Elgato_dark/ToolJet
1
0
Fork 0
mirror of https://github.com/ToolJet/ToolJet synced 2026-04-21 13:37:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
ToolJet/server/src/modules/organizations/ability/index.ts
Muhsin Shah C P 958cbd1d02
[improvement] Default workspace (#12834) 
* Added set-default API

* Setting default workspace for super-admin onboarding

* Seperated the migrations

* Added nestjs init

* removed nestjs init

* Added: default workspace case to signup

* Fixed: instance signup

* Fixed: existed non-active user instance signup

* Added: SSO default workspace support

* Added: Default workspace chooser

* Moved some scss changes to ee folder

* Added: disable workspace default organization check

* updated the migration

* Fixing .env issue

* Removed the logs

* Remove personal workspace check from enable signup

* Fixing sign-in cases

* Fixing workspace invited user's instance signup cases

* Fixing sso workspace invited user's instance signup cases

* fixing the workspace signup issue

* Adding ee server and frontend file

* Adding ee server and frontend file

* Adding active check

* Added query fix for the migration

* Added migration logic fix

* Removed/Commented the ENABLE_ONBOARDING_QUESTIONS_FOR_ALL_SIGN_UPS env support from EE and CE

* Adding server and frontend files

* Added frontend file

* Bump version
2025-05-14 16:06:52 +05:30

50 lines
2 KiB
TypeScript
Raw Blame History

import { Injectable } from '@nestjs/common';
import { Ability, AbilityBuilder, InferSubjects } from '@casl/ability';
import { AbilityFactory } from '@modules/app/ability-factory';
import { UserAllPermissions } from '@modules/app/types';
import { FEATURE_KEY } from '../constants';
import { Organization } from '@entities/organization.entity';
import { InstanceSettingsUtilService } from '@modules/instance-settings/util.service';
import { AbilityService } from '@modules/ability/interfaces/IService';
import { INSTANCE_USER_SETTINGS } from '@modules/instance-settings/constants';
type Subjects = InferSubjects<typeof Organization> | 'all';
export type OrganizationAbility = Ability<[FEATURE_KEY, Subjects]>;
@Injectable()
export class FeatureAbilityFactory extends AbilityFactory<FEATURE_KEY, Subjects> {
constructor(
protected readonly instanceSettingsUtilService: InstanceSettingsUtilService,
protected readonly abilityService: AbilityService
) {
super(abilityService);
}
protected getSubjectType() {
return Organization;
}
protected async defineAbilityFor(
can: AbilityBuilder<OrganizationAbility>['can'],
UserAllPermissions: UserAllPermissions
): Promise<void> {
const isPersonalWorkspaceAllowed =
(await this.instanceSettingsUtilService.getSettings(INSTANCE_USER_SETTINGS.ALLOW_PERSONAL_WORKSPACE)) === 'true';
const { superAdmin, isAdmin } = UserAllPermissions;
// Organization listing is available to all
can(FEATURE_KEY.GET, Organization);
if (isPersonalWorkspaceAllowed || superAdmin) {
// Create is available for all users, controlled by guards
can([FEATURE_KEY.CREATE, FEATURE_KEY.CHECK_UNIQUE], Organization);
}
if (isAdmin || superAdmin) {
// Admin or super admin can do all operations
can([FEATURE_KEY.UPDATE, FEATURE_KEY.GET, FEATURE_KEY.CHECK_UNIQUE], Organization);
}
if (superAdmin) {
can([FEATURE_KEY.WORKSPACE_STATUS_UPDATE, FEATURE_KEY.SET_DEFAULT], Organization);
}
}
}
Reference in a new issue View git blame Copy permalink