fix: base acl

4 months ago · e22b06fa9b
4 changed files with 59 additions and 1 deletions
--- a/packages/nc-gui/lib/acl.ts
+++ b/packages/nc-gui/lib/acl.ts
@ -2,7 +2,14 @@ import { OrgUserRoles, ProjectRoles } from 'nocodb-sdk'

 const roleScopes = {
  org: [OrgUserRoles.VIEWER, OrgUserRoles.CREATOR],
-  base: [ProjectRoles.VIEWER, ProjectRoles.COMMENTER, ProjectRoles.EDITOR, ProjectRoles.CREATOR, ProjectRoles.OWNER],
+  base: [
+    ProjectRoles.NO_ACCESS,
+    ProjectRoles.VIEWER,
+    ProjectRoles.COMMENTER,
+    ProjectRoles.EDITOR,
+    ProjectRoles.CREATOR,
+    ProjectRoles.OWNER,
+  ],
 }

 interface Perm {
--- a/packages/nocodb-sdk/src/lib/enums.ts
+++ b/packages/nocodb-sdk/src/lib/enums.ts
@ -19,6 +19,7 @@ export enum WorkspaceUserRoles {
  VIEWER = 'workspace-level-viewer',
  EDITOR = 'workspace-level-editor',
  COMMENTER = 'workspace-level-commenter',
+  NO_ACCESS = 'workspace-level-no-access',
 }

 export enum AppEvents {
@ -167,6 +168,7 @@ export const RoleLabels = {
  [WorkspaceUserRoles.EDITOR]: 'editor',
  [WorkspaceUserRoles.COMMENTER]: 'commenter',
  [WorkspaceUserRoles.VIEWER]: 'viewer',
+  [WorkspaceUserRoles.NO_ACCESS]: 'noaccess',
  [ProjectRoles.OWNER]: 'owner',
  [ProjectRoles.CREATOR]: 'creator',
  [ProjectRoles.EDITOR]: 'editor',
@ -184,6 +186,7 @@ export const RoleColors = {
  [WorkspaceUserRoles.EDITOR]: 'green',
  [WorkspaceUserRoles.COMMENTER]: 'orange',
  [WorkspaceUserRoles.VIEWER]: 'yellow',
+  [WorkspaceUserRoles.NO_ACCESS]: 'red',
  [ProjectRoles.OWNER]: 'purple',
  [ProjectRoles.CREATOR]: 'blue',
  [ProjectRoles.EDITOR]: 'green',
@ -203,6 +206,7 @@ export const RoleDescriptions = {
  [WorkspaceUserRoles.COMMENTER]:
    'Can view and comment data in workspace bases',
  [WorkspaceUserRoles.VIEWER]: 'Can view data in workspace bases',
+  [WorkspaceUserRoles.NO_ACCESS]: 'Cannot access this workspace',
  [ProjectRoles.OWNER]: 'Full access to base',
  [ProjectRoles.CREATOR]:
    'Can create tables, views, setup webhook, invite collaborators and more',
@ -222,6 +226,7 @@ export const RoleIcons = {
  [WorkspaceUserRoles.EDITOR]: 'role_editor',
  [WorkspaceUserRoles.COMMENTER]: 'role_commenter',
  [WorkspaceUserRoles.VIEWER]: 'role_viewer',
+  [WorkspaceUserRoles.NO_ACCESS]: 'role_no_access',
  [ProjectRoles.OWNER]: 'role_owner',
  [ProjectRoles.CREATOR]: 'role_creator',
  [ProjectRoles.EDITOR]: 'role_editor',
@ -239,6 +244,7 @@ export const WorkspaceRolesToProjectRoles = {
  [WorkspaceUserRoles.EDITOR]: ProjectRoles.EDITOR,
  [WorkspaceUserRoles.COMMENTER]: ProjectRoles.COMMENTER,
  [WorkspaceUserRoles.VIEWER]: ProjectRoles.VIEWER,
+  [WorkspaceUserRoles.NO_ACCESS]: ProjectRoles.NO_ACCESS,
 };

 export const OrderedWorkspaceRoles = [
@ -247,6 +253,7 @@ export const OrderedWorkspaceRoles = [
  WorkspaceUserRoles.EDITOR,
  WorkspaceUserRoles.COMMENTER,
  WorkspaceUserRoles.VIEWER,
+  WorkspaceUserRoles.NO_ACCESS,
 ];

 export const OrderedOrgRoles = [
--- a/packages/nocodb/src/middlewares/extract-ids/extract-ids.middleware.ts
+++ b/packages/nocodb/src/middlewares/extract-ids/extract-ids.middleware.ts
@ -35,6 +35,7 @@ export const rolesLabel = {
  [ProjectRoles.VIEWER]: 'Base Viewer',
  [ProjectRoles.EDITOR]: 'Base Editor',
  [ProjectRoles.COMMENTER]: 'Base Commenter',
+  [ProjectRoles.NO_ACCESS]: 'No Access',
 };

 export function getRolesLabels(
--- a/packages/nocodb/src/models/BaseUser.ts
+++ b/packages/nocodb/src/models/BaseUser.ts
@ -26,6 +26,49 @@ export default class BaseUser {
    return baseUser && new BaseUser(baseUser);
  }

+  public static async bulkInsert(
+    baseUsers: Partial<BaseUser>[],
+    ncMeta = Noco.ncMeta,
+  ) {
+    const insertObj = baseUsers.map((baseUser) =>
+      extractProps(baseUser, ['fk_user_id', 'base_id', 'roles']),
+    );
+
+    console.log('insertObj', insertObj);
+
+    const bulkData = await ncMeta.bulkMetaInsert(
+      null,
+      null,
+      MetaTable.PROJECT_USERS,
+      insertObj,
+      true,
+    );
+
+    const uniqueFks: string[] = [
+      ...new Set(bulkData.map((d) => d.base_id)),
+    ] as string[];
+
+    for (const fk of uniqueFks) {
+      await NocoCache.deepDel(
+        `${CacheScope.BASE_USER}:${fk}:list`,
+        CacheDelDirection.PARENT_TO_CHILD,
+      );
+    }
+
+    for (const d of bulkData) {
+      await NocoCache.set(
+        `${CacheScope.BASE_USER}:${d.base_id}:${d.fk_user_id}`,
+        d,
+      );
+
+      await NocoCache.appendToList(
+        CacheScope.BASE_USER,
+        [d.base_id],
+        `${CacheScope.BASE_USER}:${d.base_id}:${d.fk_user_id}`,
+      );
+    }
+  }
+
  public static async insert(
    baseUser: Partial<BaseUser>,
    ncMeta = Noco.ncMeta,