,
tableRename: true,
tableDelete: true, tableDelete: true,
tableDuplicate: true, tableUpdate: true,
airtableImport: true, // columnAdd: true,
csvImport: true, // columnDelete: true,
jsonImport: true, // columnUpdate: true,
excelImport: true, columnBulk: true,
},
[SourceRestriction.DATA_READONLY]: {
dataUpdate: true,
dataDelete: true,
dataInsert: true,
bulkDataInsert: true,
bulkDataUpdate: true,
bulkDataUpdateAll: true,
bulkDataDelete: true,
bulkDataDeleteAll: true,
relationDataRemove: true,
relationDataAdd: true,
nestedDataListCopyPasteOrDeleteAll: true,
nestedDataUnlink: true,
nestedDataLink: true,
}, },
}; };
export default rolePermissions; export default rolePermissions;

Write Preview
Loading…
Cancel
Save