From 0d76f5ce22a0a141fcb9302bbf93e0f0e12c20d2 Mon Sep 17 00:00:00 2001 From: Rory Powell Date: Tue, 12 Oct 2021 10:05:57 +0100 Subject: [PATCH 1/2] No access role / public by default --- .../src/pages/builder/apps/index.svelte | 10 ++++-- .../portal/manage/users/[userId].svelte | 33 +++++++++++++++-- .../users/_components/UpdateRolesModal.svelte | 36 +++++++++++++------ packages/server/src/middleware/currentapp.js | 2 +- packages/server/src/utilities/global.js | 2 +- 5 files changed, 67 insertions(+), 16 deletions(-) diff --git a/packages/builder/src/pages/builder/apps/index.svelte b/packages/builder/src/pages/builder/apps/index.svelte index e1148fd859..1639e3390f 100644 --- a/packages/builder/src/pages/builder/apps/index.svelte +++ b/packages/builder/src/pages/builder/apps/index.svelte @@ -34,6 +34,12 @@ const publishedAppsOnly = app => app.status === AppStatus.DEPLOYED $: publishedApps = $apps.filter(publishedAppsOnly) + + $: userApps = $auth.user?.builder?.global + ? publishedApps + : publishedApps.filter(app => + Object.keys($auth.user?.roles).includes(app.prodId) + ) {#if $auth.user && loaded} @@ -82,11 +88,11 @@ - {#if publishedApps.length} + {#if userApps.length} Apps
- {#each publishedApps as app, idx (app.appId)} + {#each userApps as app, idx (app.appId)}
diff --git a/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte b/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte index 0a8555cfad..549d0e4334 100644 --- a/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte +++ b/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte @@ -34,9 +34,13 @@ role: {}, } - $: defaultRoleId = $userFetch?.data?.builder?.global ? "ADMIN" : "BASIC" + const noRoleSchema = { + name: { displayName: "App" }, + } + + $: defaultRoleId = $userFetch?.data?.builder?.global ? "ADMIN" : "" // Merge the Apps list and the roles response to get something that makes sense for the table - $: appList = Object.keys($apps?.data).map(id => { + $: allAppList = Object.keys($apps?.data).map(id => { const roleId = $userFetch?.data?.roles?.[id] || defaultRoleId const role = $apps?.data?.[id].roles.find(role => role._id === roleId) return { @@ -45,6 +49,15 @@ role: [role], } }) + + $: appList = allAppList.filter(app => !!app.role[0]) + $: noRoleAppList = allAppList + .filter(app => !app.role[0]) + .map(app => { + delete app.role + return app + }) + let selectedApp const userFetch = fetchData(`/api/global/users/${userId}`) @@ -173,6 +186,7 @@ Configure roles + Specify a role to grant access to an app. + + No Access + Apps do not appear in the users portal. Public pages may still be viewed + if visited directly. +
+ Delete user diff --git a/packages/builder/src/pages/builder/portal/manage/users/_components/UpdateRolesModal.svelte b/packages/builder/src/pages/builder/portal/manage/users/_components/UpdateRolesModal.svelte index 8d139a7d66..bd0f6b5b30 100644 --- a/packages/builder/src/pages/builder/portal/manage/users/_components/UpdateRolesModal.svelte +++ b/packages/builder/src/pages/builder/portal/manage/users/_components/UpdateRolesModal.svelte @@ -6,22 +6,38 @@ export let app export let user + const NO_ACCESS = "NO_ACCESS" + const dispatch = createEventDispatcher() const roles = app.roles - let options = roles - .filter(role => role._id !== "PUBLIC") - .map(role => ({ value: role._id, label: role.name })) + let options = roles.map(role => ({ value: role._id, label: role.name })) + options.push({ value: NO_ACCESS, label: "No Access" }) let selectedRole = user?.roles?.[app?._id] async function updateUserRoles() { - const res = await users.save({ - ...user, - roles: { - ...user.roles, - [app._id]: selectedRole, - }, - }) + let res + if (selectedRole === NO_ACCESS) { + // remove the user role + const filteredRoles = { ...user.roles } + delete filteredRoles[app?._id] + res = await users.save({ + ...user, + roles: { + ...filteredRoles, + }, + }) + } else { + // add the user role + res = await users.save({ + ...user, + roles: { + ...user.roles, + [app._id]: selectedRole, + }, + }) + } + if (res.status === 400) { notifications.error("Failed to update role") } else { diff --git a/packages/server/src/middleware/currentapp.js b/packages/server/src/middleware/currentapp.js index 062c35a6ca..4684bb5bae 100644 --- a/packages/server/src/middleware/currentapp.js +++ b/packages/server/src/middleware/currentapp.js @@ -45,7 +45,7 @@ module.exports = async (ctx, next) => { const globalUser = await getCachedSelf(ctx, requestAppId) appId = requestAppId // retrieving global user gets the right role - roleId = globalUser.roleId || BUILTIN_ROLE_IDS.BASIC + roleId = globalUser.roleId } // nothing more to do diff --git a/packages/server/src/utilities/global.js b/packages/server/src/utilities/global.js index 3637c11eea..4b9bbcba8c 100644 --- a/packages/server/src/utilities/global.js +++ b/packages/server/src/utilities/global.js @@ -26,7 +26,7 @@ exports.updateAppRole = (appId, user) => { if (!user.roleId && user.builder && user.builder.global) { user.roleId = BUILTIN_ROLE_IDS.ADMIN } else if (!user.roleId) { - user.roleId = BUILTIN_ROLE_IDS.BASIC + user.roleId = BUILTIN_ROLE_IDS.PUBLIC } delete user.roles return user From fc8164425571275685238f9bbe004f639d427620 Mon Sep 17 00:00:00 2001 From: Rory Powell Date: Tue, 12 Oct 2021 14:03:47 +0100 Subject: [PATCH 2/2] Fix unit tests --- packages/server/src/middleware/currentapp.js | 2 +- packages/server/src/middleware/tests/currentapp.spec.js | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/server/src/middleware/currentapp.js b/packages/server/src/middleware/currentapp.js index 4684bb5bae..a39d2eba0a 100644 --- a/packages/server/src/middleware/currentapp.js +++ b/packages/server/src/middleware/currentapp.js @@ -45,7 +45,7 @@ module.exports = async (ctx, next) => { const globalUser = await getCachedSelf(ctx, requestAppId) appId = requestAppId // retrieving global user gets the right role - roleId = globalUser.roleId + roleId = globalUser.roleId || roleId } // nothing more to do diff --git a/packages/server/src/middleware/tests/currentapp.spec.js b/packages/server/src/middleware/tests/currentapp.spec.js index 7bdaa929d1..d288320aea 100644 --- a/packages/server/src/middleware/tests/currentapp.spec.js +++ b/packages/server/src/middleware/tests/currentapp.spec.js @@ -127,8 +127,8 @@ describe("Current app middleware", () => { } else { expect(cookieFn).not.toHaveBeenCalled() } - expect(config.ctx.roleId).toEqual("BASIC") - expect(config.ctx.user.role._id).toEqual("BASIC") + expect(config.ctx.roleId).toEqual("PUBLIC") + expect(config.ctx.user.role._id).toEqual("PUBLIC") expect(config.ctx.appId).toEqual("app_test") expect(config.next).toHaveBeenCalled() } @@ -163,7 +163,7 @@ describe("Current app middleware", () => { return "app_test" }, setCookie: jest.fn(), - getCookie: () => ({appId: "app_test", roleId: "BASIC"}), + getCookie: () => ({appId: "app_test", roleId: "PUBLIC"}), }, constants: { Cookies: {} }, }))