Merge pull request #11609 from Budibase/BUDI-7393/dont-allow-frontend
Guard frontend view permissions
This commit is contained in:
commit
8269dc98cd
|
@ -5,6 +5,7 @@
|
|||
|
||||
export let resourceId
|
||||
export let disabled = false
|
||||
export let requiresLicence
|
||||
|
||||
let modal
|
||||
let resourcePermissions
|
||||
|
@ -21,6 +22,7 @@
|
|||
<Modal bind:this={modal}>
|
||||
<ManageAccessModal
|
||||
{resourceId}
|
||||
{requiresLicence}
|
||||
levels={$permissions}
|
||||
permissions={resourcePermissions}
|
||||
/>
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
<script>
|
||||
import { licensing, admin } from "stores/portal"
|
||||
import ManageAccessButton from "../ManageAccessButton.svelte"
|
||||
import { getContext } from "svelte"
|
||||
|
||||
|
@ -12,6 +13,17 @@
|
|||
}
|
||||
return datasource.type === "table" ? datasource.tableId : datasource.id
|
||||
}
|
||||
|
||||
var requiresLicence
|
||||
$: {
|
||||
if ($datasource.type === "viewV2" && !$licensing.isViewPermissionsEnabled) {
|
||||
const requiredLicense = $admin?.cloud ? "Premium" : "Business"
|
||||
requiresLicence = {
|
||||
tier: requiredLicense,
|
||||
message: `A ${requiredLicense} subscription is required to specify access level roles for this view.`,
|
||||
}
|
||||
}
|
||||
}
|
||||
</script>
|
||||
|
||||
<ManageAccessButton {resourceId} />
|
||||
<ManageAccessButton {resourceId} {requiresLicence} />
|
||||
|
|
|
@ -7,11 +7,14 @@
|
|||
notifications,
|
||||
Body,
|
||||
ModalContent,
|
||||
Tags,
|
||||
Tag,
|
||||
} from "@budibase/bbui"
|
||||
import { capitalise } from "helpers"
|
||||
|
||||
export let resourceId
|
||||
export let permissions
|
||||
export let requiresLicence
|
||||
|
||||
async function changePermission(level, role) {
|
||||
try {
|
||||
|
@ -30,22 +33,36 @@
|
|||
}
|
||||
</script>
|
||||
|
||||
<ModalContent title="Manage Access" showCancelButton={false} confirmText="Done">
|
||||
<Body size="S">Specify the minimum access level role for this data.</Body>
|
||||
<div class="row">
|
||||
<Label extraSmall grey>Level</Label>
|
||||
<Label extraSmall grey>Role</Label>
|
||||
{#each Object.keys(permissions) as level}
|
||||
<Input value={capitalise(level)} disabled />
|
||||
<Select
|
||||
value={permissions[level]}
|
||||
on:change={e => changePermission(level, e.detail)}
|
||||
options={$roles}
|
||||
getOptionLabel={x => x.name}
|
||||
getOptionValue={x => x._id}
|
||||
/>
|
||||
{/each}
|
||||
</div>
|
||||
<ModalContent showCancelButton={false} confirmText="Done">
|
||||
<span slot="header">
|
||||
Manage Access
|
||||
{#if requiresLicence}
|
||||
<span class="lock-tag">
|
||||
<Tags>
|
||||
<Tag icon="LockClosed">{requiresLicence.tier}</Tag>
|
||||
</Tags>
|
||||
</span>
|
||||
{/if}
|
||||
</span>
|
||||
{#if requiresLicence}
|
||||
<Body size="S">{requiresLicence.message}</Body>
|
||||
{:else}
|
||||
<Body size="S">Specify the minimum access level role for this data.</Body>
|
||||
<div class="row">
|
||||
<Label extraSmall grey>Level</Label>
|
||||
<Label extraSmall grey>Role</Label>
|
||||
{#each Object.keys(permissions) as level}
|
||||
<Input value={capitalise(level)} disabled />
|
||||
<Select
|
||||
value={permissions[level]}
|
||||
on:change={e => changePermission(level, e.detail)}
|
||||
options={$roles}
|
||||
getOptionLabel={x => x.name}
|
||||
getOptionValue={x => x._id}
|
||||
/>
|
||||
{/each}
|
||||
</div>
|
||||
{/if}
|
||||
</ModalContent>
|
||||
|
||||
<style>
|
||||
|
@ -54,4 +71,8 @@
|
|||
grid-template-columns: 1fr 1fr;
|
||||
grid-gap: var(--spacing-s);
|
||||
}
|
||||
|
||||
.lock-tag {
|
||||
padding-left: var(--spacing-s);
|
||||
}
|
||||
</style>
|
||||
|
|
|
@ -125,6 +125,9 @@ export const createLicensingStore = () => {
|
|||
const syncAutomationsEnabled = license.features.includes(
|
||||
Constants.Features.SYNC_AUTOMATIONS
|
||||
)
|
||||
const isViewPermissionsEnabled = license.features.includes(
|
||||
Constants.Features.VIEW_PERMISSIONS
|
||||
)
|
||||
store.update(state => {
|
||||
return {
|
||||
...state,
|
||||
|
@ -140,6 +143,7 @@ export const createLicensingStore = () => {
|
|||
auditLogsEnabled,
|
||||
enforceableSSO,
|
||||
syncAutomationsEnabled,
|
||||
isViewPermissionsEnabled,
|
||||
}
|
||||
})
|
||||
},
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
* Operator options for lucene queries
|
||||
*/
|
||||
export { OperatorOptions, SqlNumberTypeRangeMap } from "@budibase/shared-core"
|
||||
export { Feature as Features } from "@budibase/types"
|
||||
|
||||
// Cookie names
|
||||
export const Cookies = {
|
||||
|
@ -62,17 +63,6 @@ export const PlanType = {
|
|||
*/
|
||||
export const ApiVersion = "1"
|
||||
|
||||
export const Features = {
|
||||
USER_GROUPS: "userGroups",
|
||||
BACKUPS: "appBackups",
|
||||
ENVIRONMENT_VARIABLES: "environmentVariables",
|
||||
AUDIT_LOGS: "auditLogs",
|
||||
ENFORCEABLE_SSO: "enforceableSSO",
|
||||
BRANDING: "branding",
|
||||
SCIM: "scim",
|
||||
SYNC_AUTOMATIONS: "syncAutomations",
|
||||
}
|
||||
|
||||
// Role IDs
|
||||
export const Roles = {
|
||||
ADMIN: "ADMIN",
|
||||
|
|
|
@ -12,7 +12,7 @@ export enum Feature {
|
|||
APP_BUILDERS = "appBuilders",
|
||||
OFFLINE = "offline",
|
||||
USER_ROLE_PUBLIC_API = "userRolePublicApi",
|
||||
VIEW_PERMISSIONS = "viewPermission",
|
||||
VIEW_PERMISSIONS = "viewPermissions",
|
||||
}
|
||||
|
||||
export type PlanFeatures = { [key in PlanType]: Feature[] | undefined }
|
||||
|
|
Loading…
Reference in New Issue