sinvo/docmost
1
0
Fork 0
mirror of https://github.com/docmost/docmost.git synced 2026-05-07 06:23:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Philipinho
2026-03-02 22:09:57 +00:00
parent af92224e10
commit b1510cd6d7
5 changed files with 24 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/client/src/components/settings/settings-sidebar.tsx
+17 -13
View File
@@ -46,6 +46,7 @@ interface DataItem {
isCloud?: boolean; isCloud?: boolean;
isEnterprise?: boolean; isEnterprise?: boolean;
isAdmin?: boolean; isAdmin?: boolean;
isOwner?: boolean;
isSelfhosted?: boolean; isSelfhosted?: boolean;
showDisabledInNonEE?: boolean; showDisabledInNonEE?: boolean;
} }
@@ -123,8 +124,9 @@ const groupedData: DataGroup[] = [
icon: IconHistory, icon: IconHistory,
path: "/settings/audit", path: "/settings/audit",
isEnterprise: true, isEnterprise: true,
isAdmin: true, isOwner: true,
isSelfhosted: true, isSelfhosted: true,
showDisabledInNonEE: true,
}, },
], ],
}, },
@@ -145,7 +147,7 @@ export default function SettingsSidebar() {
const location = useLocation(); const location = useLocation();
const [active, setActive] = useState(location.pathname); const [active, setActive] = useState(location.pathname);
const { goBack } = useSettingsNavigation(); const { goBack } = useSettingsNavigation();
const { isAdmin } = useUserRole(); const { isAdmin, isOwner } = useUserRole();
const [workspace] = useAtom(workspaceAtom); const [workspace] = useAtom(workspaceAtom);
const [mobileSidebarOpened] = useAtom(mobileSidebarAtom); const [mobileSidebarOpened] = useAtom(mobileSidebarAtom);
const toggleMobileSidebar = useToggleSidebar(mobileSidebarAtom); const toggleMobileSidebar = useToggleSidebar(mobileSidebarAtom);
@@ -154,34 +156,36 @@ export default function SettingsSidebar() {
setActive(location.pathname); setActive(location.pathname);
}, [location.pathname]); }, [location.pathname]);
const hasRoleAccess = (item: DataItem) => {
if (item.isOwner) return isOwner;
if (item.isAdmin) return isAdmin;
return true;
};
const canShowItem = (item: DataItem) => { const canShowItem = (item: DataItem) => {
if (item.showDisabledInNonEE && item.isEnterprise) { if (item.showDisabledInNonEE && item.isEnterprise) {
// Check admin permission regardless of license if (item.isSelfhosted && isCloud()) return false;
return item.isAdmin ? isAdmin : true; return hasRoleAccess(item);
} }
if (item.isCloud && item.isEnterprise) { if (item.isCloud && item.isEnterprise) {
if (!(isCloud() || workspace?.hasLicenseKey)) return false; if (!(isCloud() || workspace?.hasLicenseKey)) return false;
return item.isAdmin ? isAdmin : true; return hasRoleAccess(item);
} }
if (item.isCloud) { if (item.isCloud) {
return isCloud() ? (item.isAdmin ? isAdmin : true) : false; return isCloud() ? hasRoleAccess(item) : false;
} }
if (item.isSelfhosted) { if (item.isSelfhosted) {
return !isCloud() ? (item.isAdmin ? isAdmin : true) : false; return !isCloud() ? hasRoleAccess(item) : false;
} }
if (item.isEnterprise) { if (item.isEnterprise) {
return workspace?.hasLicenseKey ? (item.isAdmin ? isAdmin : true) : false; return workspace?.hasLicenseKey ? hasRoleAccess(item) : false;
} }
if (item.isAdmin) { return hasRoleAccess(item);
return isAdmin;
}
return true;
}; };
const isItemDisabled = (item: DataItem) => { const isItemDisabled = (item: DataItem) => {
apps/client/src/ee/audit/pages/audit-logs.tsx
+2 -2
View File
@@ -47,7 +47,7 @@ function retentionToDays(amount: number, unit: RetentionUnit): number {
export default function AuditLogs() { export default function AuditLogs() {
const { t } = useTranslation(); const { t } = useTranslation();
const { isAdmin } = useUserRole(); const { isOwner } = useUserRole();
const { cursor, goNext, goPrev, resetCursor } = useCursorPaginate(); const { cursor, goNext, goPrev, resetCursor } = useCursorPaginate();
const [eventFilter, setEventFilter] = useState<string | null>(null); const [eventFilter, setEventFilter] = useState<string | null>(null);
@@ -86,7 +86,7 @@ export default function AuditLogs() {
const { data, isLoading } = useAuditLogsQuery(params); const { data, isLoading } = useAuditLogsQuery(params);
if (!isAdmin) { if (!isOwner) {
return null; return null;
} }
apps/server/src/core/casl/abilities/workspace-ability.factory.ts
+1
View File
@@ -41,6 +41,7 @@ function buildWorkspaceOwnerAbility() {
can(WorkspaceCaslAction.Manage, WorkspaceCaslSubject.Member); can(WorkspaceCaslAction.Manage, WorkspaceCaslSubject.Member);
can(WorkspaceCaslAction.Manage, WorkspaceCaslSubject.Attachment); can(WorkspaceCaslAction.Manage, WorkspaceCaslSubject.Attachment);
can(WorkspaceCaslAction.Manage, WorkspaceCaslSubject.API); can(WorkspaceCaslAction.Manage, WorkspaceCaslSubject.API);
can(WorkspaceCaslAction.Manage, WorkspaceCaslSubject.Audit);
return build(); return build();
} }
apps/server/src/core/casl/interfaces/workspace-ability.type.ts
+3 -1
View File
@@ -12,6 +12,7 @@ export enum WorkspaceCaslSubject {
Group = 'group', Group = 'group',
Attachment = 'attachment', Attachment = 'attachment',
API = 'api_key', API = 'api_key',
Audit = 'audit',
} }
export type IWorkspaceAbility = export type IWorkspaceAbility =
@@ -20,4 +21,5 @@ export type IWorkspaceAbility =
| [WorkspaceCaslAction, WorkspaceCaslSubject.Space] | [WorkspaceCaslAction, WorkspaceCaslSubject.Space]
| [WorkspaceCaslAction, WorkspaceCaslSubject.Group] | [WorkspaceCaslAction, WorkspaceCaslSubject.Group]
| [WorkspaceCaslAction, WorkspaceCaslSubject.Attachment] | [WorkspaceCaslAction, WorkspaceCaslSubject.Attachment]
| [WorkspaceCaslAction, WorkspaceCaslSubject.API]; | [WorkspaceCaslAction, WorkspaceCaslSubject.API]
| [WorkspaceCaslAction, WorkspaceCaslSubject.Audit];
apps/server/src/ee
+1 -1
Submodule apps/server/src/ee updated: c9f8c1983e...33a93a46af