Elgato_dark/ToolJet
1
0
Fork 0
mirror of https://github.com/ToolJet/ToolJet synced 2026-05-22 08:28:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

added seeding for new user revamp

Browse source
This commit is contained in:
kriks7iitk 2024-06-14 10:01:46 +05:30
parent 35769ceff9
commit 2fa84b0ab1
16 changed files with 190 additions and 125 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

53
frontend/src/ManageGranularAccess/index.jsx
View file

@ -172,16 +172,14 @@ class ManageGranularAccessComponent extends React.Component {
this.closeAddPermissionModal();
toast.success('Permission updated successfully');
})
.catch((err) => {
toast.error(err.error);
this.closeAddPermissionModal();
// this.props.setErrorState({
// showEditRoleErrorModal:true,
// errorTitle:error?.title ? error?.title :"Cannot update permissions",
// errorMessage:error.error,
// errorIconName:'usergear',
// errorListItems:error.data
// })
.catch(({ error }) => {
this.props.updateParentState({
showEditRoleErrorModal: true,
errorTitle: error?.title ? error?.title : 'Cannot remove last admin',
errorMessage: error.error,
errorIconName: 'usergear',
errorListItems: error.data,
});
});
};
@ -232,6 +230,25 @@ class ManageGranularAccessComponent extends React.Component {
this.closeAddPermissionModal();
});
};
showPermissionText = (groupPermission) => {
const text =
groupPermission.name === 'admin'
? 'Admin has edit access to all apps. These are not editable'
: 'End-user can only have permission to view apps';
return (
<div className="manage-group-users-info">
<p
className="tj-text-xsm"
style={{ display: 'flex', alignItems: 'center', gap: '4px' }}
data-cy="helper-text-admin-app-access"
>
<SolidIcon name="information" fill="#3E63DD" /> {text}
<a style={{ margin: '0', padding: '0', textDecoration: 'none', color: '#3E63DD' }}>Read Documentation</a> to
know more
</p>
</div>
);
};
openAddPermissionModal = () => this.setState({ showAddPermissionModal: true });
@ -297,6 +314,8 @@ class ManageGranularAccessComponent extends React.Component {
];
const currentGroupPermission = this.props?.groupPermission;
const isRoleGroup = currentGroupPermission.name == 'admin';
const showPermissionInfo = currentGroupPermission.name == 'admin' || currentGroupPermission.name == 'end-user';
const disableEditUpdate = currentGroupPermission.name == 'end-user';
return (
<div className="row granular-access-container justify-content-center">
<ModalBase
@ -362,12 +381,14 @@ class ManageGranularAccessComponent extends React.Component {
<input
className="form-check-input"
type="radio"
disabled={disableEditUpdate}
checked={initialPermissionState.canEdit}
onClick={() => {
this.setState((prevState) => ({
initialPermissionState: {
...prevState.initialPermissionState,
canEdit: !prevState.initialPermissionState.canEdit,
...(!prevState.initialPermissionState.canEdit && { canView: false }),
},
}));
}}
@ -390,6 +411,7 @@ class ManageGranularAccessComponent extends React.Component {
initialPermissionState: {
...prevState.initialPermissionState,
canView: !prevState.initialPermissionState.canView,
...(!prevState.initialPermissionState.canView && { canEdit: false }),
},
}));
}}
@ -515,6 +537,7 @@ class ManageGranularAccessComponent extends React.Component {
</div>
) : (
<div>
{showPermissionInfo && this.showPermissionText(currentGroupPermission)}
<div className="manage-group-permision-header">
<p data-cy="resource-header" className="tj-text-xsm">
{'Name'}
@ -558,14 +581,14 @@ class ManageGranularAccessComponent extends React.Component {
<label className="form-check form-check-inline">
<input
className="form-check-input"
type="checkbox"
onChange={() => {
type="radio"
onClick={() => {
this.updateOnlyGranularPermissions(permissions, {
canEdit: !appsPermissions.canEdit,
});
}}
checked={appsPermissions.canEdit}
disabled={isRoleGroup}
disabled={isRoleGroup || disableEditUpdate}
data-cy="app-create-checkbox"
/>
<span className="form-check-label" data-cy="app-create-label">
@ -577,8 +600,8 @@ class ManageGranularAccessComponent extends React.Component {
<label className="form-check form-check-inline">
<input
className="form-check-input"
type="checkbox"
onChange={() => {
type="radio"
onClick={() => {
this.updateOnlyGranularPermissions(permissions, {
canView: !appsPermissions.canView,
});

65
frontend/src/ManageGroupPermissionResourcesV2/index.jsx
View file

@ -161,7 +161,7 @@ class ManageGroupPermissionResourcesComponent extends React.Component {
errorMessage: error?.error,
showEditRoleErrorModal: true,
errorListItems: error?.data,
errorTitle: 'Cannot add this permission to the group',
errorTitle: error?.title ? error?.title : 'Cannot add this permission to the group',
errorIconName: 'lock',
});
});
@ -293,7 +293,6 @@ class ManageGroupPermissionResourcesComponent extends React.Component {
this.fetchUsersInGroup(groupPermissionId);
})
.catch(({ error }) => {
console.log(error);
this.setState({
showEditRoleErrorModal: true,
errorTitle: error?.title,
@ -390,11 +389,16 @@ class ManageGroupPermissionResourcesComponent extends React.Component {
isLoadingUsers: false,
});
changeThisComponentState = (state = {}) => {
console.log('this is changing');
this.setState(state);
};
generateSelection = (selected) => {
return selected?.map((d) => {
return (
<div className="selected-item tj-ms" key={d.value}>
<FilterPreview text={d.name} onClose={() => this.removeSelection(selected, d.value)} />
<FilterPreview text={`${d?.email}`} onClose={() => this.removeSelection(selected, d.value)} />
</div>
);
});
@ -418,8 +422,6 @@ class ManageGroupPermissionResourcesComponent extends React.Component {
}));
};
hand;
toggleAddUsersToRoleModal = () => this.setState({ isAddUsersToRoleModalOpen: !this.state.isAddUsersToRoleModalOpen });
render() {
@ -450,9 +452,13 @@ class ManageGroupPermissionResourcesComponent extends React.Component {
granularPermissions,
} = this.state;
const searchSelectClass = this.props.darkMode ? 'select-search-dark' : 'select-search';
const showPermissionInfo = isRoleGroup && (groupPermission.name === 'admin' || groupPermission.name === 'end-user');
const isBasicPlan = false;
const searchSelectClass = this.props.darkMode ? 'select-search-dark' : 'select-search';
const showPermissionInfo =
isRoleGroup && (groupPermission?.name === 'admin' || groupPermission?.name === 'end-user');
const disablePermissionUpdate =
isBasicPlan || groupPermission?.name === 'admin' || groupPermission?.name === 'end-user';
const appSelectOptions = appsNotInGroup.map((app) => {
return { name: app.name, value: app.id };
});
@ -675,12 +681,14 @@ class ManageGroupPermissionResourcesComponent extends React.Component {
Add users
</ButtonSolid>
</div>
<div className="row mt-2">
<div className="selected-section">
<div className="selected-text">Selected Users:</div>
{this.generateSelection(selectedUsers)}
{selectedUsers.length && (
<div className="row mt-2">
<div className="selected-section">
<div className="selected-text">Selected Users:</div>
{this.generateSelection(selectedUsers)}
</div>
</div>
</div>
)}
</div>
)}
<br />
@ -863,13 +871,17 @@ class ManageGroupPermissionResourcesComponent extends React.Component {
});
}}
checked={groupPermission.appCreate}
disabled={isRoleGroup}
disabled={disablePermissionUpdate}
data-cy="app-create-checkbox"
/>
<span className="form-check-label" data-cy="app-create-label">
{this.props.t('globals.create', 'Create')}
</span>
<span class={`text-muted tj-text-xxsm ${isRoleGroup && 'check-label-disable'}`}>
<span
class={`text-muted tj-text-xxsm ${
disablePermissionUpdate && 'check-label-disable'
}`}
>
Create apps in this workspace
</span>
</label>
@ -883,13 +895,17 @@ class ManageGroupPermissionResourcesComponent extends React.Component {
});
}}
checked={groupPermission.appDelete}
disabled={isRoleGroup}
disabled={disablePermissionUpdate}
data-cy="app-delete-checkbox"
/>
<span className="form-check-label" data-cy="app-delete-label">
{this.props.t('globals.delete', 'Delete')}
</span>
<span class={`text-muted tj-text-xxsm ${isRoleGroup && 'check-label-disable'}`}>
<span
class={`text-muted tj-text-xxsm ${
disablePermissionUpdate && 'check-label-disable'
}`}
>
Delete any app in this workspace
</span>
</label>
@ -916,7 +932,7 @@ class ManageGroupPermissionResourcesComponent extends React.Component {
});
}}
checked={groupPermission.folderCRUD}
disabled={isRoleGroup}
disabled={disablePermissionUpdate}
data-cy="folder-create-checkbox"
/>
<span className="form-check-label" data-cy="folder-create-label">
@ -925,7 +941,11 @@ class ManageGroupPermissionResourcesComponent extends React.Component {
'Create/Update/Delete'
)}
</span>
<span class={`text-muted tj-text-xxsm ${isRoleGroup && 'check-label-disable'}`}>
<span
class={`text-muted tj-text-xxsm ${
disablePermissionUpdate && 'check-label-disable'
}`}
>
All operations on folders
</span>
</label>
@ -948,7 +968,7 @@ class ManageGroupPermissionResourcesComponent extends React.Component {
});
}}
checked={groupPermission.orgConstantCRUD}
disabled={isRoleGroup}
disabled={disablePermissionUpdate}
data-cy="env-variable-checkbox"
/>
<span className="form-check-label" data-cy="workspace-variable-create-label">
@ -957,7 +977,11 @@ class ManageGroupPermissionResourcesComponent extends React.Component {
'Create/Update/Delete'
)}
</span>
<span class={`text-muted tj-text-xxsm ${isRoleGroup && 'check-label-disable'}`}>
<span
class={`text-muted tj-text-xxsm ${
disablePermissionUpdate && 'check-label-disable'
}`}
>
All operations on workspace constants
</span>
</label>
@ -978,6 +1002,7 @@ class ManageGroupPermissionResourcesComponent extends React.Component {
groupPermissionId={groupPermission.id}
groupPermission={groupPermission}
setErrorState={this.setErrorState}
updateParentState={this.changeThisComponentState}
/>
</aside>
</div>

5
frontend/src/ManageGroupPermissionsV2/ResourceChip.jsx
View file

@ -53,7 +53,6 @@ const GroupChipTD = ({ groups = [] }) => {
orderedArray.length > 2 && toggleAllGroupsList(e);
}}
className={cx('text-muted resource-name-cell', { 'groups-hover': orderedArray.length > 2 })}
ref={groupsListRef}
>
<div className="groups-name-container tj-text-sm font-weight-500">
{orderedArray.length === 0 ? (
@ -72,12 +71,12 @@ const GroupChipTD = ({ groups = [] }) => {
</div>
{orderedArray.length > 4 && (
<React.Fragment key={4}>
<div className="groups-name-row">
<div className="groups-name-row" ref={groupsListRef}>
<span className="group-chip">+{orderedArray.length - 4} more</span>
</div>
{showAllGroups && (
<div className="all-groups-list">
{orderedArray.slice(2).map((group, index) => renderGroupChip(group, index))}
{orderedArray.slice(4).map((group, index) => renderGroupChip(group, index))}
</div>
)}
</React.Fragment>

20
frontend/src/ManageGroupPermissionsV2/groupPermissions.theme.scss
View file

@ -236,7 +236,7 @@
text-overflow: ellipsis;
overflow: hidden;
white-space: nowrap;
max-width: 130px;
max-width: 200px;
}
}
@ -250,13 +250,13 @@
text-overflow: ellipsis;
overflow: hidden;
white-space: nowrap;
max-width: 95px;
max-width: 100px;
}
.all-groups-list {
position: absolute;
width: 100%;
top: 41px;
top: 59px;
display: flex;
flex-direction: column;
background: var(--slate1);
@ -271,6 +271,20 @@
overflow: auto;
left: 0px;
z-index: 1;
.group-chip {
padding: 2px 8px;
margin: 0;
border-radius: 6px;
background-color: var(--slate3);
color: var(--slate11);
min-height: 24px;
text-overflow: ellipsis;
overflow: hidden;
white-space: nowrap;
max-width: 200px;
}
}
}

9
frontend/src/_components/MultiSelectUser.jsx
View file

@ -35,14 +35,19 @@ function MultiSelectUser({
);
function renderCustom(props, option) {
const valuePresent = selectedValues.some((item) => item.value === option.value);
return (
<div className={`item-renderer`}>
<div>
<input
type="checkbox"
checked={selectedValues.some((item) => item.value === option.value)}
checked={valuePresent}
onClick={(e) => {
onSelect([...selectedValues, option]);
if (!valuePresent) {
onSelect([...selectedValues, option]);
} else {
onSelect([...selectedValues.filter((item) => item.value !== option.value)]);
}
}}
/>
<div className="d-flex flex-column" style={{ marginLeft: '12px' }}>

3
server/src/controllers/group_permissions.controller.v2.ts
View file

@ -183,8 +183,6 @@ export class GroupPermissionsControllerV2 {
//Check for license validation first here
// What are license validation for this
// const { groupId } = createGranularPermissionsDto;
console.log('Updating this');
console.log(granularPermissionsId);
const granularPermissions = await this.granularPermissionsService.get(granularPermissionsId);
@ -193,6 +191,7 @@ export class GroupPermissionsControllerV2 {
const group = granularPermissions.group;
validateGranularPermissionUpdateOperation(group);
return await this.granularPermissionsService.update(granularPermissionsId, {
group: group,
organizationId: group.organizationId,
updateGranularPermissionDto,
});

2
server/src/modules/seeds/seeds.module.ts
View file

@ -1,7 +1,9 @@
import { Module } from '@nestjs/common';
import { SeedsService } from '../../services/seeds.service';
import { UserResourcePermissionsModule } from '@module/user_resource_permissions/user_resource_permissions.module';
@Module({
imports: [UserResourcePermissionsModule],
providers: [SeedsService],
exports: [SeedsService],
})

1
server/src/modules/user_resource_permissions/constants/granular-permissions.constant.ts
View file

@ -39,4 +39,5 @@ export const ERROR_HANDLER = {
ADMIN_DEFAULT_GROUP_GRANULAR_PERMISSIONS: 'Cannot create granular permissions of admin group',
EDITOR_LEVEL_PERMISSIONS_NOT_ALLOWED:
'End-users can only be granted permission to view apps. If you wish to add this permission, kindly change the following users role from end-user to builder',
EDITOR_LEVEL_PERMISSION_NOT_ALLOWED_END_USER: 'Cannot assign builder level permission to end users',
};

3
server/src/modules/user_resource_permissions/interface/granular-permissions.interface.ts
View file

@ -2,6 +2,7 @@ import { AppsGroupPermissions } from 'src/entities/apps_group_permissions.entity
import { SearchParamItem } from '@helpers/db-utility/db-utility.interface';
import { CreateGranularPermissionDto, UpdateGranularPermissionDto } from '@dto/granular-permissions.dto';
import { GranularPermissions } from 'src/entities/granular_permissions.entity';
import { GroupPermissions } from 'src/entities/group_permissions.entity';
export interface AppsPermissionDeleteResourceItem {
id: string;
@ -20,6 +21,7 @@ export interface AppsGroupPermissionsActions {
export type ResourceGroupActions = AppsGroupPermissionsActions;
export interface UpdateGranularPermissionObject {
group?: GroupPermissions;
organizationId: string;
updateGranularPermissionDto: UpdateGranularPermissionDto;
}
@ -28,6 +30,7 @@ export type GranularPermissionAddResourceItems = AppsPermissionAddResourceItem[]
export type GranularPermissionDeleteResourceItems = AppsPermissionDeleteResourceItem[];
export interface UpdateResourceGroupPermissionsObject {
group?: GroupPermissions;
granularPermissions: GranularPermissions;
actions: ResourceGroupActions;
resourcesToAdd: GranularPermissionAddResourceItems;

2
server/src/modules/user_resource_permissions/services/group-permissions.utility.service.ts
View file

@ -34,8 +34,6 @@ export class GroupPermissionsUtilityService {
}
async getAddableUser(user: User, groupId: string, searchInput?: string, manager?: EntityManager) {
console.log('find addable users');
return await dbTransactionWrap(async (manager: EntityManager) => {
console.log(await addableUsersToGroupQuery(groupId, user.organizationId, manager, searchInput).getMany());

7
server/src/modules/user_resource_permissions/utility/granular-permissios.utility.ts
View file

@ -3,7 +3,7 @@ import { USER_ROLE } from '../constants/group-permissions.constant';
import { BadRequestException } from '@nestjs/common';
import { ERROR_HANDLER } from '../constants/granular-permissions.constant';
import { EntityManager, SelectQueryBuilder } from 'typeorm';
import { GranularPermissionQuerySearchParam } from '../interface/granular-permissions.interface';
import { GranularPermissionQuerySearchParam, ResourceGroupActions } from '../interface/granular-permissions.interface';
import { GranularPermissions } from 'src/entities/granular_permissions.entity';
export function validateGranularPermissionCreateOperation(group: GroupPermissions) {
@ -16,6 +16,11 @@ export function validateGranularPermissionUpdateOperation(group: GroupPermission
throw new BadRequestException(ERROR_HANDLER.ADMIN_DEFAULT_GROUP_GRANULAR_PERMISSIONS);
}
export function validateAppResourcePermissionUpdateOperation(group: GroupPermissions, actions: ResourceGroupActions) {
if (group.name === USER_ROLE.END_USER && actions.canEdit)
throw new BadRequestException(ERROR_HANDLER.EDITOR_LEVEL_PERMISSION_NOT_ALLOWED_END_USER);
}
export function getAllGranularPermissionQuery(
searchParam: GranularPermissionQuerySearchParam,
manager: EntityManager

10
server/src/modules/user_resource_permissions/utility/group-permissions.utility.ts
View file

@ -83,6 +83,9 @@ export function validateUpdateGroupOperation(
const { name } = group;
const { name: newName } = updateGroupPermissionDto;
console.log('Printing group');
console.log(group);
if (
newName &&
(Object.values(USER_ROLE).includes(newName as USER_ROLE) || group.type == GROUP_PERMISSIONS_TYPE.DEFAULT)
@ -91,8 +94,6 @@ export function validateUpdateGroupOperation(
}
if ([USER_ROLE.ADMIN, USER_ROLE.END_USER].includes(name as USER_ROLE)) {
console.log('this is running');
throw new MethodNotAllowedException(ERROR_HANDLER.NON_EDITABLE_GROUP_UPDATE);
}
}
@ -150,13 +151,14 @@ export function addableUsersToGroupQuery(
.select('groupUsers.userId')
.from(GroupUsers, 'groupUsers')
.innerJoin('groupUsers.group', 'group')
.where('(group.name = :admin OR group.id = :groupId)', { admin: USER_ROLE.ADMIN, groupId })
.where('group.id = :groupId', { groupId })
.andWhere('group.organizationId = :organizationId', { organizationId })
.getQuery();
return 'users.id NOT IN ' + subQuery;
})
.andWhere(addableUserGetOrConditions(searchInput));
.andWhere(addableUserGetOrConditions(searchInput))
.orderBy('users.createdAt', 'DESC');
return query;
}

37
server/src/services/granular_permissions.service.ts
View file

@ -24,9 +24,11 @@ import { ERROR_HANDLER } from '@module/user_resource_permissions/constants/granu
import {
getAllGranularPermissionQuery,
getGranularPermissionQuery,
validateAppResourcePermissionUpdateOperation,
} from '@module/user_resource_permissions/utility/granular-permissios.utility';
import { GroupPermissionsUtilityService } from '@module/user_resource_permissions/services/group-permissions.utility.service';
import { GroupApps } from 'src/entities/group_apps.entity';
import { GroupPermissions } from 'src/entities/group_permissions.entity';
@Injectable()
export class GranularPermissionsService {
@ -72,13 +74,14 @@ export class GranularPermissionsService {
async update(id: string, updateGranularPermissionsObj: UpdateGranularPermissionObject, manager?: EntityManager) {
return await dbTransactionWrap(async (manager: EntityManager) => {
const granularPermissions = await this.get(id, manager);
const { organizationId, updateGranularPermissionDto } = updateGranularPermissionsObj;
const { organizationId, updateGranularPermissionDto, group } = updateGranularPermissionsObj;
const { isAll, name, resourcesToAdd, resourcesToDelete, actions } = updateGranularPermissionDto;
const updateGranularPermission = {
isAll: isAll == true ? true : false,
...(name && { name }),
};
const updateResource: UpdateResourceGroupPermissionsObject = {
group,
granularPermissions,
actions,
resourcesToDelete,
@ -134,11 +137,13 @@ export class GranularPermissionsService {
granularPermissions.groupId,
manager
);
if (groupEditors.length && canEdit)
throw new BadRequestException({
message: ERROR_HANDLER.EDITOR_LEVEL_PERMISSIONS_NOT_ALLOWED,
data: groupEditors,
message: {
error: ERROR_HANDLER.EDITOR_LEVEL_PERMISSIONS_NOT_ALLOWED,
data: groupEditors.map((user) => user.email),
title: 'Cannot create permissions',
},
});
const appGRoupPermissions = await manager.save(
@ -181,7 +186,20 @@ export class GranularPermissionsService {
manager?: EntityManager
) {
return await dbTransactionWrap(async (manager: EntityManager) => {
const { granularPermissions, actions, resourcesToDelete, resourcesToAdd } = UpdateResourceGroupPermissionsObject;
const {
granularPermissions,
actions,
resourcesToDelete,
resourcesToAdd,
group: permissionGroup,
} = UpdateResourceGroupPermissionsObject;
let group: GroupPermissions;
if (permissionGroup) {
group = permissionGroup;
} else {
group = await manager.findOne(GroupPermissions, granularPermissions.groupId);
}
validateAppResourcePermissionUpdateOperation(group, actions);
const { canEdit } = actions;
const groupEditors = await this.groupPermissionsUtilityService.getRoleUsersList(
USER_ROLE.END_USER,
@ -197,8 +215,11 @@ export class GranularPermissionsService {
if (groupEditors.length && canEdit)
throw new BadRequestException({
message: ERROR_HANDLER.EDITOR_LEVEL_PERMISSIONS_NOT_ALLOWED,
data: groupEditors,
message: {
error: ERROR_HANDLER.EDITOR_LEVEL_PERMISSIONS_NOT_ALLOWED,
data: groupEditors.map((user) => user.email),
title: 'Cannot update permissions',
},
});
const appsGroupPermissions = await manager.findOne(AppsGroupPermissions, {
where: {
@ -207,6 +228,8 @@ export class GranularPermissionsService {
});
if (actions) {
if (actions.canEdit) actions.canView = false;
else if (actions.canView) actions.canEdit = false;
await manager.update(AppsGroupPermissions, appsGroupPermissions.id, actions);
}
if (resourcesToDelete?.length) {

29
server/src/services/group_permissions.service.v2.ts
View file

@ -24,6 +24,7 @@ import {
validateUpdateGroupOperation,
} from '@module/user_resource_permissions/utility/group-permissions.utility';
import { GroupPermissionsUtilityService } from '@module/user_resource_permissions/services/group-permissions.utility.service';
import { ResourceType } from '@module/user_resource_permissions/constants/granular-permissions.constant';
@Injectable()
export class GroupPermissionsServiceV2 {
@ -100,6 +101,7 @@ export class GroupPermissionsServiceV2 {
message: {
error: ERROR_HANDLER.UPDATE_EDITABLE_PERMISSION_END_USER_GROUP,
data: getEndUsersList?.map((user) => user.email),
title: 'Cannot add this permissions to the group',
},
});
}
@ -158,20 +160,23 @@ export class GroupPermissionsServiceV2 {
async addGroupUsers(addGroupUserDto: AddGroupUserDto, organizationId: string, manager?: EntityManager) {
const { userIds, groupId } = addGroupUserDto;
const group = await this.getGroup(groupId);
validateAddGroupUserOperation(group);
return await dbTransactionWrap(async (manager: EntityManager) => {
const group = await this.getGroup(groupId, manager);
const granularPermission = await this.granularPermissionsService.getAll({ groupId: group.id }, manager);
validateAddGroupUserOperation(group);
return await Promise.all(
userIds.map(async (userId) => {
return await dbTransactionWrap(async (manager: EntityManager) => {
return await Promise.all(
userIds.map(async (userId) => {
const user = await getUserDetailQuery(userId, organizationId, manager).getOne();
if (!user) throw new BadRequestException(ERROR_HANDLER.ADD_GROUP_USER_NON_EXISTING_USER);
const role = await this.groupPermissionsUtilityService.getUserRole(userId, organizationId, manager);
const editPermissionsPresent = Object.values(group).some(
(value) => typeof value === 'boolean' && value === true
);
//NEED TO CHECK FOR EDITOR LEVEL PERMISSION IN GRANULAR PERMISSIONS
const editPermissionsPresent =
Object.values(group).some((value) => typeof value === 'boolean' && value === true) ||
granularPermission.some((value) => {
return value.type === ResourceType.APP && value.appsGroupPermissions.canEdit;
});
if (editPermissionsPresent && role.name == USER_ROLE.END_USER) {
throw new MethodNotAllowedException({
message: {
@ -182,8 +187,8 @@ export class GroupPermissionsServiceV2 {
}
return await this.createGroupUser(user, group, manager);
}, manager);
})
);
})
);
}, manager);
}
}

59
server/src/services/seeds.service.ts
View file

@ -3,15 +3,15 @@ import { EntityManager } from 'typeorm/entity-manager/EntityManager';
import { User } from '../entities/user.entity';
import { Organization } from '../entities/organization.entity';
import { OrganizationUser } from '../entities/organization_user.entity';
import { GroupPermission } from 'src/entities/group_permission.entity';
import { AppEnvironment } from 'src/entities/app_environments.entity';
import { UserGroupPermission } from 'src/entities/user_group_permission.entity';
import { USER_STATUS, WORKSPACE_USER_STATUS } from 'src/helpers/user_lifecycle';
import { defaultAppEnvironments } from 'src/helpers/utils.helper';
import { UserRoleService } from './user-role.service';
import { USER_ROLE } from '@module/user_resource_permissions/constants/group-permissions.constant';
@Injectable()
export class SeedsService {
constructor(private readonly entityManager: EntityManager) {}
constructor(private readonly entityManager: EntityManager, private userRoleService: UserRoleService) {}
async perform(): Promise<void> {
await this.entityManager.transaction(async (manager) => {
@ -85,10 +85,10 @@ export class SeedsService {
await manager.save(testUserOrganization);
// Save Test user organization mapping
await this.createDefaultUserGroups(manager, user);
await this.createDefaultUserGroups(manager, user, USER_ROLE.ADMIN);
await this.createDefaultUserGroups(manager, testUser, USER_ROLE.BUILDER);
// Adding test user to group
this.addToGroup(manager, testUser);
console.log(
'Seeding complete. Use default credentials to login.\n' + 'email: dev@tooljet.io\n' + 'password: password'
@ -96,52 +96,9 @@ export class SeedsService {
});
}
async createDefaultUserGroups(manager: EntityManager, user: User): Promise<void> {
const defaultGroups = ['all_users', 'admin'];
for (const group of defaultGroups) {
await this.createGroupAndAssociateUser(group, manager, user);
}
}
async addToGroup(manager: EntityManager, user: User): Promise<void> {
const defaultGroups = ['all_users'];
for (const group of defaultGroups) {
await this.createGroupAndAssociateUser(group, manager, user);
}
}
async createGroupAndAssociateUser(group: string, manager: EntityManager, user: User): Promise<void> {
//Need to update this for new group permissions
let groupPermission = await manager.findOne(GroupPermission, {
where: { organizationId: user.organizationId, group: group },
});
if (!groupPermission) {
groupPermission = manager.create(GroupPermission, {
organizationId: user.organizationId,
group: group,
appCreate: group == 'admin',
appDelete: group == 'admin',
folderCreate: group == 'admin',
orgEnvironmentVariableCreate: group == 'admin',
orgEnvironmentVariableUpdate: group == 'admin',
orgEnvironmentVariableDelete: group == 'admin',
orgEnvironmentConstantCreate: group == 'admin',
orgEnvironmentConstantDelete: group == 'admin',
folderUpdate: group == 'admin',
folderDelete: group == 'admin',
});
//Need to update this as well
await manager.save(groupPermission);
}
const userGroupPermission = manager.create(UserGroupPermission, {
groupPermissionId: groupPermission.id,
userId: user.id,
});
//Need to update this as well
await manager.save(userGroupPermission);
async createDefaultUserGroups(manager: EntityManager, user: User, role: USER_ROLE): Promise<void> {
if (role === USER_ROLE.ADMIN) await this.userRoleService.createDefaultGroups(user.organizationId, manager);
await this.userRoleService.addUserRole({ role, userId: user.id }, user.organizationId, manager);
}
async createDefaultEnvironments(organizationId: string, manager: EntityManager) {

10
server/src/services/user-role.service.ts
View file

@ -95,9 +95,13 @@ export class UserRoleService {
if (userRole.name == USER_ROLE.ADMIN) {
const groupUsers = await this.groupPermissionsService.getAllGroupUsers(userRole.id, null, manager);
console.log(groupUsers);
if (groupUsers.length < 2) throw new BadRequestException(ERROR_HANDLER.EDITING_LAST_ADMIN_ROLE_NOT_ALLOWED);
if (groupUsers.length < 2)
throw new BadRequestException({
message: {
error: ERROR_HANDLER.EDITING_LAST_ADMIN_ROLE_NOT_ALLOWED,
title: 'Can not remove last active admin',
},
});
}
if (newRole == USER_ROLE.END_USER) {
const userCreatedApps = await manager.find(App, {