diff --git a/packages/nc-gui/lib/constants.ts b/packages/nc-gui/lib/constants.ts
index eff07ff39c..bb98afbaeb 100644
--- a/packages/nc-gui/lib/constants.ts
+++ b/packages/nc-gui/lib/constants.ts
@@ -31,7 +31,7 @@ export const rolePermissions = {
exclude: {
appStore: true,
superAdminUserManagement: true,
- superAdminAppSetting: true,
+ superAdminAppSettings: true,
appLicense: true,
},
},
@@ -39,7 +39,7 @@ export const rolePermissions = {
exclude: {
appStore: true,
superAdminUserManagement: true,
- superAdminAppSetting: true,
+ superAdminAppSettings: true,
appLicense: true,
},
},
diff --git a/packages/nc-gui/pages/account/index.vue b/packages/nc-gui/pages/account/index.vue
index 9ea1ca030f..dca934833a 100644
--- a/packages/nc-gui/pages/account/index.vue
+++ b/packages/nc-gui/pages/account/index.vue
@@ -47,7 +47,7 @@ const openKeys = ref([/^\/account\/users/.test($route.fullPath) && 'users'])
Reset Password
diff --git a/packages/nocodb-sdk/src/lib/globals.ts b/packages/nocodb-sdk/src/lib/globals.ts
index 3e30e8c11e..216a3567b7 100644
--- a/packages/nocodb-sdk/src/lib/globals.ts
+++ b/packages/nocodb-sdk/src/lib/globals.ts
@@ -34,6 +34,7 @@ export enum AuditOperationTypes {
WEBHOOKS = 'WEBHOOKS',
AUTHENTICATION = 'AUTHENTICATION',
TABLE_COLUMN = 'TABLE_COLUMN',
+ ORG_USER = 'ORG_USER',
}
export enum AuditOperationSubTypes {
diff --git a/packages/nocodb/src/enums/OrgUserRoles.ts b/packages/nocodb/src/enums/OrgUserRoles.ts
index dbf53b2c3e..c5b1888256 100644
--- a/packages/nocodb/src/enums/OrgUserRoles.ts
+++ b/packages/nocodb/src/enums/OrgUserRoles.ts
@@ -1,5 +1,5 @@
export enum OrgUserRoles {
- SUPER = 'super',
+ SUPER_ADMIN = 'super',
CREATOR = 'org-level-creator',
VIEWER = 'org-level-viewer',
}
diff --git a/packages/nocodb/src/lib/constants/index.ts b/packages/nocodb/src/lib/constants/index.ts
index 297765eea7..e52388f60a 100644
--- a/packages/nocodb/src/lib/constants/index.ts
+++ b/packages/nocodb/src/lib/constants/index.ts
@@ -1,2 +1,2 @@
-export const LICENSE_KEY = 'nc-license-key';
+export const NC_LICENSE_KEY = 'nc-license-key';
export const NC_APP_SETTINGS = 'nc-app-settings';
diff --git a/packages/nocodb/src/lib/meta/api/apiTokenApis.ts b/packages/nocodb/src/lib/meta/api/apiTokenApis.ts
index 8df9e496df..f9856a8e93 100644
--- a/packages/nocodb/src/lib/meta/api/apiTokenApis.ts
+++ b/packages/nocodb/src/lib/meta/api/apiTokenApis.ts
@@ -16,7 +16,7 @@ export async function apiTokenCreate(req: Request, res: Response) {
export async function apiTokenDelete(req: Request, res: Response) {
const apiToken = await ApiToken.getByToken(req.params.apiTokenId);
if (
- !req['user'].roles.includes(OrgUserRoles.SUPER) &&
+ !req['user'].roles.includes(OrgUserRoles.SUPER_ADMIN) &&
apiToken.fk_user_id !== req['user'].id
) {
NcError.notFound('Token not found');
diff --git a/packages/nocodb/src/lib/meta/api/ee/orgTokenApis.ts b/packages/nocodb/src/lib/meta/api/ee/orgTokenApis.ts
index b838dc80bb..2aa2f8a304 100644
--- a/packages/nocodb/src/lib/meta/api/ee/orgTokenApis.ts
+++ b/packages/nocodb/src/lib/meta/api/ee/orgTokenApis.ts
@@ -6,7 +6,7 @@ export async function apiTokenListEE(req, res) {
let fk_user_id = req.user.id;
// if super admin get all tokens
- if (req.user.roles.includes(OrgUserRoles.SUPER)) {
+ if (req.user.roles.includes(OrgUserRoles.SUPER_ADMIN)) {
fk_user_id = undefined;
}
diff --git a/packages/nocodb/src/lib/meta/api/orgLicenseApis.ts b/packages/nocodb/src/lib/meta/api/orgLicenseApis.ts
index 62923346ea..259738c881 100644
--- a/packages/nocodb/src/lib/meta/api/orgLicenseApis.ts
+++ b/packages/nocodb/src/lib/meta/api/orgLicenseApis.ts
@@ -1,6 +1,6 @@
import { Router } from 'express';
import { OrgUserRoles } from '../../../enums/OrgUserRoles';
-import { LICENSE_KEY } from '../../constants'
+import { NC_LICENSE_KEY } from '../../constants'
import Store from '../../models/Store';
import { metaApiMetrics } from '../helpers/apiMetrics';
import ncMetaAclMw from '../helpers/ncMetaAclMw';
@@ -8,13 +8,13 @@ import ncMetaAclMw from '../helpers/ncMetaAclMw';
async function licenseGet(_req, res) {
- const license = await Store.get(LICENSE_KEY);
+ const license = await Store.get(NC_LICENSE_KEY);
res.json({ key: license?.value });
}
async function licenseSet(req, res) {
- await Store.saveOrUpdate({ value: req.body.key, key: LICENSE_KEY });
+ await Store.saveOrUpdate({ value: req.body.key, key: NC_LICENSE_KEY });
res.json({ msg: 'License key saved' });
}
@@ -24,7 +24,7 @@ router.get(
'/api/v1/license',
metaApiMetrics,
ncMetaAclMw(licenseGet, 'licenseGet', {
- allowedRoles: [OrgUserRoles.SUPER],
+ allowedRoles: [OrgUserRoles.SUPER_ADMIN],
blockApiTokenAccess: true,
})
);
@@ -32,7 +32,7 @@ router.post(
'/api/v1/license',
metaApiMetrics,
ncMetaAclMw(licenseSet, 'licenseSet', {
- allowedRoles: [OrgUserRoles.SUPER],
+ allowedRoles: [OrgUserRoles.SUPER_ADMIN],
blockApiTokenAccess: true,
})
);
diff --git a/packages/nocodb/src/lib/meta/api/orgTokenApis.ts b/packages/nocodb/src/lib/meta/api/orgTokenApis.ts
index 72676b24cf..39091b71e9 100644
--- a/packages/nocodb/src/lib/meta/api/orgTokenApis.ts
+++ b/packages/nocodb/src/lib/meta/api/orgTokenApis.ts
@@ -12,7 +12,7 @@ import { apiTokenListEE } from './ee/orgTokenApis';
async function apiTokenList(req, res) {
const fk_user_id = req.user.id;
let includeUnmappedToken = false;
- if (req['user'].roles.includes(OrgUserRoles.SUPER)) {
+ if (req['user'].roles.includes(OrgUserRoles.SUPER_ADMIN)) {
includeUnmappedToken = true;
}
@@ -43,7 +43,7 @@ export async function apiTokenDelete(req: Request, res: Response) {
const fk_user_id = req['user'].id;
const apiToken = await ApiToken.getByToken(req.params.token);
if (
- !req['user'].roles.includes(OrgUserRoles.SUPER) &&
+ !req['user'].roles.includes(OrgUserRoles.SUPER_ADMIN) &&
apiToken.fk_user_id !== fk_user_id
) {
NcError.notFound('Token not found');
diff --git a/packages/nocodb/src/lib/meta/api/orgUserApis.ts b/packages/nocodb/src/lib/meta/api/orgUserApis.ts
index b29e8ca620..4093d57ad3 100644
--- a/packages/nocodb/src/lib/meta/api/orgUserApis.ts
+++ b/packages/nocodb/src/lib/meta/api/orgUserApis.ts
@@ -1,5 +1,9 @@
import { Router } from 'express';
-import { PluginCategory } from 'nocodb-sdk';
+import {
+ AuditOperationSubTypes,
+ AuditOperationTypes,
+ PluginCategory,
+} from 'nocodb-sdk';
import { v4 as uuidv4 } from 'uuid';
import validator from 'validator';
import { OrgUserRoles } from '../../../enums/OrgUserRoles';
@@ -34,7 +38,7 @@ async function userUpdate(req, res) {
const user = await User.get(req.params.userId);
- if (user.roles.includes(OrgUserRoles.SUPER)) {
+ if (user.roles.includes(OrgUserRoles.SUPER_ADMIN)) {
NcError.badRequest('Cannot update super admin roles');
}
@@ -46,7 +50,7 @@ async function userDelete(req, res) {
try {
const user = await User.get(req.params.userId, ncMeta);
- if (user.roles.includes(OrgUserRoles.SUPER)) {
+ if (user.roles.includes(OrgUserRoles.SUPER_ADMIN)) {
NcError.badRequest('Cannot delete super admin');
}
@@ -130,8 +134,8 @@ async function userAdd(req, res, next) {
Tele.emit('evt', { evt_type: 'org:user:invite', count });
await Audit.insert({
- op_type: 'ORG_USER',
- op_sub_type: 'INVITE',
+ op_type: AuditOperationTypes.ORG_USER,
+ op_sub_type: AuditOperationSubTypes.INVITE,
user: req.user.email,
description: `invited ${email} to ${req.params.projectId} project `,
ip: req.clientIp,
@@ -198,8 +202,8 @@ async function userInviteResend(req, res): Promise {
await sendInviteEmail(user.email, invite_token, req);
await Audit.insert({
- op_type: 'ORG_USER',
- op_sub_type: 'RESEND_INVITE',
+ op_type: AuditOperationTypes.ORG_USER,
+ op_sub_type: AuditOperationSubTypes.RESEND_INVITE,
user: user.email,
description: `resent a invite to ${user.email} `,
ip: req.clientIp,
@@ -250,7 +254,7 @@ router.get(
'/api/v1/users',
metaApiMetrics,
ncMetaAclMw(userList, 'userList', {
- allowedRoles: [OrgUserRoles.SUPER],
+ allowedRoles: [OrgUserRoles.SUPER_ADMIN],
blockApiTokenAccess: true,
})
);
@@ -258,7 +262,7 @@ router.patch(
'/api/v1/users/:userId',
metaApiMetrics,
ncMetaAclMw(userUpdate, 'userUpdate', {
- allowedRoles: [OrgUserRoles.SUPER],
+ allowedRoles: [OrgUserRoles.SUPER_ADMIN],
blockApiTokenAccess: true,
})
);
@@ -266,7 +270,7 @@ router.delete(
'/api/v1/users/:userId',
metaApiMetrics,
ncMetaAclMw(userDelete, 'userDelete', {
- allowedRoles: [OrgUserRoles.SUPER],
+ allowedRoles: [OrgUserRoles.SUPER_ADMIN],
blockApiTokenAccess: true,
})
);
@@ -274,7 +278,7 @@ router.post(
'/api/v1/users',
metaApiMetrics,
ncMetaAclMw(userAdd, 'userAdd', {
- allowedRoles: [OrgUserRoles.SUPER],
+ allowedRoles: [OrgUserRoles.SUPER_ADMIN],
blockApiTokenAccess: true,
})
);
@@ -282,7 +286,7 @@ router.post(
'/api/v1/users/settings',
metaApiMetrics,
ncMetaAclMw(userSettings, 'userSettings', {
- allowedRoles: [OrgUserRoles.SUPER],
+ allowedRoles: [OrgUserRoles.SUPER_ADMIN],
blockApiTokenAccess: true,
})
);
@@ -290,7 +294,7 @@ router.post(
'/api/v1/users/:userId/resend-invite',
metaApiMetrics,
ncMetaAclMw(userInviteResend, 'userInviteResend', {
- allowedRoles: [OrgUserRoles.SUPER],
+ allowedRoles: [OrgUserRoles.SUPER_ADMIN],
blockApiTokenAccess: true,
})
);
@@ -299,7 +303,7 @@ router.post(
'/api/v1/users/:userId/generate-reset-url',
metaApiMetrics,
ncMetaAclMw(generateResetUrl, 'generateResetUrl', {
- allowedRoles: [OrgUserRoles.SUPER],
+ allowedRoles: [OrgUserRoles.SUPER_ADMIN],
blockApiTokenAccess: true,
})
);
@@ -308,7 +312,7 @@ router.get(
'/api/v1/app-settings',
metaApiMetrics,
ncMetaAclMw(appSettingsGet, 'appSettingsGet', {
- allowedRoles: [OrgUserRoles.SUPER],
+ allowedRoles: [OrgUserRoles.SUPER_ADMIN],
blockApiTokenAccess: true,
})
);
@@ -317,7 +321,7 @@ router.post(
'/api/v1/app-settings',
metaApiMetrics,
ncMetaAclMw(appSettingsSet, 'appSettingsSet', {
- allowedRoles: [OrgUserRoles.SUPER],
+ allowedRoles: [OrgUserRoles.SUPER_ADMIN],
blockApiTokenAccess: true,
})
);
diff --git a/packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts b/packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts
index 2903a766db..cc261f1e71 100644
--- a/packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts
+++ b/packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts
@@ -121,12 +121,12 @@ export function initStrategies(router): void {
// todo: improve this
if (
req.ncProjectId &&
- jwtPayload.roles?.split(',').includes(OrgUserRoles.SUPER)
+ jwtPayload.roles?.split(',').includes(OrgUserRoles.SUPER_ADMIN)
) {
return User.getByEmail(jwtPayload?.email).then(async (user) => {
return done(null, {
...user,
- roles: `owner,creator,${OrgUserRoles.SUPER}`,
+ roles: `owner,creator,${OrgUserRoles.SUPER_ADMIN}`,
});
});
}
diff --git a/packages/nocodb/src/lib/meta/api/userApi/userApis.ts b/packages/nocodb/src/lib/meta/api/userApi/userApis.ts
index 90d36a3728..e99965aef4 100644
--- a/packages/nocodb/src/lib/meta/api/userApi/userApis.ts
+++ b/packages/nocodb/src/lib/meta/api/userApi/userApis.ts
@@ -91,7 +91,7 @@ export async function signup(req: Request, res: Response) {
let roles: string = OrgUserRoles.CREATOR;
if (await User.isFirst()) {
- roles = `${OrgUserRoles.CREATOR},${OrgUserRoles.SUPER}`;
+ roles = `${OrgUserRoles.CREATOR},${OrgUserRoles.SUPER_ADMIN}`;
// todo: update in nc_store
// roles = 'owner,creator,editor'
Tele.emit('evt', {
diff --git a/packages/nocodb/src/lib/meta/helpers/getHandler.ts b/packages/nocodb/src/lib/meta/helpers/getHandler.ts
index 2d224de923..f41e899d6d 100644
--- a/packages/nocodb/src/lib/meta/helpers/getHandler.ts
+++ b/packages/nocodb/src/lib/meta/helpers/getHandler.ts
@@ -1,5 +1,5 @@
import express from 'express';
-import { LICENSE_KEY } from '../../constants';
+import { NC_LICENSE_KEY } from '../../constants';
import Store from '../../models/Store';
export default function getHandler(
@@ -7,7 +7,7 @@ export default function getHandler(
eeHandler: express.Handler
): express.Handler {
return async (...args) => {
- const key = await Store.get(LICENSE_KEY);
+ const key = await Store.get(NC_LICENSE_KEY);
if (!key?.value) {
return defaultHandler(...args);
}
diff --git a/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts b/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts
index e43edef04d..7034d235a9 100644
--- a/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts
+++ b/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts
@@ -30,7 +30,7 @@ export default function (
roles?.editor ||
roles?.viewer ||
roles?.commenter ||
- roles?.[OrgUserRoles.SUPER] ||
+ roles?.[OrgUserRoles.SUPER_ADMIN] ||
roles?.[OrgUserRoles.CREATOR] ||
roles?.[OrgUserRoles.VIEWER]
)
diff --git a/packages/nocodb/src/lib/utils/projectAcl.ts b/packages/nocodb/src/lib/utils/projectAcl.ts
index b067260259..bfae7a7ecd 100644
--- a/packages/nocodb/src/lib/utils/projectAcl.ts
+++ b/packages/nocodb/src/lib/utils/projectAcl.ts
@@ -189,7 +189,7 @@ export default {
dataGroupBy: true,
commentsCount: true,
- alleryViewGet: true,
+ galleryViewGet: true,
kanbanViewGet: true,
groupedDataList: true,
@@ -282,7 +282,7 @@ export default {
projectList: true,
},
},
- [OrgUserRoles.SUPER]: '*',
+ [OrgUserRoles.SUPER_ADMIN]: '*',
[OrgUserRoles.CREATOR]: {
include: {
apiTokenList: true,