Merge branch 'master' into v3-ui

This commit is contained in:
Adria Navarro 2024-10-29 12:52:13 +01:00 committed by GitHub
commit 3f006550d9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 20 additions and 11 deletions

View File

@ -237,7 +237,10 @@ export function validInherits(
export function builtinRoleToNumber(id: string) {
const builtins = getBuiltinRoles()
const MAX = Object.values(builtins).length + 1
if (id === BUILTIN_IDS.ADMIN || id === BUILTIN_IDS.BUILDER) {
if (
compareRoleIds(id, BUILTIN_IDS.ADMIN) ||
compareRoleIds(id, BUILTIN_IDS.BUILDER)
) {
return MAX
}
let role = builtins[id],
@ -274,7 +277,9 @@ export async function roleToNumber(id: string) {
// find the built-in roles, get their number, sort it, then get the last one
const highestBuiltin: number | undefined = role.inherits
.map(roleId => {
const foundRole = hierarchy.find(role => role._id === roleId)
const foundRole = hierarchy.find(role =>
compareRoleIds(role._id!, roleId)
)
if (foundRole) {
return findNumber(foundRole) + 1
}
@ -398,7 +403,7 @@ async function getAllUserRoles(
): Promise<RoleDoc[]> {
const allRoles = await getAllRoles()
// admins have access to all roles
if (userRoleId === BUILTIN_IDS.ADMIN) {
if (compareRoleIds(userRoleId, BUILTIN_IDS.ADMIN)) {
return allRoles
}
@ -509,17 +514,21 @@ export async function getAllRoles(appId?: string): Promise<RoleDoc[]> {
// need to combine builtin with any DB record of them (for sake of permissions)
for (let builtinRoleId of externalBuiltinRoles) {
const builtinRole = builtinRoles[builtinRoleId]
const dbBuiltin = roles.filter(
dbRole =>
getExternalRoleID(dbRole._id!, dbRole.version) === builtinRoleId
const dbBuiltin = roles.filter(dbRole =>
compareRoleIds(dbRole._id!, builtinRoleId)
)[0]
if (dbBuiltin == null) {
roles.push(builtinRole || builtinRoles.BASIC)
} else {
// remove role and all back after combining with the builtin
roles = roles.filter(role => role._id !== dbBuiltin._id)
dbBuiltin._id = getExternalRoleID(dbBuiltin._id!, dbBuiltin.version)
roles.push(Object.assign(builtinRole, dbBuiltin))
dbBuiltin._id = getExternalRoleID(builtinRole._id!, dbBuiltin.version)
roles.push({
...builtinRole,
...dbBuiltin,
name: builtinRole.name,
_id: getExternalRoleID(builtinRole._id!, builtinRole.version),
})
}
}
// check permissions
@ -565,9 +574,9 @@ export class AccessController {
if (
tryingRoleId == null ||
tryingRoleId === "" ||
tryingRoleId === userRoleId ||
tryingRoleId === BUILTIN_IDS.BUILDER ||
userRoleId === BUILTIN_IDS.BUILDER
compareRoleIds(tryingRoleId, BUILTIN_IDS.BUILDER) ||
compareRoleIds(userRoleId!, tryingRoleId) ||
compareRoleIds(userRoleId!, BUILTIN_IDS.BUILDER)
) {
return true
}