Browse Source

feat(api): update backend api permissions

Signed-off-by: Pranav C <pranavxc@gmail.com>
pull/3796/head
Pranav C 2 years ago
parent
commit
260945e4f8
  1. 8
      packages/nc-gui/composables/useUIPermission/rolePermissions.ts
  2. 6
      packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts
  3. 35
      packages/nocodb/src/lib/utils/projectAcl.ts

8
packages/nc-gui/composables/useUIPermission/rolePermissions.ts

@ -17,10 +17,14 @@ const rolePermissions = {
// Project role permissions
[ProjectRole.Creator]: {
exclude: ['appStore'],
exclude: {
appStore: true,
},
},
[ProjectRole.Owner]: {
exclude: ['appStore'],
exclude: {
appStore: true,
},
},
[ProjectRole.Editor]: {
include: {

6
packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts

@ -57,7 +57,11 @@ export default function (handlerFn, permissionName) {
return (
hasRole &&
projectAcl[name] &&
(projectAcl[name] === '*' || projectAcl[name][permissionName])
(projectAcl[name] === '*' ||
(projectAcl[name].exclude &&
!projectAcl[name].exclude[permissionName]) ||
(projectAcl[name].include &&
projectAcl[name].include[permissionName]))
);
});
if (!isAllowed) {

35
packages/nocodb/src/lib/utils/projectAcl.ts

@ -1,8 +1,24 @@
export default {
owner: '*',
creator: '*',
owner: {
exclude: {
pluginList:true,
pluginTest:true,
pluginRead:true,
pluginUpdate:true,
isPluginActive:true,
},
},
creator: {
exclude: {
pluginList:true,
pluginTest:true,
pluginRead:true,
pluginUpdate:true,
isPluginActive:true,
},
},
guest: {},
editor: {
editor:{ include: {
hideAllColumns: true,
showAllColumns: true,
auditRowUpdate: true,
@ -137,7 +153,9 @@ export default {
upload: true,
uploadViaURL: true,
},
},
commenter: {
include: {
formViewGet: true,
passwordChange: true,
// project
@ -192,7 +210,9 @@ export default {
xcExportAsCsv: true,
dataCount: true,
},
},
viewer: {
include: {
formViewGet: true,
passwordChange: true,
// project
@ -243,12 +263,16 @@ export default {
xcExportAsCsv: true,
dataCount: true
},
},
user_new: {
passwordChange: true,
projectList: true,
include: {
passwordChange: true,
projectList: true,
}
},
super: '*',
user: {
include : {
upload: true,
uploadViaURL: true,
passwordChange: true,
@ -269,6 +293,7 @@ export default {
xcMetaTablesExportDbToZip: true,
auditRowUpdate: true,
},
},
};
/**

Loading…
Cancel
Save