feat(gui): add app store page and restrict to super admin user

Signed-off-by: Pranav C <pranavxc@gmail.com>
2 years ago · 4095066c13
4 changed files with 30 additions and 4 deletions
--- a/packages/nc-gui/composables/useUIPermission/rolePermissions.ts
+++ b/packages/nc-gui/composables/useUIPermission/rolePermissions.ts
@ -4,9 +4,7 @@ const rolePermissions = {
  // general role permissions
  /** todo: enable wildcard permission
   *  limited permission  due to unexpected behaviour in shared base if opened in same window  */
-  [Role.Super]: {
-    projectTheme: true,
-  },
+  [Role.Super]: '*',
  [Role.Admin]: {},
  [Role.Guest]: {},
  [Role.User]: {
--- a/packages/nc-gui/middleware/auth.global.ts
+++ b/packages/nc-gui/middleware/auth.global.ts
@ -1,6 +1,7 @@
 import { message } from 'ant-design-vue'
 import { defineNuxtRouteMiddleware, navigateTo } from '#app'
 import { useApi, useGlobal } from '#imports'
+import { useRoles } from '~/composables'

 /**
 * Global auth middleware
@ -38,6 +39,8 @@ export default defineNuxtRouteMiddleware(async (to, from) => {

  const { api } = useApi()

+  const {allRoles} = useRoles()
+
  /** if user isn't signed in and google auth is enabled, try to check if sign-in data is present */
  if (!state.signedIn && state.appInfo.value.googleAuthEnabled) await tryGoogleAuth()

@ -68,6 +71,12 @@ export default defineNuxtRouteMiddleware(async (to, from) => {
      return navigateTo(from.path)
    }
  } else {
+    /** If page is limited to certain users verify the user have the roles */
+    if (to.meta.allowedRoles && to.meta.allowedRoles.every((role) => !allRoles.value[role])) {
+      message.error("You don't have enough permission to access the page.")
+      return navigateTo('/')
+    }
+
    /** if users are accessing the projects without having enough permissions, redirect to My Projects page */
    if (to.params.projectId && from.params.projectId !== to.params.projectId) {
      const user = await api.auth.me({ project_id: to?.params?.projectId as string })
--- a/packages/nc-gui/nuxt-shim.d.ts
+++ b/packages/nc-gui/nuxt-shim.d.ts
@ -1,6 +1,6 @@
 import type { Api as BaseAPI } from 'nocodb-sdk'
 import type { UseGlobalReturn } from './composables/useGlobal/types'
-import type { NocoI18n } from './lib'
+import type { NocoI18n, Roles } from './lib'
 import type { TabType } from './composables'

 declare module '#app/nuxt' {
@ -28,6 +28,7 @@ declare module 'vue-router' {
    public?: boolean
    hideHeader?: boolean
    title?: string
+    allowedRoles?: Role[]
  }

  interface RouteParams {
--- a/packages/nc-gui/pages/index/apps.vue
+++ b/packages/nc-gui/pages/index/apps.vue
@ -0,0 +1,18 @@
+<script lang="ts" setup>
+import AppStore from '~/components/dashboard/settings/AppStore.vue'
+import { Role } from '~/lib'
+
+definePageMeta({
+  requiresAuth: true,
+  allowedRoles: [Role.Super],
+})
+</script>
+
+<template>
+  <div class="p-4 h-full overflow-auto">
+    <h1>{{ $t('label.appStore') }}</h1>
+    <AppStore />
+  </div>
+</template>
+
+<style scoped></style>