refactor: corrections and requested changes

Signed-off-by: Pranav C <pranavxc@gmail.com>

packages/nc-gui/lib/constants.ts

@@ -31,7 +31,7 @@ export const rolePermissions = {
     exclude: {
       appStore: true,
       superAdminUserManagement: true,
-      superAdminAppSetting: true,
+      superAdminAppSettings: true,
       appLicense: true,
     },
   },
@@ -39,7 +39,7 @@ export const rolePermissions = {
     exclude: {
       appStore: true,
       superAdminUserManagement: true,
-      superAdminAppSetting: true,
+      superAdminAppSettings: true,
       appLicense: true,
     },
   },

packages/nc-gui/pages/account/index.vue

@@ -47,7 +47,7 @@ const openKeys = ref([/^\/account\/users/.test($route.fullPath) && 'users'])
                 <span class="ml-4">Reset Password</span>
               </a-menu-item>
               <a-menu-item
-                v-if="isUIAllowed('superAdminAppSetting')"
+                v-if="isUIAllowed('superAdminAppSettings')"
                 key="settings"
                 class="text-xs"
                 @click="navigateTo('/account/users/settings')"

packages/nc-gui/pages/account/index/users/[[nestedPage]].vue

@@ -8,7 +8,7 @@ const { isUIAllowed } = useUIPermission()
   <template
     v-if="
       $route.params.nestedPage === 'password-reset' ||
-      (!isUIAllowed('superAdminUserManagement') && !isUIAllowed('superAdminAppSetting'))
+      (!isUIAllowed('superAdminUserManagement') && !isUIAllowed('superAdminAppSettings'))
     "
   >
     <LazyAccountResetPassword />

packages/nocodb-sdk/src/lib/globals.ts

@@ -34,6 +34,7 @@ export enum AuditOperationTypes {
   WEBHOOKS = 'WEBHOOKS',
   AUTHENTICATION = 'AUTHENTICATION',
   TABLE_COLUMN = 'TABLE_COLUMN',
+  ORG_USER = 'ORG_USER',
 }
 
 export enum AuditOperationSubTypes {

packages/nocodb/src/enums/OrgUserRoles.ts

@@ -1,5 +1,5 @@
 export enum OrgUserRoles {
-  SUPER = 'super',
+  SUPER_ADMIN = 'super',
   CREATOR = 'org-level-creator',
   VIEWER = 'org-level-viewer',
 }

packages/nocodb/src/lib/constants/index.ts

@@ -1,2 +1,2 @@
-export const LICENSE_KEY = 'nc-license-key';
+export const NC_LICENSE_KEY = 'nc-license-key';
 export const NC_APP_SETTINGS = 'nc-app-settings';

packages/nocodb/src/lib/meta/api/apiTokenApis.ts

@@ -16,7 +16,7 @@ export async function apiTokenCreate(req: Request, res: Response) {
 export async function apiTokenDelete(req: Request, res: Response) {
   const apiToken = await ApiToken.getByToken(req.params.apiTokenId);
   if (
-    !req['user'].roles.includes(OrgUserRoles.SUPER) &&
+    !req['user'].roles.includes(OrgUserRoles.SUPER_ADMIN) &&
     apiToken.fk_user_id !== req['user'].id
   ) {
     NcError.notFound('Token not found');

packages/nocodb/src/lib/meta/api/ee/orgTokenApis.ts

@@ -6,7 +6,7 @@ export async function apiTokenListEE(req, res) {
   let fk_user_id = req.user.id;
 
   // if super admin get all tokens
-  if (req.user.roles.includes(OrgUserRoles.SUPER)) {
+  if (req.user.roles.includes(OrgUserRoles.SUPER_ADMIN)) {
     fk_user_id = undefined;
   }
 

packages/nocodb/src/lib/meta/api/orgLicenseApis.ts

@@ -1,6 +1,6 @@
 import { Router } from 'express';
 import { OrgUserRoles } from '../../../enums/OrgUserRoles';
-import { LICENSE_KEY } from '../../constants'
+import { NC_LICENSE_KEY } from '../../constants'
 import Store from '../../models/Store';
 import { metaApiMetrics } from '../helpers/apiMetrics';
 import ncMetaAclMw from '../helpers/ncMetaAclMw';
@@ -8,13 +8,13 @@ import ncMetaAclMw from '../helpers/ncMetaAclMw';
 
 
 async function licenseGet(_req, res) {
-  const license = await Store.get(LICENSE_KEY);
+  const license = await Store.get(NC_LICENSE_KEY);
 
   res.json({ key: license?.value });
 }
 
 async function licenseSet(req, res) {
-  await Store.saveOrUpdate({ value: req.body.key, key: LICENSE_KEY });
+  await Store.saveOrUpdate({ value: req.body.key, key: NC_LICENSE_KEY });
 
   res.json({ msg: 'License key saved' });
 }
@@ -24,7 +24,7 @@ router.get(
   '/api/v1/license',
   metaApiMetrics,
   ncMetaAclMw(licenseGet, 'licenseGet', {
-    allowedRoles: [OrgUserRoles.SUPER],
+    allowedRoles: [OrgUserRoles.SUPER_ADMIN],
     blockApiTokenAccess: true,
   })
 );
@@ -32,7 +32,7 @@ router.post(
   '/api/v1/license',
   metaApiMetrics,
   ncMetaAclMw(licenseSet, 'licenseSet', {
-    allowedRoles: [OrgUserRoles.SUPER],
+    allowedRoles: [OrgUserRoles.SUPER_ADMIN],
     blockApiTokenAccess: true,
   })
 );

packages/nocodb/src/lib/meta/api/orgTokenApis.ts

@@ -12,7 +12,7 @@ import { apiTokenListEE } from './ee/orgTokenApis';
 async function apiTokenList(req, res) {
   const fk_user_id = req.user.id;
   let includeUnmappedToken = false;
-  if (req['user'].roles.includes(OrgUserRoles.SUPER)) {
+  if (req['user'].roles.includes(OrgUserRoles.SUPER_ADMIN)) {
     includeUnmappedToken = true;
   }
 
@@ -43,7 +43,7 @@ export async function apiTokenDelete(req: Request, res: Response) {
   const fk_user_id = req['user'].id;
   const apiToken = await ApiToken.getByToken(req.params.token);
   if (
-    !req['user'].roles.includes(OrgUserRoles.SUPER) &&
+    !req['user'].roles.includes(OrgUserRoles.SUPER_ADMIN) &&
     apiToken.fk_user_id !== fk_user_id
   ) {
     NcError.notFound('Token not found');

packages/nocodb/src/lib/meta/api/orgUserApis.ts

@@ -1,5 +1,9 @@
 import { Router } from 'express';
-import { PluginCategory } from 'nocodb-sdk';
+import {
+  AuditOperationSubTypes,
+  AuditOperationTypes,
+  PluginCategory,
+} from 'nocodb-sdk';
 import { v4 as uuidv4 } from 'uuid';
 import validator from 'validator';
 import { OrgUserRoles } from '../../../enums/OrgUserRoles';
@@ -34,7 +38,7 @@ async function userUpdate(req, res) {
 
   const user = await User.get(req.params.userId);
 
-  if (user.roles.includes(OrgUserRoles.SUPER)) {
+  if (user.roles.includes(OrgUserRoles.SUPER_ADMIN)) {
     NcError.badRequest('Cannot update super admin roles');
   }
 
@@ -46,7 +50,7 @@ async function userDelete(req, res) {
   try {
     const user = await User.get(req.params.userId, ncMeta);
 
-    if (user.roles.includes(OrgUserRoles.SUPER)) {
+    if (user.roles.includes(OrgUserRoles.SUPER_ADMIN)) {
       NcError.badRequest('Cannot delete super admin');
     }
 
@@ -130,8 +134,8 @@ async function userAdd(req, res, next) {
         Tele.emit('evt', { evt_type: 'org:user:invite', count });
 
         await Audit.insert({
-          op_type: 'ORG_USER',
-          op_sub_type: 'INVITE',
+          op_type: AuditOperationTypes.ORG_USER,
+          op_sub_type: AuditOperationSubTypes.INVITE,
           user: req.user.email,
           description: `invited ${email} to ${req.params.projectId} project `,
           ip: req.clientIp,
@@ -198,8 +202,8 @@ async function userInviteResend(req, res): Promise<any> {
   await sendInviteEmail(user.email, invite_token, req);
 
   await Audit.insert({
-    op_type: 'ORG_USER',
-    op_sub_type: 'RESEND_INVITE',
+    op_type: AuditOperationTypes.ORG_USER,
+    op_sub_type: AuditOperationSubTypes.RESEND_INVITE,
     user: user.email,
     description: `resent a invite to ${user.email} `,
     ip: req.clientIp,
@@ -250,7 +254,7 @@ router.get(
   '/api/v1/users',
   metaApiMetrics,
   ncMetaAclMw(userList, 'userList', {
-    allowedRoles: [OrgUserRoles.SUPER],
+    allowedRoles: [OrgUserRoles.SUPER_ADMIN],
     blockApiTokenAccess: true,
   })
 );
@@ -258,7 +262,7 @@ router.patch(
   '/api/v1/users/:userId',
   metaApiMetrics,
   ncMetaAclMw(userUpdate, 'userUpdate', {
-    allowedRoles: [OrgUserRoles.SUPER],
+    allowedRoles: [OrgUserRoles.SUPER_ADMIN],
     blockApiTokenAccess: true,
   })
 );
@@ -266,7 +270,7 @@ router.delete(
   '/api/v1/users/:userId',
   metaApiMetrics,
   ncMetaAclMw(userDelete, 'userDelete', {
-    allowedRoles: [OrgUserRoles.SUPER],
+    allowedRoles: [OrgUserRoles.SUPER_ADMIN],
     blockApiTokenAccess: true,
   })
 );
@@ -274,7 +278,7 @@ router.post(
   '/api/v1/users',
   metaApiMetrics,
   ncMetaAclMw(userAdd, 'userAdd', {
-    allowedRoles: [OrgUserRoles.SUPER],
+    allowedRoles: [OrgUserRoles.SUPER_ADMIN],
     blockApiTokenAccess: true,
   })
 );
@@ -282,7 +286,7 @@ router.post(
   '/api/v1/users/settings',
   metaApiMetrics,
   ncMetaAclMw(userSettings, 'userSettings', {
-    allowedRoles: [OrgUserRoles.SUPER],
+    allowedRoles: [OrgUserRoles.SUPER_ADMIN],
     blockApiTokenAccess: true,
   })
 );
@@ -290,7 +294,7 @@ router.post(
   '/api/v1/users/:userId/resend-invite',
   metaApiMetrics,
   ncMetaAclMw(userInviteResend, 'userInviteResend', {
-    allowedRoles: [OrgUserRoles.SUPER],
+    allowedRoles: [OrgUserRoles.SUPER_ADMIN],
     blockApiTokenAccess: true,
   })
 );
@@ -299,7 +303,7 @@ router.post(
   '/api/v1/users/:userId/generate-reset-url',
   metaApiMetrics,
   ncMetaAclMw(generateResetUrl, 'generateResetUrl', {
-    allowedRoles: [OrgUserRoles.SUPER],
+    allowedRoles: [OrgUserRoles.SUPER_ADMIN],
     blockApiTokenAccess: true,
   })
 );
@@ -308,7 +312,7 @@ router.get(
   '/api/v1/app-settings',
   metaApiMetrics,
   ncMetaAclMw(appSettingsGet, 'appSettingsGet', {
-    allowedRoles: [OrgUserRoles.SUPER],
+    allowedRoles: [OrgUserRoles.SUPER_ADMIN],
     blockApiTokenAccess: true,
   })
 );
@@ -317,7 +321,7 @@ router.post(
   '/api/v1/app-settings',
   metaApiMetrics,
   ncMetaAclMw(appSettingsSet, 'appSettingsSet', {
-    allowedRoles: [OrgUserRoles.SUPER],
+    allowedRoles: [OrgUserRoles.SUPER_ADMIN],
     blockApiTokenAccess: true,
   })
 );

packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts

@@ -121,12 +121,12 @@ export function initStrategies(router): void {
         // todo: improve this
         if (
           req.ncProjectId &&
-          jwtPayload.roles?.split(',').includes(OrgUserRoles.SUPER)
+          jwtPayload.roles?.split(',').includes(OrgUserRoles.SUPER_ADMIN)
         ) {
           return User.getByEmail(jwtPayload?.email).then(async (user) => {
             return done(null, {
               ...user,
-              roles: `owner,creator,${OrgUserRoles.SUPER}`,
+              roles: `owner,creator,${OrgUserRoles.SUPER_ADMIN}`,
             });
           });
         }

packages/nocodb/src/lib/meta/api/userApi/userApis.ts

@@ -91,7 +91,7 @@ export async function signup(req: Request, res: Response<TableType>) {
     let roles: string = OrgUserRoles.CREATOR;
 
     if (await User.isFirst()) {
-      roles = `${OrgUserRoles.CREATOR},${OrgUserRoles.SUPER}`;
+      roles = `${OrgUserRoles.CREATOR},${OrgUserRoles.SUPER_ADMIN}`;
       // todo: update in nc_store
       // roles = 'owner,creator,editor'
       Tele.emit('evt', {

packages/nocodb/src/lib/meta/helpers/getHandler.ts

@@ -1,5 +1,5 @@
 import express from 'express';
-import { LICENSE_KEY } from '../../constants';
+import { NC_LICENSE_KEY } from '../../constants';
 import Store from '../../models/Store';
 
 export default function getHandler(
@@ -7,7 +7,7 @@ export default function getHandler(
   eeHandler: express.Handler
 ): express.Handler {
   return async (...args) => {
-    const key = await Store.get(LICENSE_KEY);
+    const key = await Store.get(NC_LICENSE_KEY);
     if (!key?.value) {
       return defaultHandler(...args);
     }

packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts

@@ -30,7 +30,7 @@ export default function (
           roles?.editor ||
           roles?.viewer ||
           roles?.commenter ||
-          roles?.[OrgUserRoles.SUPER] ||
+          roles?.[OrgUserRoles.SUPER_ADMIN] ||
           roles?.[OrgUserRoles.CREATOR] ||
           roles?.[OrgUserRoles.VIEWER]
         )

packages/nocodb/src/lib/utils/projectAcl.ts

@@ -189,7 +189,7 @@ export default {
       dataGroupBy: true,
       commentsCount: true,
 
-      alleryViewGet: true,
+      galleryViewGet: true,
       kanbanViewGet: true,
       groupedDataList: true,
 
@@ -282,7 +282,7 @@ export default {
       projectList: true,
     },
   },
-  [OrgUserRoles.SUPER]: '*',
+  [OrgUserRoles.SUPER_ADMIN]: '*',
   [OrgUserRoles.CREATOR]: {
     include: {
       apiTokenList: true,