feat: for non-super user only show their own token

Signed-off-by: Pranav C <pranavxc@gmail.com>
2 years ago · e387d4b090
3 changed files with 19 additions and 11 deletions
--- a/packages/nc-gui/layouts/base.vue
+++ b/packages/nc-gui/layouts/base.vue
@ -87,7 +87,7 @@ hooks.hook('page:finish', () => {
            <template #overlay>
              <a-menu class="!py-0 leading-8 !rounded">
                <a-menu-item key="0" data-testid="nc-menu-accounts__user-settings" class="!rounded-t">
-                  <nuxt-link v-e="['c:navbar:user:email']" class="nc-project-menu-item group !no-underline" to="/user">
+                  <nuxt-link v-e="['c:navbar:user:email']" class="nc-project-menu-item group !no-underline" to="/admin/users">
                    <MdiAt class="mt-1 group-hover:text-accent" />&nbsp;

                    <span class="prose group-hover:text-primary"> {{ email }}</span>
@ -107,7 +107,7 @@ hooks.hook('page:finish', () => {
                  </nuxt-link>
                </a-menu-item>
                <a-menu-divider class="!m-0" />
-                <a-menu-item v-if="isUIAllowed('appStore')" key="0" class="!rounded-t">
+<!--                <a-menu-item v-if="isUIAllowed('appStore')" key="0" class="!rounded-t">
                  <nuxt-link
                    v-e="['c:settings:appstore', { page: true }]"
                    class="nc-project-menu-item group !no-underline"
@ -115,12 +115,12 @@ hooks.hook('page:finish', () => {
                  >
                    <MdiShieldAccountOutline class="mt-1 group-hover:text-accent" />&nbsp;

-                    <!-- todo: i18n -->
+                    &lt;!&ndash; todo: i18n &ndash;&gt;
                    <span class="prose group-hover:text-primary">Account management</span>
                  </nuxt-link>
                </a-menu-item>

-                <a-menu-divider class="!m-0" />
+                <a-menu-divider class="!m-0" />-->

                <a-menu-item key="1" class="!rounded-b group">
                  <div v-e="['a:navbar:user:sign-out']" class="nc-project-menu-item group" @click="logout">
--- a/packages/nocodb/src/lib/meta/api/orgTokenApis.ts
+++ b/packages/nocodb/src/lib/meta/api/orgTokenApis.ts
@ -16,11 +16,13 @@ async function apiTokenList(req, res) {
  }

  res.json(
-    new PagedResponseImpl(await ApiToken.listWithCreatedBy(req.query), {
-      ...req.query,
-      count: await ApiToken.count(),
-      fk_user_id,
-    })
+    new PagedResponseImpl(
+      await ApiToken.listWithCreatedBy({ ...req.query, fk_user_id }),
+      {
+        ...req.query,
+        count: await ApiToken.count(),
+      }
+    )
  );
 }

--- a/packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts
+++ b/packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts
@ -119,9 +119,15 @@ export function initStrategies(router): void {
      },
      async (req, jwtPayload, done) => {
        // todo: improve this
-        if (jwtPayload.roles?.split(',').includes(OrgUserRoles.SUPER)) {
+        if (
+          req.ncProjectId &&
+          jwtPayload.roles?.split(',').includes(OrgUserRoles.SUPER)
+        ) {
          return User.getByEmail(jwtPayload?.email).then(async (user) => {
-            return done(null, { ...user, roles: 'owner,creator' });
+            return done(null, {
+              ...user,
+              roles: `owner,creator,${OrgUserRoles.SUPER}`,
+            });
          });
        }