From 4095066c13c6e63f7728b631fd6433ac02845d9c Mon Sep 17 00:00:00 2001
From: Pranav C <pranavxc@gmail.com>
Date: Fri, 23 Sep 2022 17:07:52 +0530
Subject: [PATCH] feat(gui): add app store page and restrict to super admin
 user

Signed-off-by: Pranav C <pranavxc@gmail.com>
---
 .../useUIPermission/rolePermissions.ts         |  4 +---
 packages/nc-gui/middleware/auth.global.ts      |  9 +++++++++
 packages/nc-gui/nuxt-shim.d.ts                 |  3 ++-
 packages/nc-gui/pages/index/apps.vue           | 18 ++++++++++++++++++
 4 files changed, 30 insertions(+), 4 deletions(-)
 create mode 100644 packages/nc-gui/pages/index/apps.vue

diff --git a/packages/nc-gui/composables/useUIPermission/rolePermissions.ts b/packages/nc-gui/composables/useUIPermission/rolePermissions.ts
index 887553d3e7..0969cae32f 100644
--- a/packages/nc-gui/composables/useUIPermission/rolePermissions.ts
+++ b/packages/nc-gui/composables/useUIPermission/rolePermissions.ts
@@ -4,9 +4,7 @@ const rolePermissions = {
   // general role permissions
   /** todo: enable wildcard permission
    *  limited permission  due to unexpected behaviour in shared base if opened in same window  */
-  [Role.Super]: {
-    projectTheme: true,
-  },
+  [Role.Super]: '*',
   [Role.Admin]: {},
   [Role.Guest]: {},
   [Role.User]: {
diff --git a/packages/nc-gui/middleware/auth.global.ts b/packages/nc-gui/middleware/auth.global.ts
index 7932c2df24..d2cec1baca 100644
--- a/packages/nc-gui/middleware/auth.global.ts
+++ b/packages/nc-gui/middleware/auth.global.ts
@@ -1,6 +1,7 @@
 import { message } from 'ant-design-vue'
 import { defineNuxtRouteMiddleware, navigateTo } from '#app'
 import { useApi, useGlobal } from '#imports'
+import { useRoles } from '~/composables'
 
 /**
  * Global auth middleware
@@ -38,6 +39,8 @@ export default defineNuxtRouteMiddleware(async (to, from) => {
 
   const { api } = useApi()
 
+  const {allRoles} = useRoles()
+
   /** if user isn't signed in and google auth is enabled, try to check if sign-in data is present */
   if (!state.signedIn && state.appInfo.value.googleAuthEnabled) await tryGoogleAuth()
 
@@ -68,6 +71,12 @@ export default defineNuxtRouteMiddleware(async (to, from) => {
       return navigateTo(from.path)
     }
   } else {
+    /** If page is limited to certain users verify the user have the roles */
+    if (to.meta.allowedRoles && to.meta.allowedRoles.every((role) => !allRoles.value[role])) {
+      message.error("You don't have enough permission to access the page.")
+      return navigateTo('/')
+    }
+
     /** if users are accessing the projects without having enough permissions, redirect to My Projects page */
     if (to.params.projectId && from.params.projectId !== to.params.projectId) {
       const user = await api.auth.me({ project_id: to?.params?.projectId as string })
diff --git a/packages/nc-gui/nuxt-shim.d.ts b/packages/nc-gui/nuxt-shim.d.ts
index e1cc40b10a..4e02345f0d 100644
--- a/packages/nc-gui/nuxt-shim.d.ts
+++ b/packages/nc-gui/nuxt-shim.d.ts
@@ -1,6 +1,6 @@
 import type { Api as BaseAPI } from 'nocodb-sdk'
 import type { UseGlobalReturn } from './composables/useGlobal/types'
-import type { NocoI18n } from './lib'
+import type { NocoI18n, Roles } from './lib'
 import type { TabType } from './composables'
 
 declare module '#app/nuxt' {
@@ -28,6 +28,7 @@ declare module 'vue-router' {
     public?: boolean
     hideHeader?: boolean
     title?: string
+    allowedRoles?: Role[]
   }
 
   interface RouteParams {
diff --git a/packages/nc-gui/pages/index/apps.vue b/packages/nc-gui/pages/index/apps.vue
new file mode 100644
index 0000000000..286fdb93d2
--- /dev/null
+++ b/packages/nc-gui/pages/index/apps.vue
@@ -0,0 +1,18 @@
+<script lang="ts" setup>
+import AppStore from '~/components/dashboard/settings/AppStore.vue'
+import { Role } from '~/lib'
+
+definePageMeta({
+  requiresAuth: true,
+  allowedRoles: [Role.Super],
+})
+</script>
+
+<template>
+  <div class="p-4 h-full overflow-auto">
+    <h1>{{ $t('label.appStore') }}</h1>
+    <AppStore />
+  </div>
+</template>
+
+<style scoped></style>