Browse Source

fix: acl for cache apis

Signed-off-by: mertmit <mertmit99@gmail.com>
pull/6319/head
mertmit 1 year ago
parent
commit
bd273037a8
  1. 13
      packages/nocodb/src/controllers/caches.controller.ts
  2. 4
      packages/nocodb/src/utils/acl.ts

13
packages/nocodb/src/controllers/caches.controller.ts

@ -1,4 +1,5 @@
import { Controller, Delete, Get, UseGuards } from '@nestjs/common'; import { Controller, Delete, Get, UseGuards } from '@nestjs/common';
import { OrgUserRoles } from 'nocodb-sdk';
import { CachesService } from '~/services/caches.service'; import { CachesService } from '~/services/caches.service';
import { GlobalGuard } from '~/guards/global/global.guard'; import { GlobalGuard } from '~/guards/global/global.guard';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware'; import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
@ -9,7 +10,11 @@ export class CachesController {
constructor(private readonly cachesService: CachesService) {} constructor(private readonly cachesService: CachesService) {}
@Get('/api/v1/db/meta/cache') @Get('/api/v1/db/meta/cache')
@Acl('cacheGet') @Acl('cacheGet', {
scope: 'org',
allowedRoles: [OrgUserRoles.SUPER_ADMIN],
blockApiTokenAccess: true,
})
async cacheGet(_, res) { async cacheGet(_, res) {
const data = await this.cachesService.cacheGet(); const data = await this.cachesService.cacheGet();
res.set({ res.set({
@ -20,7 +25,11 @@ export class CachesController {
} }
@Delete('/api/v1/db/meta/cache') @Delete('/api/v1/db/meta/cache')
@Acl('cacheDelete') @Acl('cacheDelete', {
scope: 'org',
allowedRoles: [OrgUserRoles.SUPER_ADMIN],
blockApiTokenAccess: true,
})
async cacheDelete() { async cacheDelete() {
return await this.cachesService.cacheDelete(); return await this.cachesService.cacheDelete();
} }

4
packages/nocodb/src/utils/acl.ts

@ -37,6 +37,10 @@ const permissionScopes = {
'testConnection', 'testConnection',
'genericGPT', 'genericGPT',
// Cache
'cacheGet',
'cacheDelete',
// TODO: add ACL with project scope // TODO: add ACL with project scope
'upload', 'upload',
'uploadViaURL', 'uploadViaURL',

Loading…
Cancel
Save