github
/
nocodb
mirror of https://github.com/nocodb/nocodb
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Merge pull request #6329 from nocodb/fix/api-token 

fix: assign project_roles for apitoken
pull/6334/head
Pranav C 1 year ago committed by GitHub
parent
3ce6ad405a 8fa23efedf
commit
bec29afed0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 8 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      packages/nocodb/src/middlewares/extract-ids/extract-ids.middleware.ts
  2. 17
      packages/nocodb/src/strategies/authtoken.strategy/authtoken.strategy.ts

4
packages/nocodb/src/middlewares/extract-ids/extract-ids.middleware.ts
Unescape View File

@ -180,8 +180,8 @@ export class ExtractIdsMiddleware implements NestMiddleware, CanActivate {
}
function getUserRoleForScope(user: any, scope: string) {
if (scope === 'project' || scope === 'workspace') {
return user?.project_roles || user?.workspace_roles;
if (scope === 'project') {
return user?.project_roles;
} else if (scope === 'org') {
return user?.roles;
}

17
packages/nocodb/src/strategies/authtoken.strategy/authtoken.strategy.ts
Unescape View File

@ -1,5 +1,6 @@
import { Injectable } from '@nestjs/common';
import { PassportStrategy } from '@nestjs/passport';
import { extractRolesObj, ProjectRoles } from 'nocodb-sdk';
import { Strategy } from 'passport-custom';
import { ApiToken, ProjectUser, User } from '~/models';
import { sanitiseUserObj } from '~/utils';
@ -16,9 +17,12 @@ export class AuthTokenStrategy extends PassportStrategy(Strategy, 'authtoken') {
return callback({ msg: 'Invalid token' });
}
user = {};
user = {
is_api_token: true,
};
if (!apiToken.fk_user_id) {
user.roles = 'editor';
user.project_roles = extractRolesObj(ProjectRoles.EDITOR);
return callback(null, user);
}
@ -29,17 +33,18 @@ export class AuthTokenStrategy extends PassportStrategy(Strategy, 'authtoken') {
Object.assign(user, {
id: dbUser.id,
roles: dbUser.roles,
roles: extractRolesObj(dbUser.roles),
});
dbUser.is_api_token = true;
if (req['ncProjectId']) {
const projectUser = await ProjectUser.get(
req['ncProjectId'],
dbUser.id,
);
user.roles = projectUser?.roles || dbUser.roles;
user.roles = user.roles === 'owner' ? 'owner,creator' : user.roles;
user.project_roles = extractRolesObj(projectUser?.roles);
if (user.project_roles.owner) {
user.project_roles.creator = true;
}
return callback(null, sanitiseUserObj(user));
}
}

Write Preview
Loading…
Cancel
Save