sinvo/docmost
1
0
Fork 0
mirror of https://github.com/docmost/docmost.git synced 2026-05-22 01:32:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring

Browse Source 
* Refactor workspace membership system
* Create setup endpoint
* Use Passport.js
* Several updates and fixes
This commit is contained in:
Philipinho
2024-03-16 22:58:12 +00:00
parent b42fe48e9b
commit a821e37028
87 changed files with 2703 additions and 2307 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/server/src/core/casl/abilities/casl-ability.factory.ts
+8 -9
View File
@@ -9,9 +9,8 @@ import {
import { User } from '../../user/entities/user.entity';
import { Action } from '../ability.action';
import { Workspace } from '../../workspace/entities/workspace.entity';
import { WorkspaceUser } from '../../workspace/entities/workspace-user.entity';
import { WorkspaceInvitation } from '../../workspace/entities/workspace-invitation.entity';
import { Role } from '../../../helpers/types/permission';
import { UserRole } from '../../../helpers/types/permission';
import { Group } from '../../group/entities/group.entity';
import { GroupUser } from '../../group/entities/group-user.entity';
import { Attachment } from '../../attachment/entities/attachment.entity';
@@ -23,7 +22,6 @@ import { Comment } from '../../comment/entities/comment.entity';
export type Subjects =
| InferSubjects<
| typeof Workspace
| typeof WorkspaceUser
| typeof WorkspaceInvitation
| typeof Space
| typeof SpaceUser
@@ -34,6 +32,7 @@ export type Subjects =
| typeof Page
| typeof User
>
| 'workspaceUser'
| 'all';
export type AppAbility = MongoAbility<[Action, Subjects]>;
@@ -42,13 +41,13 @@ export default class CaslAbilityFactory {
createForWorkspace(user: User, workspace: Workspace) {
const { can, build } = new AbilityBuilder<AppAbility>(createMongoAbility);
const userRole = workspace?.workspaceUser.role;
console.log(userRole);
const userRole = user.role;
if (userRole === Role.OWNER) {
if (userRole === UserRole.OWNER || userRole === UserRole.ADMIN) {
// Workspace Users
can<any>([Action.Manage], Workspace);
can<any>([Action.Manage], WorkspaceUser);
can<any>([Action.Manage], 'workspaceUser');
can<any>([Action.Manage], WorkspaceInvitation);
// Groups
@@ -59,8 +58,8 @@ export default class CaslAbilityFactory {
can<any>([Action.Manage], Attachment);
}
if (userRole === Role.MEMBER) {
can<any>([Action.Read], WorkspaceUser);
if (userRole === UserRole.MEMBER) {
// can<any>([Action.Read], WorkspaceUser);
// Groups
can<any>([Action.Read], Group);
apps/server/src/core/casl/guards/policies.guard.ts
+2 -2
View File
@@ -21,8 +21,8 @@ export class PoliciesGuard implements CanActivate {
) || [];
const request = context.switchToHttp().getRequest();
const user = request['user'].user;
const workspace = request['user'].workspace;
const user = request.user.user;
const workspace = request.user.workspace;
const ability = this.caslAbilityFactory.createForWorkspace(user, workspace);