jazzymc/homarr
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat: add integration access settings (#725)

Browse Source 
* feat: add integration access settings

* fix: typecheck and test issues

* fix: test timeout

* chore: address pull request feedback

* chore: add throw if action forbidden for integration permissions

* fix: unable to create new migrations because of duplicate prevId in sqlite snapshots

* chore: add sqlite migration for integration permissions

* test: add unit tests for integration access

* test: add permission checks to integration router tests

* test: add unit test for integration permissions

* chore: add mysql migration

* fix: format issues
This commit is contained in:
Meier Lukas
2024-07-08 00:00:37 +02:00
committed by GitHub
parent be711149f7
commit 408cdeb5c3
50 changed files with 4392 additions and 615 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
packages/auth/permissions/board-permissions.ts
View File

@@ -1,5 +1,7 @@
import type { Session } from "next-auth";
import type { BoardPermission } from "@homarr/definitions";
export type BoardPermissionsProps = (
| {
creator: {
@@ -11,10 +13,10 @@ export type BoardPermissionsProps = (
}
) & {
userPermissions: {
permission: string;
permission: BoardPermission;
}[];
groupPermissions: {
permission: string;
permission: BoardPermission;
}[];
isPublic: boolean;
};
@@ -23,11 +25,11 @@ export const constructBoardPermissions = (board: BoardPermissionsProps, session:
const creatorId = "creator" in board ? board.creator?.id : board.creatorId;
return {
hasFullAccess: session?.user.id === creatorId || session?.user.permissions.includes("board-full-access"),
hasFullAccess: session?.user.id === creatorId || session?.user.permissions.includes("board-full-all"),
hasChangeAccess:
session?.user.id === creatorId ||
board.userPermissions.some(({ permission }) => permission === "board-change") ||
board.groupPermissions.some(({ permission }) => permission === "board-change") ||
board.userPermissions.some(({ permission }) => permission === "modify") ||
board.groupPermissions.some(({ permission }) => permission === "modify") ||
session?.user.permissions.includes("board-modify-all"),
hasViewAccess:
session?.user.id === creatorId ||