@adobe/helix-config 4.2.0 → 4.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +7 -0
- package/package.json +1 -1
- package/src/config-view.js +26 -7
package/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,10 @@
|
|
|
1
|
+
# [4.3.0](https://github.com/adobe/helix-config/compare/v4.2.0...v4.3.0) (2024-08-20)
|
|
2
|
+
|
|
3
|
+
|
|
4
|
+
### Features
|
|
5
|
+
|
|
6
|
+
* include org users in admin access config ([#173](https://github.com/adobe/helix-config/issues/173)) ([427d254](https://github.com/adobe/helix-config/commit/427d254e39b701529cdcd915469cbaa414e0afa7)), closes [#167](https://github.com/adobe/helix-config/issues/167)
|
|
7
|
+
|
|
1
8
|
# [4.2.0](https://github.com/adobe/helix-config/compare/v4.1.1...v4.2.0) (2024-08-19)
|
|
2
9
|
|
|
3
10
|
|
package/package.json
CHANGED
package/src/config-view.js
CHANGED
|
@@ -331,13 +331,11 @@ function resolveGroup(groups, name) {
|
|
|
331
331
|
* @param admin
|
|
332
332
|
* @param configGroups
|
|
333
333
|
* @param orgGroups
|
|
334
|
+
* @param orgUsers
|
|
334
335
|
*/
|
|
335
|
-
function computeSiteAdminRoles(admin, configGroups = {}, orgGroups = {}) {
|
|
336
|
-
if (!admin.role) {
|
|
337
|
-
return admin;
|
|
338
|
-
}
|
|
336
|
+
function computeSiteAdminRoles(admin, configGroups = {}, orgGroups = {}, orgUsers = []) {
|
|
339
337
|
const roles = {};
|
|
340
|
-
for (const [roleName, role] of Object.entries(admin.role)) {
|
|
338
|
+
for (const [roleName, role] of Object.entries(admin.role ?? {})) {
|
|
341
339
|
const users = new Set();
|
|
342
340
|
for (const /* @type string */ entry of role) {
|
|
343
341
|
if (entry.indexOf('@') > 0) {
|
|
@@ -354,10 +352,30 @@ function computeSiteAdminRoles(admin, configGroups = {}, orgGroups = {}) {
|
|
|
354
352
|
}
|
|
355
353
|
roles[roleName] = Array.from(users);
|
|
356
354
|
}
|
|
357
|
-
|
|
355
|
+
// add org users
|
|
356
|
+
const hasRoles = Object.keys(roles).length > 0;
|
|
357
|
+
let hasOrgUsers = false;
|
|
358
|
+
for (const user of orgUsers) {
|
|
359
|
+
for (const role of user.roles) {
|
|
360
|
+
if (!(role in roles)) {
|
|
361
|
+
roles[role] = [];
|
|
362
|
+
}
|
|
363
|
+
if (!roles[role].includes(user.email)) {
|
|
364
|
+
roles[role].push(user.email);
|
|
365
|
+
hasOrgUsers = true;
|
|
366
|
+
}
|
|
367
|
+
}
|
|
368
|
+
}
|
|
369
|
+
|
|
370
|
+
const ret = {
|
|
358
371
|
...admin,
|
|
359
372
|
role: roles,
|
|
360
373
|
};
|
|
374
|
+
// if there are only roles from the org, ensure that they don't enforce auth
|
|
375
|
+
if (hasOrgUsers && !hasRoles && (!admin.requireAuth || admin.requireAuth === 'auto')) {
|
|
376
|
+
ret.requireAuth = false;
|
|
377
|
+
}
|
|
378
|
+
return ret;
|
|
361
379
|
}
|
|
362
380
|
|
|
363
381
|
export async function getConfigResponse(ctx, opts) {
|
|
@@ -402,7 +420,8 @@ export async function getConfigResponse(ctx, opts) {
|
|
|
402
420
|
// access.require.repository ?
|
|
403
421
|
};
|
|
404
422
|
if (opts.scope === SCOPE_ADMIN || opts.scope === SCOPE_RAW) {
|
|
405
|
-
|
|
423
|
+
// eslint-disable-next-line max-len
|
|
424
|
+
config.access.admin = computeSiteAdminRoles(admin, config.groups, orgConfig?.groups, orgConfig?.users);
|
|
406
425
|
}
|
|
407
426
|
}
|
|
408
427
|
|