Elgato_dark/ToolJet
1
0
Fork 0
mirror of https://github.com/ToolJet/ToolJet synced 2026-05-23 00:48:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

Merge pull request #12166 from ToolJet/permisssion-fixes

Browse source 
View App Permission Fix
This commit is contained in:
Muhsin Shah C P 2025-03-10 11:27:51 +05:30 committed by GitHub
commit 94594463d4
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 16 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
server/src/modules/apps/ability/index.ts
View file

@ -15,7 +15,13 @@ export class FeatureAbilityFactory extends AbilityFactory<FEATURE_KEY, Subjects>
return App;
}
protected defineAbilityFor(can: AbilityBuilder<FeatureAbility>['can'], UserAllPermissions: UserAllPermissions): void {
protected defineAbilityFor(
can: AbilityBuilder<FeatureAbility>['can'],
UserAllPermissions: UserAllPermissions,
extractedMetadata: { moduleName: string; features: string[] },
request?: any
): void {
const appId = request?.tj_resource_id;
const { superAdmin, isAdmin, userPermission } = UserAllPermissions;
const userAppPermissions = userPermission?.[MODULES.APP];
@ -51,7 +57,10 @@ export class FeatureAbilityFactory extends AbilityFactory<FEATURE_KEY, Subjects>
can(FEATURE_KEY.CREATE, App);
}
if (isAllAppsEditable) {
if (
isAllAppsEditable ||
(userAppPermissions?.editableAppsId?.length && appId && userAppPermissions.editableAppsId.includes(appId))
) {
can(
[
FEATURE_KEY.UPDATE,
@ -70,35 +79,14 @@ export class FeatureAbilityFactory extends AbilityFactory<FEATURE_KEY, Subjects>
can(FEATURE_KEY.DELETE, App);
}
return;
} else if (userAppPermissions?.editableAppsId?.length) {
can(
[
FEATURE_KEY.DELETE,
FEATURE_KEY.UPDATE_ICON,
FEATURE_KEY.GET_ONE,
FEATURE_KEY.GET_BY_SLUG,
FEATURE_KEY.RELEASE,
FEATURE_KEY.VALIDATE_PRIVATE_APP_ACCESS,
FEATURE_KEY.VALIDATE_RELEASED_APP_ACCESS,
FEATURE_KEY.UPDATE,
FEATURE_KEY.GET_ASSOCIATED_TABLES,
],
App,
{ id: { $in: userAppPermissions.editableAppsId } }
);
if (isAllAppsDeletable) {
// Gives delete permission only for editable apps
can(FEATURE_KEY.DELETE, App, { id: { $in: userAppPermissions.editableAppsId } });
}
}
if (isAllAppsViewable) {
// add view permissions for all apps
if (
isAllAppsViewable ||
(userAppPermissions?.viewableAppsId?.length && appId && userAppPermissions.viewableAppsId.includes(appId))
) {
// add view permissions for all apps or specific app
can([FEATURE_KEY.GET_ONE, FEATURE_KEY.GET_BY_SLUG, FEATURE_KEY.VALIDATE_RELEASED_APP_ACCESS], App);
} else if (userAppPermissions?.viewableAppsId?.length) {
can([FEATURE_KEY.GET_ONE, FEATURE_KEY.GET_BY_SLUG, FEATURE_KEY.VALIDATE_RELEASED_APP_ACCESS], App, {
id: { $in: userAppPermissions.viewableAppsId },
});
}
}
}