@lightdash/common 0.1790.0 → 0.1792.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/authorization/index.d.ts +1 -0
- package/dist/cjs/authorization/index.d.ts.map +1 -1
- package/dist/cjs/authorization/index.js +1 -0
- package/dist/cjs/authorization/index.js.map +1 -1
- package/dist/cjs/authorization/scopeAbility.d.ts +5 -0
- package/dist/cjs/authorization/scopeAbility.d.ts.map +1 -0
- package/dist/cjs/authorization/scopeAbility.js +49 -0
- package/dist/cjs/authorization/scopeAbility.js.map +1 -0
- package/dist/cjs/authorization/scopeAbility.test.d.ts +2 -0
- package/dist/cjs/authorization/scopeAbility.test.d.ts.map +1 -0
- package/dist/cjs/authorization/scopeAbility.test.js +259 -0
- package/dist/cjs/authorization/scopeAbility.test.js.map +1 -0
- package/dist/cjs/authorization/types.d.ts +2 -2
- package/dist/cjs/authorization/types.d.ts.map +1 -1
- package/dist/cjs/ee/embed/index.d.ts +3 -3
- package/dist/cjs/ee/embed/index.d.ts.map +1 -1
- package/dist/cjs/ee/embed/index.js.map +1 -1
- package/dist/cjs/index.d.ts +1 -1
- package/dist/cjs/types/auth.d.ts +41 -8
- package/dist/cjs/types/auth.d.ts.map +1 -1
- package/dist/cjs/types/auth.js +11 -5
- package/dist/cjs/types/auth.js.map +1 -1
- package/dist/cjs/types/slack.d.ts +5 -8
- package/dist/cjs/types/slack.d.ts.map +1 -1
- package/dist/cjs/types/slackSettings.d.ts +1 -1
- package/dist/cjs/types/slackSettings.d.ts.map +1 -1
- package/dist/cjs/types/slackSettings.js +0 -14
- package/dist/cjs/types/slackSettings.js.map +1 -1
- package/dist/cjs/types/user.d.ts +29 -9
- package/dist/cjs/types/user.d.ts.map +1 -1
- package/dist/cjs/types/user.js.map +1 -1
- package/dist/esm/authorization/index.d.ts +1 -0
- package/dist/esm/authorization/index.d.ts.map +1 -1
- package/dist/esm/authorization/index.js +1 -0
- package/dist/esm/authorization/index.js.map +1 -1
- package/dist/esm/authorization/scopeAbility.d.ts +5 -0
- package/dist/esm/authorization/scopeAbility.d.ts.map +1 -0
- package/dist/esm/authorization/scopeAbility.js +46 -0
- package/dist/esm/authorization/scopeAbility.js.map +1 -0
- package/dist/esm/authorization/scopeAbility.test.d.ts +2 -0
- package/dist/esm/authorization/scopeAbility.test.d.ts.map +1 -0
- package/dist/esm/authorization/scopeAbility.test.js +257 -0
- package/dist/esm/authorization/scopeAbility.test.js.map +1 -0
- package/dist/esm/authorization/types.d.ts +2 -2
- package/dist/esm/authorization/types.d.ts.map +1 -1
- package/dist/esm/ee/embed/index.d.ts +3 -3
- package/dist/esm/ee/embed/index.d.ts.map +1 -1
- package/dist/esm/ee/embed/index.js.map +1 -1
- package/dist/esm/index.d.ts +1 -1
- package/dist/esm/types/auth.d.ts +41 -8
- package/dist/esm/types/auth.d.ts.map +1 -1
- package/dist/esm/types/auth.js +9 -4
- package/dist/esm/types/auth.js.map +1 -1
- package/dist/esm/types/slack.d.ts +5 -8
- package/dist/esm/types/slack.d.ts.map +1 -1
- package/dist/esm/types/slackSettings.d.ts +1 -1
- package/dist/esm/types/slackSettings.d.ts.map +1 -1
- package/dist/esm/types/slackSettings.js +1 -13
- package/dist/esm/types/slackSettings.js.map +1 -1
- package/dist/esm/types/user.d.ts +29 -9
- package/dist/esm/types/user.d.ts.map +1 -1
- package/dist/esm/types/user.js.map +1 -1
- package/dist/tsconfig.types.tsbuildinfo +1 -1
- package/dist/types/authorization/index.d.ts +1 -0
- package/dist/types/authorization/index.d.ts.map +1 -1
- package/dist/types/authorization/scopeAbility.d.ts +5 -0
- package/dist/types/authorization/scopeAbility.d.ts.map +1 -0
- package/dist/types/authorization/scopeAbility.test.d.ts +2 -0
- package/dist/types/authorization/scopeAbility.test.d.ts.map +1 -0
- package/dist/types/authorization/types.d.ts +2 -2
- package/dist/types/authorization/types.d.ts.map +1 -1
- package/dist/types/ee/embed/index.d.ts +3 -3
- package/dist/types/ee/embed/index.d.ts.map +1 -1
- package/dist/types/index.d.ts +1 -1
- package/dist/types/types/auth.d.ts +41 -8
- package/dist/types/types/auth.d.ts.map +1 -1
- package/dist/types/types/slack.d.ts +5 -8
- package/dist/types/types/slack.d.ts.map +1 -1
- package/dist/types/types/slackSettings.d.ts +1 -1
- package/dist/types/types/slackSettings.d.ts.map +1 -1
- package/dist/types/types/user.d.ts +29 -9
- package/dist/types/types/user.d.ts.map +1 -1
- package/package.json +1 -1
|
@@ -8,6 +8,7 @@ type UserAbilityBuilderArgs = {
|
|
|
8
8
|
projectProfiles: Pick<ProjectMemberProfile, 'projectUuid' | 'role' | 'userUuid'>[];
|
|
9
9
|
permissionsConfig: OrganizationMemberAbilitiesArgs['permissionsConfig'];
|
|
10
10
|
};
|
|
11
|
+
export * from './scopeAbility';
|
|
11
12
|
export * from './serviceAccountAbility';
|
|
12
13
|
export declare const getUserAbilityBuilder: ({ user, projectProfiles, permissionsConfig, }: UserAbilityBuilderArgs) => AbilityBuilder<MemberAbility>;
|
|
13
14
|
export declare const defineUserAbility: (user: Pick<LightdashUser, "role" | "organizationUuid" | "userUuid">, projectProfiles: Pick<ProjectMemberProfile, "projectUuid" | "role" | "userUuid">[]) => MemberAbility;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/authorization/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAW,cAAc,EAAE,MAAM,eAAe,CAAC;AACxD,OAAO,EAAE,KAAK,oBAAoB,EAAE,MAAM,+BAA+B,CAAC;AAC1E,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAyC,EACrC,KAAK,+BAA+B,EACvC,MAAM,6BAA6B,CAAC;AAErC,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,SAAS,CAAC;AAE7C,KAAK,sBAAsB,GAAG;IAC1B,IAAI,EAAE,IAAI,CAAC,aAAa,EAAE,MAAM,GAAG,kBAAkB,GAAG,UAAU,CAAC,CAAC;IACpE,eAAe,EAAE,IAAI,CACjB,oBAAoB,EACpB,aAAa,GAAG,MAAM,GAAG,UAAU,CACtC,EAAE,CAAC;IACJ,iBAAiB,EAAE,+BAA+B,CAAC,mBAAmB,CAAC,CAAC;CAC3E,CAAC;AAEF,cAAc,yBAAyB,CAAC;AAExC,eAAO,MAAM,qBAAqB,kDAI/B,sBAAsB,kCAoBxB,CAAC;AAGF,eAAO,MAAM,iBAAiB,SACpB,IAAI,CAAC,aAAa,EAAE,MAAM,GAAG,kBAAkB,GAAG,UAAU,CAAC,mBAClD,IAAI,CACjB,oBAAoB,EACpB,aAAa,GAAG,MAAM,GAAG,UAAU,CACtC,EAAE,KACJ,aAYF,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/authorization/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAW,cAAc,EAAE,MAAM,eAAe,CAAC;AACxD,OAAO,EAAE,KAAK,oBAAoB,EAAE,MAAM,+BAA+B,CAAC;AAC1E,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAyC,EACrC,KAAK,+BAA+B,EACvC,MAAM,6BAA6B,CAAC;AAErC,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,SAAS,CAAC;AAE7C,KAAK,sBAAsB,GAAG;IAC1B,IAAI,EAAE,IAAI,CAAC,aAAa,EAAE,MAAM,GAAG,kBAAkB,GAAG,UAAU,CAAC,CAAC;IACpE,eAAe,EAAE,IAAI,CACjB,oBAAoB,EACpB,aAAa,GAAG,MAAM,GAAG,UAAU,CACtC,EAAE,CAAC;IACJ,iBAAiB,EAAE,+BAA+B,CAAC,mBAAmB,CAAC,CAAC;CAC3E,CAAC;AAEF,cAAc,gBAAgB,CAAC;AAC/B,cAAc,yBAAyB,CAAC;AAExC,eAAO,MAAM,qBAAqB,kDAI/B,sBAAsB,kCAoBxB,CAAC;AAGF,eAAO,MAAM,iBAAiB,SACpB,IAAI,CAAC,aAAa,EAAE,MAAM,GAAG,kBAAkB,GAAG,UAAU,CAAC,mBAClD,IAAI,CACjB,oBAAoB,EACpB,aAAa,GAAG,MAAM,GAAG,UAAU,CACtC,EAAE,KACJ,aAYF,CAAC"}
|
|
@@ -5,6 +5,7 @@ const tslib_1 = require("tslib");
|
|
|
5
5
|
const ability_1 = require("@casl/ability");
|
|
6
6
|
const organizationMemberAbility_1 = tslib_1.__importDefault(require("./organizationMemberAbility"));
|
|
7
7
|
const projectMemberAbility_1 = require("./projectMemberAbility");
|
|
8
|
+
tslib_1.__exportStar(require("./scopeAbility"), exports);
|
|
8
9
|
tslib_1.__exportStar(require("./serviceAccountAbility"), exports);
|
|
9
10
|
const getUserAbilityBuilder = ({ user, projectProfiles, permissionsConfig, }) => {
|
|
10
11
|
const builder = new ability_1.AbilityBuilder(ability_1.Ability);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/authorization/index.ts"],"names":[],"mappings":";;;;AAAA,2CAAwD;AAGxD,oGAEqC;AACrC,iEAAgE;AAYhE,kEAAwC;AAEjC,MAAM,qBAAqB,GAAG,CAAC,EAClC,IAAI,EACJ,eAAe,EACf,iBAAiB,GACI,EAAE,EAAE;IACzB,MAAM,OAAO,GAAG,IAAI,wBAAc,CAAgB,iBAAO,CAAC,CAAC;IAC3D,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACrC,IAAA,mCAAgC,EAAC;YAC7B,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,MAAM,EAAE;gBACJ,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;gBACvC,QAAQ,EAAE,IAAI,CAAC,QAAQ;aAC1B;YACD,OAAO;YACP,iBAAiB;SACpB,CAAC,CAAC;QACH,eAAe,CAAC,OAAO,CAAC,CAAC,cAAc,EAAE,EAAE;YACvC,6CAAsB,CAAC,cAAc,CAAC,IAAI,CAAC,CACvC,cAAc,EACd,OAAO,CACV,CAAC;QACN,CAAC,CAAC,CAAC;IACP,CAAC;IACD,OAAO,OAAO,CAAC;AACnB,CAAC,CAAC;AAxBW,QAAA,qBAAqB,yBAwBhC;AAEF,yCAAyC;AAClC,MAAM,iBAAiB,GAAG,CAC7B,IAAmE,EACnE,eAGG,EACU,EAAE;IACf,MAAM,OAAO,GAAG,IAAA,6BAAqB,EAAC;QAClC,IAAI;QACJ,eAAe;QACf,iBAAiB,EAAE;YACf,GAAG,EAAE;gBACD,OAAO,EAAE,KAAK;gBACd,eAAe,EAAE,EAAE;aACtB;SACJ;KACJ,CAAC,CAAC;IACH,OAAO,OAAO,CAAC,KAAK,EAAE,CAAC;AAC3B,CAAC,CAAC;AAlBW,QAAA,iBAAiB,qBAkB5B"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/authorization/index.ts"],"names":[],"mappings":";;;;AAAA,2CAAwD;AAGxD,oGAEqC;AACrC,iEAAgE;AAYhE,yDAA+B;AAC/B,kEAAwC;AAEjC,MAAM,qBAAqB,GAAG,CAAC,EAClC,IAAI,EACJ,eAAe,EACf,iBAAiB,GACI,EAAE,EAAE;IACzB,MAAM,OAAO,GAAG,IAAI,wBAAc,CAAgB,iBAAO,CAAC,CAAC;IAC3D,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACrC,IAAA,mCAAgC,EAAC;YAC7B,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,MAAM,EAAE;gBACJ,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;gBACvC,QAAQ,EAAE,IAAI,CAAC,QAAQ;aAC1B;YACD,OAAO;YACP,iBAAiB;SACpB,CAAC,CAAC;QACH,eAAe,CAAC,OAAO,CAAC,CAAC,cAAc,EAAE,EAAE;YACvC,6CAAsB,CAAC,cAAc,CAAC,IAAI,CAAC,CACvC,cAAc,EACd,OAAO,CACV,CAAC;QACN,CAAC,CAAC,CAAC;IACP,CAAC;IACD,OAAO,OAAO,CAAC;AACnB,CAAC,CAAC;AAxBW,QAAA,qBAAqB,yBAwBhC;AAEF,yCAAyC;AAClC,MAAM,iBAAiB,GAAG,CAC7B,IAAmE,EACnE,eAGG,EACU,EAAE;IACf,MAAM,OAAO,GAAG,IAAA,6BAAqB,EAAC;QAClC,IAAI;QACJ,eAAe;QACf,iBAAiB,EAAE;YACf,GAAG,EAAE;gBACD,OAAO,EAAE,KAAK;gBACd,eAAe,EAAE,EAAE;aACtB;SACJ;KACJ,CAAC,CAAC;IACH,OAAO,OAAO,CAAC,KAAK,EAAE,CAAC;AAC3B,CAAC,CAAC;AAlBW,QAAA,iBAAiB,qBAkB5B"}
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
import { type AbilityBuilder } from '@casl/ability';
|
|
2
|
+
import { type CreateEmbedJwt, type Embed } from '../ee';
|
|
3
|
+
import type { MemberAbility } from './types';
|
|
4
|
+
export declare function applyEmbeddedAbility(embedUser: CreateEmbedJwt, dashboardUuid: string, organization: Embed['organization'], builder: AbilityBuilder<MemberAbility>): void;
|
|
5
|
+
//# sourceMappingURL=scopeAbility.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scopeAbility.d.ts","sourceRoot":"","sources":["../../../src/authorization/scopeAbility.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,cAAc,EAAE,MAAM,eAAe,CAAC;AAEpD,OAAO,EAAE,KAAK,cAAc,EAAE,KAAK,KAAK,EAAE,MAAM,OAAO,CAAC;AACxD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAkF7C,wBAAgB,oBAAoB,CAChC,SAAS,EAAE,cAAc,EACzB,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE,KAAK,CAAC,cAAc,CAAC,EACnC,OAAO,EAAE,cAAc,CAAC,aAAa,CAAC,QAGzC"}
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.applyEmbeddedAbility = applyEmbeddedAbility;
|
|
4
|
+
const lodash_1 = require("lodash");
|
|
5
|
+
const addBaseAbilities = ({ embedUser, dashboardUuid, organization, builder, }) => {
|
|
6
|
+
const { can } = builder;
|
|
7
|
+
can('view', 'Dashboard', {
|
|
8
|
+
dashboardUuid,
|
|
9
|
+
organizationUuid: organization.organizationUuid,
|
|
10
|
+
});
|
|
11
|
+
return { embedUser, dashboardUuid, organization, builder };
|
|
12
|
+
};
|
|
13
|
+
const exportAbilities = ({ embedUser, dashboardUuid, organization, builder, }) => {
|
|
14
|
+
const { content } = embedUser;
|
|
15
|
+
const { can } = builder;
|
|
16
|
+
if (content.canExportCsv) {
|
|
17
|
+
can('export', 'Dashboard', {
|
|
18
|
+
organizationUuid: organization.organizationUuid,
|
|
19
|
+
type: 'csv',
|
|
20
|
+
});
|
|
21
|
+
}
|
|
22
|
+
if (content.canExportPagePdf) {
|
|
23
|
+
can('export', 'Dashboard', {
|
|
24
|
+
organizationUuid: organization.organizationUuid,
|
|
25
|
+
type: 'pdf',
|
|
26
|
+
});
|
|
27
|
+
}
|
|
28
|
+
if (content.canExportImages) {
|
|
29
|
+
can('export', 'Dashboard', {
|
|
30
|
+
organizationUuid: organization.organizationUuid,
|
|
31
|
+
type: 'images',
|
|
32
|
+
});
|
|
33
|
+
}
|
|
34
|
+
return { embedUser, dashboardUuid, organization, builder };
|
|
35
|
+
};
|
|
36
|
+
const dashboardAbilities = ({ embedUser, dashboardUuid, organization, builder, }) => {
|
|
37
|
+
const { content } = embedUser;
|
|
38
|
+
const { can } = builder;
|
|
39
|
+
can('view', 'Dashboard', {
|
|
40
|
+
dateZoom: content.canDateZoom ?? false,
|
|
41
|
+
organizationUuid: organization.organizationUuid,
|
|
42
|
+
});
|
|
43
|
+
return { embedUser, dashboardUuid, organization, builder };
|
|
44
|
+
};
|
|
45
|
+
const applyAbilities = (0, lodash_1.flow)(addBaseAbilities, exportAbilities, dashboardAbilities);
|
|
46
|
+
function applyEmbeddedAbility(embedUser, dashboardUuid, organization, builder) {
|
|
47
|
+
applyAbilities({ embedUser, dashboardUuid, organization, builder });
|
|
48
|
+
}
|
|
49
|
+
//# sourceMappingURL=scopeAbility.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scopeAbility.js","sourceRoot":"","sources":["../../../src/authorization/scopeAbility.ts"],"names":[],"mappings":";;AAqFA,oDAOC;AA3FD,mCAA8B;AAe9B,MAAM,gBAAgB,GAA2B,CAAC,EAC9C,SAAS,EACT,aAAa,EACb,YAAY,EACZ,OAAO,GACV,EAAE,EAAE;IACD,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IACxB,GAAG,CAAC,MAAM,EAAE,WAAW,EAAE;QACrB,aAAa;QACb,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;KAClD,CAAC,CAAC;IACH,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC;AAC/D,CAAC,CAAC;AAEF,MAAM,eAAe,GAA2B,CAAC,EAC7C,SAAS,EACT,aAAa,EACb,YAAY,EACZ,OAAO,GACV,EAAE,EAAE;IACD,MAAM,EAAE,OAAO,EAAE,GAAG,SAAS,CAAC;IAC9B,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAExB,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;QACvB,GAAG,CAAC,QAAQ,EAAE,WAAW,EAAE;YACvB,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;YAC/C,IAAI,EAAE,KAAK;SACd,CAAC,CAAC;IACP,CAAC;IAED,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;QAC3B,GAAG,CAAC,QAAQ,EAAE,WAAW,EAAE;YACvB,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;YAC/C,IAAI,EAAE,KAAK;SACd,CAAC,CAAC;IACP,CAAC;IAED,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;QAC1B,GAAG,CAAC,QAAQ,EAAE,WAAW,EAAE;YACvB,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;YAC/C,IAAI,EAAE,QAAQ;SACjB,CAAC,CAAC;IACP,CAAC;IAED,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC;AAC/D,CAAC,CAAC;AAEF,MAAM,kBAAkB,GAA2B,CAAC,EAChD,SAAS,EACT,aAAa,EACb,YAAY,EACZ,OAAO,GACV,EAAE,EAAE;IACD,MAAM,EAAE,OAAO,EAAE,GAAG,SAAS,CAAC;IAC9B,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAExB,GAAG,CAAC,MAAM,EAAE,WAAW,EAAE;QACrB,QAAQ,EAAE,OAAO,CAAC,WAAW,IAAI,KAAK;QACtC,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;KAClD,CAAC,CAAC;IACH,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC;AAC/D,CAAC,CAAC;AAEF,MAAM,cAAc,GAAG,IAAA,aAAI,EACvB,gBAAgB,EAChB,eAAe,EACf,kBAAkB,CACrB,CAAC;AAEF,SAAgB,oBAAoB,CAChC,SAAyB,EACzB,aAAqB,EACrB,YAAmC,EACnC,OAAsC;IAEtC,cAAc,CAAC,EAAE,SAAS,EAAE,aAAa,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC,CAAC;AACxE,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scopeAbility.test.d.ts","sourceRoot":"","sources":["../../../src/authorization/scopeAbility.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,259 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
const ability_1 = require("@casl/ability");
|
|
4
|
+
const scopeAbility_1 = require("./scopeAbility");
|
|
5
|
+
const createEmbedJwt = (overrides) => {
|
|
6
|
+
const baseContent = {
|
|
7
|
+
type: 'dashboard',
|
|
8
|
+
projectUuid: 'project-uuid-1',
|
|
9
|
+
dashboardUuid: 'dashboard-uuid-1',
|
|
10
|
+
canExportCsv: false,
|
|
11
|
+
canExportImages: false,
|
|
12
|
+
canExportPagePdf: false,
|
|
13
|
+
canDateZoom: false,
|
|
14
|
+
};
|
|
15
|
+
const { content: contentOverrides, ...otherOverrides } = overrides || {};
|
|
16
|
+
return {
|
|
17
|
+
content: {
|
|
18
|
+
...baseContent,
|
|
19
|
+
...contentOverrides,
|
|
20
|
+
},
|
|
21
|
+
exp: Date.now() / 1000 + 3600, // 1 hour from now
|
|
22
|
+
...otherOverrides,
|
|
23
|
+
};
|
|
24
|
+
};
|
|
25
|
+
const organization = {
|
|
26
|
+
organizationUuid: 'organization-uuid-1',
|
|
27
|
+
name: 'Organization 1',
|
|
28
|
+
};
|
|
29
|
+
const defineAbilityForEmbedUser = (embedUser, dashboardUuid) => {
|
|
30
|
+
const builder = new ability_1.AbilityBuilder(ability_1.Ability);
|
|
31
|
+
(0, scopeAbility_1.applyEmbeddedAbility)(embedUser, dashboardUuid, organization, builder);
|
|
32
|
+
return builder.build();
|
|
33
|
+
};
|
|
34
|
+
describe('Embedded dashboard abilities', () => {
|
|
35
|
+
const dashboardUuid = 'dashboard-uuid-1';
|
|
36
|
+
const projectUuid = 'project-uuid-1';
|
|
37
|
+
describe('Base abilities', () => {
|
|
38
|
+
it('should allow viewing the specified dashboard', () => {
|
|
39
|
+
const embedUser = createEmbedJwt();
|
|
40
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
41
|
+
expect(ability.can('view', (0, ability_1.subject)('Dashboard', {
|
|
42
|
+
dashboardUuid,
|
|
43
|
+
organizationUuid: organization.organizationUuid,
|
|
44
|
+
}))).toBe(true);
|
|
45
|
+
});
|
|
46
|
+
it('should not allow viewing private saved charts', () => {
|
|
47
|
+
const embedUser = createEmbedJwt();
|
|
48
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
49
|
+
expect(ability.can('view', (0, ability_1.subject)('SavedChart', {
|
|
50
|
+
projectUuid,
|
|
51
|
+
isPrivate: true,
|
|
52
|
+
}))).toBe(false);
|
|
53
|
+
});
|
|
54
|
+
it('should not allow viewing saved charts from different projects', () => {
|
|
55
|
+
const embedUser = createEmbedJwt();
|
|
56
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
57
|
+
expect(ability.can('view', (0, ability_1.subject)('SavedChart', {
|
|
58
|
+
projectUuid: 'different-project-uuid',
|
|
59
|
+
isPrivate: false,
|
|
60
|
+
}))).toBe(false);
|
|
61
|
+
});
|
|
62
|
+
it('should handle missing optional properties gracefully', () => {
|
|
63
|
+
const embedUser = {
|
|
64
|
+
content: {
|
|
65
|
+
type: 'dashboard',
|
|
66
|
+
projectUuid: 'project-uuid-1',
|
|
67
|
+
dashboardUuid: 'dashboard-uuid-1',
|
|
68
|
+
},
|
|
69
|
+
exp: Date.now() / 1000 + 3600,
|
|
70
|
+
};
|
|
71
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
72
|
+
// Base abilities should still work
|
|
73
|
+
expect(ability.can('view', (0, ability_1.subject)('Dashboard', {
|
|
74
|
+
dashboardUuid,
|
|
75
|
+
organizationUuid: organization.organizationUuid,
|
|
76
|
+
}))).toBe(true);
|
|
77
|
+
// Export abilities should default to false
|
|
78
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
79
|
+
type: 'csv',
|
|
80
|
+
organizationUuid: organization.organizationUuid,
|
|
81
|
+
}))).toBe(false);
|
|
82
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
83
|
+
type: 'pdf',
|
|
84
|
+
organizationUuid: organization.organizationUuid,
|
|
85
|
+
}))).toBe(false);
|
|
86
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
87
|
+
type: 'images',
|
|
88
|
+
organizationUuid: organization.organizationUuid,
|
|
89
|
+
}))).toBe(false);
|
|
90
|
+
// Date zoom should default to false
|
|
91
|
+
expect(ability.can('view', (0, ability_1.subject)('Dashboard', { canDateZoom: true }))).toBe(false);
|
|
92
|
+
});
|
|
93
|
+
});
|
|
94
|
+
describe('Export abilities', () => {
|
|
95
|
+
describe('CSV export', () => {
|
|
96
|
+
it('should allow CSV export when canExportCsv is true', () => {
|
|
97
|
+
const embedUser = createEmbedJwt({
|
|
98
|
+
content: { canExportCsv: true },
|
|
99
|
+
});
|
|
100
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
101
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
102
|
+
type: 'csv',
|
|
103
|
+
organizationUuid: organization.organizationUuid,
|
|
104
|
+
}))).toBe(true);
|
|
105
|
+
});
|
|
106
|
+
it('should not allow CSV export when canExportCsv is false', () => {
|
|
107
|
+
const embedUser = createEmbedJwt({
|
|
108
|
+
content: { canExportCsv: false },
|
|
109
|
+
});
|
|
110
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
111
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
112
|
+
type: 'csv',
|
|
113
|
+
organizationUuid: organization.organizationUuid,
|
|
114
|
+
}))).toBe(false);
|
|
115
|
+
});
|
|
116
|
+
});
|
|
117
|
+
describe('PDF export', () => {
|
|
118
|
+
it('should allow PDF export when canExportPagePdf is true', () => {
|
|
119
|
+
const embedUser = createEmbedJwt({
|
|
120
|
+
content: { canExportPagePdf: true },
|
|
121
|
+
});
|
|
122
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
123
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
124
|
+
type: 'pdf',
|
|
125
|
+
organizationUuid: organization.organizationUuid,
|
|
126
|
+
}))).toBe(true);
|
|
127
|
+
});
|
|
128
|
+
it('should not allow PDF export when canExportPagePdf is false', () => {
|
|
129
|
+
const embedUser = createEmbedJwt({
|
|
130
|
+
content: { canExportPagePdf: false },
|
|
131
|
+
});
|
|
132
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
133
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
134
|
+
type: 'pdf',
|
|
135
|
+
organizationUuid: organization.organizationUuid,
|
|
136
|
+
}))).toBe(false);
|
|
137
|
+
});
|
|
138
|
+
});
|
|
139
|
+
describe('Images export', () => {
|
|
140
|
+
it('should allow images export when canExportImages is true', () => {
|
|
141
|
+
const embedUser = createEmbedJwt({
|
|
142
|
+
content: { canExportImages: true },
|
|
143
|
+
});
|
|
144
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
145
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
146
|
+
type: 'images',
|
|
147
|
+
organizationUuid: organization.organizationUuid,
|
|
148
|
+
}))).toBe(true);
|
|
149
|
+
});
|
|
150
|
+
it('should not allow images export when canExportImages is false', () => {
|
|
151
|
+
const embedUser = createEmbedJwt({
|
|
152
|
+
content: { canExportImages: false },
|
|
153
|
+
});
|
|
154
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
155
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
156
|
+
type: 'images',
|
|
157
|
+
organizationUuid: organization.organizationUuid,
|
|
158
|
+
}))).toBe(false);
|
|
159
|
+
});
|
|
160
|
+
});
|
|
161
|
+
describe('Multiple export formats', () => {
|
|
162
|
+
it('should allow all export formats when all are enabled', () => {
|
|
163
|
+
const embedUser = createEmbedJwt({
|
|
164
|
+
content: {
|
|
165
|
+
canExportCsv: true,
|
|
166
|
+
canExportPagePdf: true,
|
|
167
|
+
canExportImages: true,
|
|
168
|
+
},
|
|
169
|
+
});
|
|
170
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
171
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
172
|
+
type: 'csv',
|
|
173
|
+
organizationUuid: organization.organizationUuid,
|
|
174
|
+
}))).toBe(true);
|
|
175
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
176
|
+
type: 'pdf',
|
|
177
|
+
organizationUuid: organization.organizationUuid,
|
|
178
|
+
}))).toBe(true);
|
|
179
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
180
|
+
type: 'images',
|
|
181
|
+
organizationUuid: organization.organizationUuid,
|
|
182
|
+
}))).toBe(true);
|
|
183
|
+
});
|
|
184
|
+
it('should allow only CSV and PDF when images is disabled', () => {
|
|
185
|
+
const embedUser = createEmbedJwt({
|
|
186
|
+
content: {
|
|
187
|
+
canExportCsv: true,
|
|
188
|
+
canExportPagePdf: true,
|
|
189
|
+
canExportImages: false,
|
|
190
|
+
},
|
|
191
|
+
});
|
|
192
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
193
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
194
|
+
type: 'csv',
|
|
195
|
+
organizationUuid: organization.organizationUuid,
|
|
196
|
+
}))).toBe(true);
|
|
197
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
198
|
+
type: 'pdf',
|
|
199
|
+
organizationUuid: organization.organizationUuid,
|
|
200
|
+
}))).toBe(true);
|
|
201
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
202
|
+
type: 'images',
|
|
203
|
+
organizationUuid: organization.organizationUuid,
|
|
204
|
+
}))).toBe(false);
|
|
205
|
+
});
|
|
206
|
+
it('should not allow any exports when all are disabled', () => {
|
|
207
|
+
const embedUser = createEmbedJwt({
|
|
208
|
+
content: {
|
|
209
|
+
canExportCsv: false,
|
|
210
|
+
canExportPagePdf: false,
|
|
211
|
+
canExportImages: false,
|
|
212
|
+
},
|
|
213
|
+
});
|
|
214
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
215
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
216
|
+
type: 'csv',
|
|
217
|
+
organizationUuid: organization.organizationUuid,
|
|
218
|
+
}))).toBe(false);
|
|
219
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
220
|
+
type: 'pdf',
|
|
221
|
+
organizationUuid: organization.organizationUuid,
|
|
222
|
+
}))).toBe(false);
|
|
223
|
+
expect(ability.can('export', (0, ability_1.subject)('Dashboard', {
|
|
224
|
+
type: 'images',
|
|
225
|
+
organizationUuid: organization.organizationUuid,
|
|
226
|
+
}))).toBe(false);
|
|
227
|
+
});
|
|
228
|
+
});
|
|
229
|
+
});
|
|
230
|
+
describe('Dashboard abilities', () => {
|
|
231
|
+
describe('Date zoom', () => {
|
|
232
|
+
it('should allow date zoom when canDateZoom is true', () => {
|
|
233
|
+
const embedUser = createEmbedJwt({
|
|
234
|
+
content: { canDateZoom: true },
|
|
235
|
+
});
|
|
236
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
237
|
+
expect(ability.can('view', (0, ability_1.subject)('Dashboard', {
|
|
238
|
+
dateZoom: true,
|
|
239
|
+
organizationUuid: organization.organizationUuid,
|
|
240
|
+
}))).toBe(true);
|
|
241
|
+
});
|
|
242
|
+
it('should not allow date zoom when canDateZoom is false', () => {
|
|
243
|
+
const embedUser = createEmbedJwt({
|
|
244
|
+
content: { canDateZoom: false },
|
|
245
|
+
});
|
|
246
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
247
|
+
expect(ability.can('view', (0, ability_1.subject)('Dashboard', { dateZoom: true }))).toBe(false);
|
|
248
|
+
});
|
|
249
|
+
it('should handle undefined canDateZoom as false', () => {
|
|
250
|
+
const embedUser = createEmbedJwt({
|
|
251
|
+
content: { canDateZoom: undefined },
|
|
252
|
+
});
|
|
253
|
+
const ability = defineAbilityForEmbedUser(embedUser, dashboardUuid);
|
|
254
|
+
expect(ability.can('view', (0, ability_1.subject)('Dashboard', { canDateZoom: true }))).toBe(false);
|
|
255
|
+
});
|
|
256
|
+
});
|
|
257
|
+
});
|
|
258
|
+
});
|
|
259
|
+
//# sourceMappingURL=scopeAbility.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scopeAbility.test.js","sourceRoot":"","sources":["../../../src/authorization/scopeAbility.test.ts"],"names":[],"mappings":";;AAAA,2CAAiE;AAEjE,iDAAsD;AAGtD,MAAM,cAAc,GAAG,CAAC,SAMvB,EAAkB,EAAE;IACjB,MAAM,WAAW,GAAG;QAChB,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,gBAAgB;QAC7B,aAAa,EAAE,kBAAkB;QACjC,YAAY,EAAE,KAAK;QACnB,eAAe,EAAE,KAAK;QACtB,gBAAgB,EAAE,KAAK;QACvB,WAAW,EAAE,KAAK;KACrB,CAAC;IAEF,MAAM,EAAE,OAAO,EAAE,gBAAgB,EAAE,GAAG,cAAc,EAAE,GAAG,SAAS,IAAI,EAAE,CAAC;IAEzE,OAAO;QACH,OAAO,EAAE;YACL,GAAG,WAAW;YACd,GAAG,gBAAgB;SACO;QAC9B,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,kBAAkB;QACjD,GAAG,cAAc;KACpB,CAAC;AACN,CAAC,CAAC;AACF,MAAM,YAAY,GAAG;IACjB,gBAAgB,EAAE,qBAAqB;IACvC,IAAI,EAAE,gBAAgB;CACzB,CAAC;AAEF,MAAM,yBAAyB,GAAG,CAC9B,SAAyB,EACzB,aAAqB,EACR,EAAE;IACf,MAAM,OAAO,GAAG,IAAI,wBAAc,CAAgB,iBAAO,CAAC,CAAC;IAC3D,IAAA,mCAAoB,EAAC,SAAS,EAAE,aAAa,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;IACtE,OAAO,OAAO,CAAC,KAAK,EAAE,CAAC;AAC3B,CAAC,CAAC;AAEF,QAAQ,CAAC,8BAA8B,EAAE,GAAG,EAAE;IAC1C,MAAM,aAAa,GAAG,kBAAkB,CAAC;IACzC,MAAM,WAAW,GAAG,gBAAgB,CAAC;IAErC,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC5B,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACpD,MAAM,SAAS,GAAG,cAAc,EAAE,CAAC;YACnC,MAAM,OAAO,GAAG,yBAAyB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;YAEpE,MAAM,CACF,OAAO,CAAC,GAAG,CACP,MAAM,EACN,IAAA,iBAAO,EAAC,WAAW,EAAE;gBACjB,aAAa;gBACb,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;aAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACjB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;YACrD,MAAM,SAAS,GAAG,cAAc,EAAE,CAAC;YACnC,MAAM,OAAO,GAAG,yBAAyB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;YAEpE,MAAM,CACF,OAAO,CAAC,GAAG,CACP,MAAM,EACN,IAAA,iBAAO,EAAC,YAAY,EAAE;gBAClB,WAAW;gBACX,SAAS,EAAE,IAAI;aAClB,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAClB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+DAA+D,EAAE,GAAG,EAAE;YACrE,MAAM,SAAS,GAAG,cAAc,EAAE,CAAC;YACnC,MAAM,OAAO,GAAG,yBAAyB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;YAEpE,MAAM,CACF,OAAO,CAAC,GAAG,CACP,MAAM,EACN,IAAA,iBAAO,EAAC,YAAY,EAAE;gBAClB,WAAW,EAAE,wBAAwB;gBACrC,SAAS,EAAE,KAAK;aACnB,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAClB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;YAC5D,MAAM,SAAS,GAAmB;gBAC9B,OAAO,EAAE;oBACL,IAAI,EAAE,WAAW;oBACjB,WAAW,EAAE,gBAAgB;oBAC7B,aAAa,EAAE,kBAAkB;iBACpC;gBACD,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI;aAChC,CAAC;YACF,MAAM,OAAO,GAAG,yBAAyB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;YAEpE,mCAAmC;YACnC,MAAM,CACF,OAAO,CAAC,GAAG,CACP,MAAM,EACN,IAAA,iBAAO,EAAC,WAAW,EAAE;gBACjB,aAAa;gBACb,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;aAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAEb,2CAA2C;YAC3C,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;gBACjB,IAAI,EAAE,KAAK;gBACX,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;aAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACd,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;gBACjB,IAAI,EAAE,KAAK;gBACX,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;aAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACd,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;gBACjB,IAAI,EAAE,QAAQ;gBACd,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;aAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAEd,oCAAoC;YACpC,MAAM,CACF,OAAO,CAAC,GAAG,CACP,MAAM,EACN,IAAA,iBAAO,EAAC,WAAW,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAC9C,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAClB,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;QAC9B,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;YACxB,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;gBACzD,MAAM,SAAS,GAAG,cAAc,CAAC;oBAC7B,OAAO,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE;iBAClC,CAAC,CAAC;gBACH,MAAM,OAAO,GAAG,yBAAyB,CACrC,SAAS,EACT,aAAa,CAChB,CAAC;gBAEF,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,KAAK;oBACX,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjB,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;gBAC9D,MAAM,SAAS,GAAG,cAAc,CAAC;oBAC7B,OAAO,EAAE,EAAE,YAAY,EAAE,KAAK,EAAE;iBACnC,CAAC,CAAC;gBACH,MAAM,OAAO,GAAG,yBAAyB,CACrC,SAAS,EACT,aAAa,CAChB,CAAC;gBAEF,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,KAAK;oBACX,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;QACP,CAAC,CAAC,CAAC;QAEH,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;YACxB,EAAE,CAAC,uDAAuD,EAAE,GAAG,EAAE;gBAC7D,MAAM,SAAS,GAAG,cAAc,CAAC;oBAC7B,OAAO,EAAE,EAAE,gBAAgB,EAAE,IAAI,EAAE;iBACtC,CAAC,CAAC;gBACH,MAAM,OAAO,GAAG,yBAAyB,CACrC,SAAS,EACT,aAAa,CAChB,CAAC;gBAEF,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,KAAK;oBACX,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjB,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,4DAA4D,EAAE,GAAG,EAAE;gBAClE,MAAM,SAAS,GAAG,cAAc,CAAC;oBAC7B,OAAO,EAAE,EAAE,gBAAgB,EAAE,KAAK,EAAE;iBACvC,CAAC,CAAC;gBACH,MAAM,OAAO,GAAG,yBAAyB,CACrC,SAAS,EACT,aAAa,CAChB,CAAC;gBAEF,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,KAAK;oBACX,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;QACP,CAAC,CAAC,CAAC;QAEH,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;YAC3B,EAAE,CAAC,yDAAyD,EAAE,GAAG,EAAE;gBAC/D,MAAM,SAAS,GAAG,cAAc,CAAC;oBAC7B,OAAO,EAAE,EAAE,eAAe,EAAE,IAAI,EAAE;iBACrC,CAAC,CAAC;gBACH,MAAM,OAAO,GAAG,yBAAyB,CACrC,SAAS,EACT,aAAa,CAChB,CAAC;gBAEF,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,QAAQ;oBACd,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjB,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,8DAA8D,EAAE,GAAG,EAAE;gBACpE,MAAM,SAAS,GAAG,cAAc,CAAC;oBAC7B,OAAO,EAAE,EAAE,eAAe,EAAE,KAAK,EAAE;iBACtC,CAAC,CAAC;gBACH,MAAM,OAAO,GAAG,yBAAyB,CACrC,SAAS,EACT,aAAa,CAChB,CAAC;gBAEF,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,QAAQ;oBACd,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;QACP,CAAC,CAAC,CAAC;QAEH,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;YACrC,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;gBAC5D,MAAM,SAAS,GAAG,cAAc,CAAC;oBAC7B,OAAO,EAAE;wBACL,YAAY,EAAE,IAAI;wBAClB,gBAAgB,EAAE,IAAI;wBACtB,eAAe,EAAE,IAAI;qBACxB;iBACJ,CAAC,CAAC;gBACH,MAAM,OAAO,GAAG,yBAAyB,CACrC,SAAS,EACT,aAAa,CAChB,CAAC;gBAEF,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,KAAK;oBACX,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACb,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,KAAK;oBACX,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACb,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,QAAQ;oBACd,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjB,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,uDAAuD,EAAE,GAAG,EAAE;gBAC7D,MAAM,SAAS,GAAG,cAAc,CAAC;oBAC7B,OAAO,EAAE;wBACL,YAAY,EAAE,IAAI;wBAClB,gBAAgB,EAAE,IAAI;wBACtB,eAAe,EAAE,KAAK;qBACzB;iBACJ,CAAC,CAAC;gBACH,MAAM,OAAO,GAAG,yBAAyB,CACrC,SAAS,EACT,aAAa,CAChB,CAAC;gBAEF,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,KAAK;oBACX,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACb,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,KAAK;oBACX,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACb,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,QAAQ;oBACd,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,oDAAoD,EAAE,GAAG,EAAE;gBAC1D,MAAM,SAAS,GAAG,cAAc,CAAC;oBAC7B,OAAO,EAAE;wBACL,YAAY,EAAE,KAAK;wBACnB,gBAAgB,EAAE,KAAK;wBACvB,eAAe,EAAE,KAAK;qBACzB;iBACJ,CAAC,CAAC;gBACH,MAAM,OAAO,GAAG,yBAAyB,CACrC,SAAS,EACT,aAAa,CAChB,CAAC;gBAEF,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,KAAK;oBACX,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACd,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,KAAK;oBACX,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACd,MAAM,CACF,OAAO,CAAC,GAAG,CACP,QAAQ,EACR,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,IAAI,EAAE,QAAQ;oBACd,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;QACP,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;QACjC,QAAQ,CAAC,WAAW,EAAE,GAAG,EAAE;YACvB,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;gBACvD,MAAM,SAAS,GAAG,cAAc,CAAC;oBAC7B,OAAO,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE;iBACjC,CAAC,CAAC;gBACH,MAAM,OAAO,GAAG,yBAAyB,CACrC,SAAS,EACT,aAAa,CAChB,CAAC;gBAEF,MAAM,CACF,OAAO,CAAC,GAAG,CACP,MAAM,EACN,IAAA,iBAAO,EAAC,WAAW,EAAE;oBACjB,QAAQ,EAAE,IAAI;oBACd,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;iBAClD,CAAC,CACL,CACJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjB,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;gBAC5D,MAAM,SAAS,GAAG,cAAc,CAAC;oBAC7B,OAAO,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE;iBAClC,CAAC,CAAC;gBACH,MAAM,OAAO,GAAG,yBAAyB,CACrC,SAAS,EACT,aAAa,CAChB,CAAC;gBAEF,MAAM,CACF,OAAO,CAAC,GAAG,CACP,MAAM,EACN,IAAA,iBAAO,EAAC,WAAW,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAC3C,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;gBACpD,MAAM,SAAS,GAAG,cAAc,CAAC;oBAC7B,OAAO,EAAE,EAAE,WAAW,EAAE,SAAS,EAAE;iBACtC,CAAC,CAAC;gBACH,MAAM,OAAO,GAAG,yBAAyB,CACrC,SAAS,EACT,aAAa,CAChB,CAAC;gBAEF,MAAM,CACF,OAAO,CAAC,GAAG,CACP,MAAM,EACN,IAAA,iBAAO,EAAC,WAAW,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAC9C,CACJ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;QACP,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;AACP,CAAC,CAAC,CAAC"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { type Ability, type ForcedSubject } from '@casl/ability';
|
|
2
2
|
import { type OrganizationMemberProfile } from '../types/organizationMemberProfile';
|
|
3
|
-
export type AbilityAction = '
|
|
3
|
+
export type AbilityAction = 'create' | 'delete' | 'export' | 'manage' | 'promote' | 'update' | 'view';
|
|
4
4
|
interface Project {
|
|
5
5
|
organizationUuid: string;
|
|
6
6
|
projectUuid: string;
|
|
@@ -8,7 +8,7 @@ interface Project {
|
|
|
8
8
|
interface Organization {
|
|
9
9
|
organizationUuid: string;
|
|
10
10
|
}
|
|
11
|
-
export type CaslSubjectNames = '
|
|
11
|
+
export type CaslSubjectNames = 'AiAgent' | 'AiAgentThread' | 'Analytics' | 'ChangeCsvResults' | 'CompileProject' | 'ContentAsCode' | 'CustomSql' | 'Dashboard' | 'DashboardComments' | 'Explore' | 'ExportCsv' | 'Group' | 'InviteLink' | 'Job' | 'JobStatus' | 'MetricsTree' | 'Organization' | 'OrganizationMemberProfile' | 'PersonalAccessToken' | 'PinnedItems' | 'Project' | 'SavedChart' | 'ScheduledDeliveries' | 'SemanticViewer' | 'Space' | 'SpotlightTableConfig' | 'SqlRunner' | 'Tags' | 'UnderlyingData' | 'Validation' | 'VirtualView';
|
|
12
12
|
export type Subject = CaslSubjectNames | Project | Organization | OrganizationMemberProfile | 'all';
|
|
13
13
|
export type PossibleAbilities = [
|
|
14
14
|
AbilityAction,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/authorization/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,eAAe,CAAC;AACjE,OAAO,EAAE,KAAK,yBAAyB,EAAE,MAAM,oCAAoC,CAAC;AAEpF,MAAM,MAAM,aAAa,GACnB,QAAQ,GACR,QAAQ,GACR,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/authorization/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,eAAe,CAAC;AACjE,OAAO,EAAE,KAAK,yBAAyB,EAAE,MAAM,oCAAoC,CAAC;AAEpF,MAAM,MAAM,aAAa,GACnB,QAAQ,GACR,QAAQ,GACR,QAAQ,GACR,QAAQ,GACR,SAAS,GACT,QAAQ,GACR,MAAM,CAAC;AAEb,UAAU,OAAO;IACb,gBAAgB,EAAE,MAAM,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;CACvB;AAED,UAAU,YAAY;IAClB,gBAAgB,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,MAAM,gBAAgB,GACtB,SAAS,GACT,eAAe,GACf,WAAW,GACX,kBAAkB,GAClB,gBAAgB,GAChB,eAAe,GACf,WAAW,GACX,WAAW,GACX,mBAAmB,GACnB,SAAS,GACT,WAAW,GACX,OAAO,GACP,YAAY,GACZ,KAAK,GACL,WAAW,GACX,aAAa,GACb,cAAc,GACd,2BAA2B,GAC3B,qBAAqB,GACrB,aAAa,GACb,SAAS,GACT,YAAY,GACZ,qBAAqB,GACrB,gBAAgB,GAChB,OAAO,GACP,sBAAsB,GACtB,WAAW,GACX,MAAM,GACN,gBAAgB,GAChB,YAAY,GACZ,aAAa,CAAC;AAEpB,MAAM,MAAM,OAAO,GACb,gBAAgB,GAChB,OAAO,GACP,YAAY,GACZ,yBAAyB,GACzB,KAAK,CAAC;AAEZ,MAAM,MAAM,iBAAiB,GAAG;IAC5B,aAAa;IACb,OAAO,GAAG,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;CACnD,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC"}
|
|
@@ -3,7 +3,7 @@ import { type Organization } from '../../types/organization';
|
|
|
3
3
|
import { type LightdashUser } from '../../types/user';
|
|
4
4
|
export type Embed = {
|
|
5
5
|
projectUuid: string;
|
|
6
|
-
organization: Pick<Organization, 'organizationUuid'>;
|
|
6
|
+
organization: Pick<Organization, 'organizationUuid' | 'name'>;
|
|
7
7
|
encodedSecret: string;
|
|
8
8
|
dashboardUuids: string[];
|
|
9
9
|
allowAllDashboards: boolean;
|
|
@@ -14,7 +14,7 @@ export type DecodedEmbed = Omit<Embed, 'encodedSecret'> & {
|
|
|
14
14
|
encodedSecret: undefined;
|
|
15
15
|
secret: string;
|
|
16
16
|
};
|
|
17
|
-
export type
|
|
17
|
+
export type CreateEmbedRequestBody = {
|
|
18
18
|
dashboardUuids: string[];
|
|
19
19
|
};
|
|
20
20
|
export type UpdateEmbed = {
|
|
@@ -252,7 +252,7 @@ export declare const EmbedJwtSchema: z.ZodObject<{
|
|
|
252
252
|
iat?: number | undefined;
|
|
253
253
|
}>;
|
|
254
254
|
export type EmbedJwt = z.infer<typeof EmbedJwtSchema>;
|
|
255
|
-
|
|
255
|
+
type CommonEmbedJwtContent = {
|
|
256
256
|
type: 'dashboard';
|
|
257
257
|
projectUuid?: string;
|
|
258
258
|
isPreview?: boolean;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/ee/embed/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAGtD,MAAM,MAAM,KAAK,GAAG;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/ee/embed/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAGtD,MAAM,MAAM,KAAK,GAAG;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE,kBAAkB,GAAG,MAAM,CAAC,CAAC;IAC9D,aAAa,EAAE,MAAM,CAAC;IACtB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,kBAAkB,EAAE,OAAO,CAAC;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,IAAI,CAAC,aAAa,EAAE,UAAU,GAAG,WAAW,GAAG,UAAU,CAAC,CAAC;CACpE,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,EAAE,eAAe,CAAC,GAAG;IACtD,aAAa,EAAE,SAAS,CAAC;IACzB,MAAM,EAAE,MAAM,CAAC;CAClB,CAAC;AAGF,MAAM,MAAM,sBAAsB,GAAG;IACjC,cAAc,EAAE,MAAM,EAAE,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACtB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,kBAAkB,EAAE,OAAO,CAAC;CAC/B,CAAC;AAEF,oBAAY,yBAAyB;IACjC,IAAI,SAAS;IACb,GAAG,QAAQ;IACX,IAAI,SAAS;CAChB;AAED,eAAO,MAAM,+BAA+B,4GAI1C,CAAC;AAEH,eAAO,MAAM,yCAAyC;;;;;;;;;EAIpD,CAAC;AAEH,MAAM,MAAM,mCAAmC,GAAG,CAAC,CAAC,KAAK,CACrD,OAAO,yCAAyC,CACnD,CAAC;AAEF,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAOrC,CAAC;AAEH,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,0BAA0B,CAAC,CAAC;AAE9E,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAgCtB,CAAC;AAEN,MAAM,MAAM,QAAQ,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC;AAGtD,KAAK,qBAAqB,GAAG;IACzB,IAAI,EAAE,WAAW,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,6BAA6B,CAAC,EAAE;QAC5B,OAAO,EAAE,yBAAyB,GAAG,OAAO,CAAC;QAC7C,cAAc,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;KACpC,CAAC;IACF,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC9B,CAAC;AAEF,KAAK,4BAA4B,GAAG,qBAAqB,GAAG;IACxD,aAAa,EAAE,MAAM,CAAC;CACzB,CAAC;AAEF,KAAK,4BAA4B,GAAG,qBAAqB,GAAG;IACxD,aAAa,EAAE,MAAM,CAAC;CACzB,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IACzB,OAAO,EAAE,4BAA4B,GAAG,4BAA4B,CAAC;IACrE,cAAc,CAAC,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;KAAE,CAAC;IAC3C,IAAI,CAAC,EAAE;QACH,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,UAAU,CAAC,EAAE,MAAM,CAAC;KACvB,CAAC;IACF,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,wBAAgB,sBAAsB,CAClC,OAAO,EAAE,cAAc,CAAC,SAAS,CAAC,GACnC,OAAO,IAAI,4BAA4B,CAEzC;AAED,wBAAgB,sBAAsB,CAClC,OAAO,EAAE,cAAc,CAAC,SAAS,CAAC,GACnC,OAAO,IAAI,4BAA4B,CAEzC;AAED,MAAM,MAAM,QAAQ,GAAG;IACnB,GAAG,EAAE,MAAM,CAAC;CACf,CAAC;AAGF,wBAAgB,2BAA2B,CACvC,OAAO,EAAE,mCAAmC,CAAC,SAAS,CAAC,6BAS1D;AAED,wBAAgB,4BAA4B,CACxC,0BAA0B,CAAC,EAAE,mCAAmC,8BAwBnE"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/ee/embed/index.ts"],"names":[],"mappings":";;;AAsIA,wDAIC;AAED,wDAIC;AAOD,kEAUC;AAED,oEAyBC;;AA5LD,6BAAwB;AAGxB,8FAA8D;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/ee/embed/index.ts"],"names":[],"mappings":";;;AAsIA,wDAIC;AAED,wDAIC;AAOD,kEAUC;AAED,oEAyBC;;AA5LD,6BAAwB;AAGxB,8FAA8D;AA2B9D,IAAY,yBAIX;AAJD,WAAY,yBAAyB;IACjC,0CAAa,CAAA;IACb,wCAAW,CAAA;IACX,0CAAa,CAAA;AACjB,CAAC,EAJW,yBAAyB,yCAAzB,yBAAyB,QAIpC;AAEY,QAAA,+BAA+B,GAAG,OAAC,CAAC,IAAI,CAAC;IAClD,yBAAyB,CAAC,IAAI;IAC9B,yBAAyB,CAAC,GAAG;IAC7B,yBAAyB,CAAC,IAAI;CACjC,CAAC,CAAC;AAEU,QAAA,yCAAyC,GAAG,OAAC,CAAC,MAAM,CAAC;IAC9D,OAAO,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,OAAO,EAAE,EAAE,uCAA+B,CAAC,CAAC;IAChE,qEAAqE;IACrE,cAAc,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,EAAE;CAChD,CAAC,CAAC;AAMU,QAAA,0BAA0B,GAAG,OAAC,CAAC,MAAM,CAAC;IAC/C,6BAA6B,EACzB,iDAAyC,CAAC,QAAQ,EAAE;IACxD,YAAY,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACpC,eAAe,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACvC,gBAAgB,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACxC,WAAW,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;CACtC,CAAC,CAAC;AAIU,QAAA,cAAc,GAAG,OAAC;KAC1B,MAAM,CAAC;IACJ,cAAc,EAAE,OAAC,CAAC,MAAM,CAAC,OAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,IAAI,EAAE,OAAC;SACF,MAAM,CAAC;QACJ,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACjC,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KAC/B,CAAC;SACD,QAAQ,EAAE;IACf,OAAO,EAAE,OAAC,CAAC,KAAK,CAAC;QACb,OAAC;aACI,MAAM,CAAC;YACJ,IAAI,EAAE,OAAC,CAAC,OAAO,CAAC,WAAW,CAAC;YAC5B,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YAClC,aAAa,EAAE,OAAC,CAAC,MAAM,EAAE;YACzB,SAAS,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;SACpC,CAAC;aACD,KAAK,CAAC,kCAA0B,CAAC;QACtC,OAAC;aACI,MAAM,CAAC;YACJ,IAAI,EAAE,OAAC,CAAC,OAAO,CAAC,WAAW,CAAC;YAC5B,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YAClC,aAAa,EAAE,OAAC,CAAC,MAAM,EAAE;YACzB,SAAS,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;SACpC,CAAC;aACD,KAAK,CAAC,kCAA0B,CAAC;KACzC,CAAC;IACF,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC1B,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE;CAClB,CAAC;KACD,QAAQ,CACL,uFAAuF,CAC1F,CAAC;AAuCN,SAAgB,sBAAsB,CAClC,OAAkC;IAElC,OAAO,eAAe,IAAI,OAAO,CAAC;AACtC,CAAC;AAED,SAAgB,sBAAsB,CAClC,OAAkC;IAElC,OAAO,eAAe,IAAI,OAAO,CAAC;AACtC,CAAC;AAMD,kFAAkF;AAClF,SAAgB,2BAA2B,CACvC,OAAuD;IAEvD,IAAI,OAAO,OAAO,KAAK,SAAS,EAAE,CAAC;QAC/B,OAAO,OAAO;YACV,CAAC,CAAC,yBAAyB,CAAC,GAAG;YAC/B,CAAC,CAAC,yBAAyB,CAAC,IAAI,CAAC;IACzC,CAAC;IAED,OAAO,OAAO,CAAC;AACnB,CAAC;AAED,SAAgB,4BAA4B,CACxC,0BAAgE;IAEhE,IAAI,CAAC,0BAA0B;QAAE,OAAO,KAAK,CAAC;IAE9C,MAAM,wBAAwB,GAAG,2BAA2B,CACxD,0BAA0B,CAAC,OAAO,CACrC,CAAC;IAEF,QAAQ,wBAAwB,EAAE,CAAC;QAC/B,KAAK,yBAAyB,CAAC,IAAI;YAC/B,OAAO,CACH,0BAA0B,CAAC,cAAc;gBACzC,0BAA0B,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,CACvD,CAAC;QACN,KAAK,yBAAyB,CAAC,GAAG;YAC9B,OAAO,IAAI,CAAC;QAChB,KAAK,yBAAyB,CAAC,IAAI;YAC/B,OAAO,KAAK,CAAC;QACjB;YACI,OAAO,IAAA,2BAAiB,EACpB,wBAAwB,EACxB,oCAAoC,wBAAwB,EAAE,CACjE,CAAC;IACV,CAAC;AACL,CAAC"}
|
package/dist/cjs/index.d.ts
CHANGED
|
@@ -474,9 +474,9 @@ export declare const CompleteUserSchema: z.ZodObject<{
|
|
|
474
474
|
organizationName?: string | undefined;
|
|
475
475
|
}, {
|
|
476
476
|
jobTitle: string;
|
|
477
|
+
organizationName?: string | undefined;
|
|
477
478
|
isTrackingAnonymized?: boolean | undefined;
|
|
478
479
|
isMarketingOptedIn?: boolean | undefined;
|
|
479
|
-
organizationName?: string | undefined;
|
|
480
480
|
enableEmailDomainAccess?: boolean | undefined;
|
|
481
481
|
}>;
|
|
482
482
|
export type CompleteUserArgs = z.infer<typeof CompleteUserSchema>;
|
package/dist/cjs/types/auth.d.ts
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
|
-
import { type CreateEmbedJwt } from '../ee';
|
|
1
|
+
import { type CreateEmbedJwt, type DashboardFilterInteractivityOptions } from '../ee';
|
|
2
2
|
import { type Organization } from './organization';
|
|
3
|
-
import { type
|
|
3
|
+
import { type AccountUser, type ExternalUser, type IntrinsicUserAttributes, type LightdashSessionUser } from './user';
|
|
4
|
+
import { type UserAttributeValueMap } from './userAttributes';
|
|
4
5
|
type AccountAuthType = 'session' | 'pat' | 'service-account' | 'jwt' | 'browserless' | 'scim';
|
|
5
6
|
type IAccountAuth = {
|
|
6
7
|
type: AccountAuthType;
|
|
@@ -30,15 +31,47 @@ type ServiceAccountAuth = LightdashAuth<{
|
|
|
30
31
|
source: string;
|
|
31
32
|
}>;
|
|
32
33
|
type LightdashAccountAuth = EmbeddedAccountAuth | LightdashUserAccountAuth | ServiceAccountAuth;
|
|
34
|
+
export type AccountAccessControls = {
|
|
35
|
+
userAttributes: UserAttributeValueMap;
|
|
36
|
+
intrinsicUserAttributes: IntrinsicUserAttributes;
|
|
37
|
+
};
|
|
33
38
|
/**
|
|
34
|
-
* The
|
|
35
|
-
* It's meant to be agnostic of the authentication method.
|
|
39
|
+
* The dynamic access permissions the account has
|
|
36
40
|
*/
|
|
37
|
-
export type
|
|
38
|
-
|
|
41
|
+
export type AccountAccess = {
|
|
42
|
+
/**
|
|
43
|
+
* The dashboard ID the account has access to.
|
|
44
|
+
* This is for backwards compatibility with the current JWT Embed API.
|
|
45
|
+
* */
|
|
46
|
+
dashboardId: string;
|
|
47
|
+
filtering?: DashboardFilterInteractivityOptions;
|
|
48
|
+
controls?: AccountAccessControls;
|
|
49
|
+
};
|
|
50
|
+
type AccountOrganization = Pick<Organization, 'organizationUuid' | 'name'>;
|
|
51
|
+
type ILightdashAccount = {
|
|
52
|
+
organization: AccountOrganization;
|
|
39
53
|
authentication: LightdashAccountAuth;
|
|
40
|
-
user:
|
|
54
|
+
user: AccountUser;
|
|
41
55
|
};
|
|
42
|
-
|
|
56
|
+
type LightdashAccount<T extends ILightdashAccount> = {} & T;
|
|
57
|
+
export type ExternalAccount = LightdashAccount<{
|
|
58
|
+
organization: AccountOrganization;
|
|
59
|
+
authentication: EmbeddedAccountAuth;
|
|
60
|
+
user: ExternalUser;
|
|
61
|
+
/** The access permissions the account has */
|
|
62
|
+
access: AccountAccess;
|
|
63
|
+
}>;
|
|
64
|
+
export type SessionAccount = LightdashAccount<{
|
|
65
|
+
organization: AccountOrganization;
|
|
66
|
+
authentication: LightdashUserAccountAuth;
|
|
67
|
+
user: LightdashSessionUser;
|
|
68
|
+
}>;
|
|
69
|
+
/**
|
|
70
|
+
* The account object is used to store the account information for the user.
|
|
71
|
+
* It's meant to be agnostic of the authentication method.
|
|
72
|
+
*/
|
|
73
|
+
export type Account = SessionAccount | ExternalAccount;
|
|
74
|
+
export declare function assertEmbeddedAuth(account: Account | undefined): asserts account is ExternalAccount;
|
|
75
|
+
export declare function assertSessionAuth(account: Account | undefined): asserts account is SessionAccount;
|
|
43
76
|
export {};
|
|
44
77
|
//# sourceMappingURL=auth.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/types/auth.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/types/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EACH,KAAK,cAAc,EACnB,KAAK,mCAAmC,EAC3C,MAAM,OAAO,CAAC;AAEf,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,gBAAgB,CAAC;AACnD,OAAO,EACH,KAAK,WAAW,EAChB,KAAK,YAAY,EACjB,KAAK,uBAAuB,EAC5B,KAAK,oBAAoB,EAC5B,MAAM,QAAQ,CAAC;AAChB,OAAO,EAAE,KAAK,qBAAqB,EAAE,MAAM,kBAAkB,CAAC;AAE9D,KAAK,eAAe,GACd,SAAS,GACT,KAAK,GACL,iBAAiB,GACjB,KAAK,GACL,aAAa,GACb,MAAM,CAAC;AAEb,KAAK,YAAY,GAAG;IAChB,IAAI,EAAE,eAAe,CAAC;IACtB,IAAI,CAAC,EAAE,cAAc,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,KAAK,aAAa,CAAC,CAAC,SAAS,YAAY,IAAI,CAAC,CAAC;AAE/C;;GAEG;AACH,oBAAY,eAAe;IACvB,IAAI,UAAU;IACd,eAAe,WAAW;IAC1B,qBAAqB,WAAW;CACnC;AAED,KAAK,mBAAmB,GAAG,aAAa,CAAC;IACrC,IAAI,EAAE,KAAK,CAAC;IACZ,IAAI,EAAE,cAAc,CAAC;IAErB,MAAM,EAAE,MAAM,CAAC;CAClB,CAAC,CAAC;AAEH,KAAK,wBAAwB,GAAG,aAAa,CAAC;IAC1C,IAAI,EAAE,SAAS,CAAC;IAEhB,MAAM,EAAE,MAAM,CAAC;CAClB,CAAC,CAAC;AAEH,KAAK,kBAAkB,GAAG,aAAa,CAAC;IACpC,IAAI,EAAE,iBAAiB,CAAC;IAExB,MAAM,EAAE,MAAM,CAAC;CAClB,CAAC,CAAC;AAEH,KAAK,oBAAoB,GACnB,mBAAmB,GACnB,wBAAwB,GACxB,kBAAkB,CAAC;AAEzB,MAAM,MAAM,qBAAqB,GAAG;IAChC,cAAc,EAAE,qBAAqB,CAAC;IACtC,uBAAuB,EAAE,uBAAuB,CAAC;CACpD,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG;IACxB;;;SAGK;IACL,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,mCAAmC,CAAC;IAChD,QAAQ,CAAC,EAAE,qBAAqB,CAAC;CACpC,CAAC;AAEF,KAAK,mBAAmB,GAAG,IAAI,CAAC,YAAY,EAAE,kBAAkB,GAAG,MAAM,CAAC,CAAC;AAE3E,KAAK,iBAAiB,GAAG;IACrB,YAAY,EAAE,mBAAmB,CAAC;IAClC,cAAc,EAAE,oBAAoB,CAAC;IACrC,IAAI,EAAE,WAAW,CAAC;CACrB,CAAC;AAEF,KAAK,gBAAgB,CAAC,CAAC,SAAS,iBAAiB,IAAI,EAAE,GAAG,CAAC,CAAC;AAE5D,MAAM,MAAM,eAAe,GAAG,gBAAgB,CAAC;IAC3C,YAAY,EAAE,mBAAmB,CAAC;IAClC,cAAc,EAAE,mBAAmB,CAAC;IACpC,IAAI,EAAE,YAAY,CAAC;IACnB,6CAA6C;IAC7C,MAAM,EAAE,aAAa,CAAC;CACzB,CAAC,CAAC;AAEH,MAAM,MAAM,cAAc,GAAG,gBAAgB,CAAC;IAC1C,YAAY,EAAE,mBAAmB,CAAC;IAClC,cAAc,EAAE,wBAAwB,CAAC;IACzC,IAAI,EAAE,oBAAoB,CAAC;CAC9B,CAAC,CAAC;AAEH;;;GAGG;AACH,MAAM,MAAM,OAAO,GAAG,cAAc,GAAG,eAAe,CAAC;AAEvD,wBAAgB,kBAAkB,CAC9B,OAAO,EAAE,OAAO,GAAG,SAAS,GAC7B,OAAO,CAAC,OAAO,IAAI,eAAe,CAIpC;AAED,wBAAgB,iBAAiB,CAC7B,OAAO,EAAE,OAAO,GAAG,SAAS,GAC7B,OAAO,CAAC,OAAO,IAAI,cAAc,CAInC"}
|
package/dist/cjs/types/auth.js
CHANGED
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.AuthTokenPrefix = void 0;
|
|
4
|
-
exports.
|
|
4
|
+
exports.assertEmbeddedAuth = assertEmbeddedAuth;
|
|
5
|
+
exports.assertSessionAuth = assertSessionAuth;
|
|
6
|
+
const errors_1 = require("./errors");
|
|
5
7
|
/**
|
|
6
8
|
* Prefixes for the authorization tokens we store in the database
|
|
7
9
|
*/
|
|
@@ -11,10 +13,14 @@ var AuthTokenPrefix;
|
|
|
11
13
|
AuthTokenPrefix["SERVICE_ACCOUNT"] = "ldsvc_";
|
|
12
14
|
AuthTokenPrefix["PERSONAL_ACCESS_TOKEN"] = "ldpat_";
|
|
13
15
|
})(AuthTokenPrefix || (exports.AuthTokenPrefix = AuthTokenPrefix = {}));
|
|
14
|
-
function
|
|
15
|
-
if (account
|
|
16
|
-
throw new
|
|
16
|
+
function assertEmbeddedAuth(account) {
|
|
17
|
+
if (account?.authentication.type !== 'jwt') {
|
|
18
|
+
throw new errors_1.ForbiddenError('Account is not an embedded account');
|
|
19
|
+
}
|
|
20
|
+
}
|
|
21
|
+
function assertSessionAuth(account) {
|
|
22
|
+
if (account?.authentication.type !== 'session') {
|
|
23
|
+
throw new errors_1.ForbiddenError('Account is not a session account');
|
|
17
24
|
}
|
|
18
|
-
return account.authentication;
|
|
19
25
|
}
|
|
20
26
|
//# sourceMappingURL=auth.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/types/auth.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/types/auth.ts"],"names":[],"mappings":";;;AA+GA,gDAMC;AAED,8CAMC;AAzHD,qCAA0C;AA0B1C;;GAEG;AACH,IAAY,eAIX;AAJD,WAAY,eAAe;IACvB,iCAAc,CAAA;IACd,6CAA0B,CAAA;IAC1B,mDAAgC,CAAA;AACpC,CAAC,EAJW,eAAe,+BAAf,eAAe,QAI1B;AA0ED,SAAgB,kBAAkB,CAC9B,OAA4B;IAE5B,IAAI,OAAO,EAAE,cAAc,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;QACzC,MAAM,IAAI,uBAAc,CAAC,oCAAoC,CAAC,CAAC;IACnE,CAAC;AACL,CAAC;AAED,SAAgB,iBAAiB,CAC7B,OAA4B;IAE5B,IAAI,OAAO,EAAE,cAAc,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC7C,MAAM,IAAI,uBAAc,CAAC,kCAAkC,CAAC,CAAC;IACjE,CAAC;AACL,CAAC"}
|
|
@@ -1,15 +1,11 @@
|
|
|
1
|
+
import { type ApiSuccess, type ApiSuccessEmpty } from './api/success';
|
|
2
|
+
import { type SlackSettings } from './slackSettings';
|
|
1
3
|
export type SlackChannel = {
|
|
2
4
|
id: string;
|
|
3
5
|
name: string;
|
|
4
6
|
};
|
|
5
|
-
export type ApiSlackChannelsResponse =
|
|
6
|
-
|
|
7
|
-
results: SlackChannel[] | undefined;
|
|
8
|
-
};
|
|
9
|
-
export type ApiSlackCustomSettingsResponse = {
|
|
10
|
-
status: 'ok';
|
|
11
|
-
results: void;
|
|
12
|
-
};
|
|
7
|
+
export type ApiSlackChannelsResponse = ApiSuccess<SlackChannel[] | undefined>;
|
|
8
|
+
export type ApiSlackCustomSettingsResponse = ApiSuccessEmpty;
|
|
13
9
|
export type SlackChannelProjectMapping = {
|
|
14
10
|
projectUuid: string;
|
|
15
11
|
slackChannelId: string;
|
|
@@ -21,4 +17,5 @@ export type SlackAppCustomSettings = {
|
|
|
21
17
|
slackChannelProjectMappings?: SlackChannelProjectMapping[];
|
|
22
18
|
aiThreadAccessConsent?: boolean;
|
|
23
19
|
};
|
|
20
|
+
export type ApiSlackGetInstallationResponse = ApiSuccess<SlackSettings | undefined>;
|
|
24
21
|
//# sourceMappingURL=slack.d.ts.map
|