@lightdash/common 0.1936.2 → 0.1937.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/authorization/index.d.ts +8 -4
- package/dist/cjs/authorization/index.d.ts.map +1 -1
- package/dist/cjs/authorization/index.js +26 -3
- package/dist/cjs/authorization/index.js.map +1 -1
- package/dist/cjs/authorization/index.mock.d.ts +2 -0
- package/dist/cjs/authorization/index.mock.d.ts.map +1 -1
- package/dist/cjs/authorization/index.mock.js +2 -0
- package/dist/cjs/authorization/index.mock.js.map +1 -1
- package/dist/cjs/authorization/organizationMemberAbility.mock.d.ts.map +1 -1
- package/dist/cjs/authorization/organizationMemberAbility.mock.js +1 -0
- package/dist/cjs/authorization/organizationMemberAbility.mock.js.map +1 -1
- package/dist/cjs/authorization/parseScopes.d.ts +3 -2
- package/dist/cjs/authorization/parseScopes.d.ts.map +1 -1
- package/dist/cjs/authorization/parseScopes.js +17 -8
- package/dist/cjs/authorization/parseScopes.js.map +1 -1
- package/dist/cjs/authorization/parseScopes.test.js +9 -14
- package/dist/cjs/authorization/parseScopes.test.js.map +1 -1
- package/dist/cjs/authorization/projectMemberAbility.mock.d.ts.map +1 -1
- package/dist/cjs/authorization/projectMemberAbility.mock.js +1 -0
- package/dist/cjs/authorization/projectMemberAbility.mock.js.map +1 -1
- package/dist/cjs/authorization/roleToScopeMapping.d.ts +19 -0
- package/dist/cjs/authorization/roleToScopeMapping.d.ts.map +1 -0
- package/dist/cjs/authorization/roleToScopeMapping.js +163 -0
- package/dist/cjs/authorization/roleToScopeMapping.js.map +1 -0
- package/dist/cjs/authorization/roleToScopeMapping.test.d.ts +2 -0
- package/dist/cjs/authorization/roleToScopeMapping.test.d.ts.map +1 -0
- package/dist/cjs/authorization/roleToScopeMapping.test.js +549 -0
- package/dist/cjs/authorization/roleToScopeMapping.test.js.map +1 -0
- package/dist/cjs/authorization/roleToScopeMapping.testUtils.d.ts +1393 -0
- package/dist/cjs/authorization/roleToScopeMapping.testUtils.d.ts.map +1 -0
- package/dist/cjs/authorization/roleToScopeMapping.testUtils.js +329 -0
- package/dist/cjs/authorization/roleToScopeMapping.testUtils.js.map +1 -0
- package/dist/cjs/authorization/scopeAbilityBuilder.d.ts +14 -8
- package/dist/cjs/authorization/scopeAbilityBuilder.d.ts.map +1 -1
- package/dist/cjs/authorization/scopeAbilityBuilder.js +7 -7
- package/dist/cjs/authorization/scopeAbilityBuilder.js.map +1 -1
- package/dist/cjs/authorization/scopeAbilityBuilder.test.js +258 -185
- package/dist/cjs/authorization/scopeAbilityBuilder.test.js.map +1 -1
- package/dist/cjs/authorization/scopes.d.ts.map +1 -1
- package/dist/cjs/authorization/scopes.js +132 -187
- package/dist/cjs/authorization/scopes.js.map +1 -1
- package/dist/cjs/ee/AiAgent/schemas/tools/index.d.ts +1 -0
- package/dist/cjs/ee/AiAgent/schemas/tools/index.d.ts.map +1 -1
- package/dist/cjs/ee/AiAgent/schemas/tools/index.js +1 -0
- package/dist/cjs/ee/AiAgent/schemas/tools/index.js.map +1 -1
- package/dist/cjs/ee/AiAgent/schemas/tools/toolSearchFieldValuesArgs.d.ts +2845 -0
- package/dist/cjs/ee/AiAgent/schemas/tools/toolSearchFieldValuesArgs.d.ts.map +1 -0
- package/dist/cjs/ee/AiAgent/schemas/tools/toolSearchFieldValuesArgs.js +41 -0
- package/dist/cjs/ee/AiAgent/schemas/tools/toolSearchFieldValuesArgs.js.map +1 -0
- package/dist/cjs/types/organizationMemberProfile.d.ts +1 -0
- package/dist/cjs/types/organizationMemberProfile.d.ts.map +1 -1
- package/dist/cjs/types/organizationMemberProfile.js.map +1 -1
- package/dist/cjs/types/projectMemberProfile.d.ts +1 -0
- package/dist/cjs/types/projectMemberProfile.d.ts.map +1 -1
- package/dist/cjs/types/scopes.d.ts +19 -9
- package/dist/cjs/types/scopes.d.ts.map +1 -1
- package/dist/cjs/types/search.d.ts +20 -0
- package/dist/cjs/types/search.d.ts.map +1 -1
- package/dist/cjs/types/search.js.map +1 -1
- package/dist/cjs/types/user.d.ts +1 -0
- package/dist/cjs/types/user.d.ts.map +1 -1
- package/dist/cjs/types/user.js.map +1 -1
- package/dist/esm/authorization/index.d.ts +8 -4
- package/dist/esm/authorization/index.d.ts.map +1 -1
- package/dist/esm/authorization/index.js +26 -3
- package/dist/esm/authorization/index.js.map +1 -1
- package/dist/esm/authorization/index.mock.d.ts +2 -0
- package/dist/esm/authorization/index.mock.d.ts.map +1 -1
- package/dist/esm/authorization/index.mock.js +2 -0
- package/dist/esm/authorization/index.mock.js.map +1 -1
- package/dist/esm/authorization/organizationMemberAbility.mock.d.ts.map +1 -1
- package/dist/esm/authorization/organizationMemberAbility.mock.js +1 -0
- package/dist/esm/authorization/organizationMemberAbility.mock.js.map +1 -1
- package/dist/esm/authorization/parseScopes.d.ts +3 -2
- package/dist/esm/authorization/parseScopes.d.ts.map +1 -1
- package/dist/esm/authorization/parseScopes.js +15 -7
- package/dist/esm/authorization/parseScopes.js.map +1 -1
- package/dist/esm/authorization/parseScopes.test.js +9 -14
- package/dist/esm/authorization/parseScopes.test.js.map +1 -1
- package/dist/esm/authorization/projectMemberAbility.mock.d.ts.map +1 -1
- package/dist/esm/authorization/projectMemberAbility.mock.js +1 -0
- package/dist/esm/authorization/projectMemberAbility.mock.js.map +1 -1
- package/dist/esm/authorization/roleToScopeMapping.d.ts +19 -0
- package/dist/esm/authorization/roleToScopeMapping.d.ts.map +1 -0
- package/dist/esm/authorization/roleToScopeMapping.js +157 -0
- package/dist/esm/authorization/roleToScopeMapping.js.map +1 -0
- package/dist/esm/authorization/roleToScopeMapping.test.d.ts +2 -0
- package/dist/esm/authorization/roleToScopeMapping.test.d.ts.map +1 -0
- package/dist/esm/authorization/roleToScopeMapping.test.js +547 -0
- package/dist/esm/authorization/roleToScopeMapping.test.js.map +1 -0
- package/dist/esm/authorization/roleToScopeMapping.testUtils.d.ts +1393 -0
- package/dist/esm/authorization/roleToScopeMapping.testUtils.d.ts.map +1 -0
- package/dist/esm/authorization/roleToScopeMapping.testUtils.js +319 -0
- package/dist/esm/authorization/roleToScopeMapping.testUtils.js.map +1 -0
- package/dist/esm/authorization/scopeAbilityBuilder.d.ts +14 -8
- package/dist/esm/authorization/scopeAbilityBuilder.d.ts.map +1 -1
- package/dist/esm/authorization/scopeAbilityBuilder.js +7 -7
- package/dist/esm/authorization/scopeAbilityBuilder.js.map +1 -1
- package/dist/esm/authorization/scopeAbilityBuilder.test.js +259 -186
- package/dist/esm/authorization/scopeAbilityBuilder.test.js.map +1 -1
- package/dist/esm/authorization/scopes.d.ts.map +1 -1
- package/dist/esm/authorization/scopes.js +132 -187
- package/dist/esm/authorization/scopes.js.map +1 -1
- package/dist/esm/ee/AiAgent/schemas/tools/index.d.ts +1 -0
- package/dist/esm/ee/AiAgent/schemas/tools/index.d.ts.map +1 -1
- package/dist/esm/ee/AiAgent/schemas/tools/index.js +1 -0
- package/dist/esm/ee/AiAgent/schemas/tools/index.js.map +1 -1
- package/dist/esm/ee/AiAgent/schemas/tools/toolSearchFieldValuesArgs.d.ts +2845 -0
- package/dist/esm/ee/AiAgent/schemas/tools/toolSearchFieldValuesArgs.d.ts.map +1 -0
- package/dist/esm/ee/AiAgent/schemas/tools/toolSearchFieldValuesArgs.js +38 -0
- package/dist/esm/ee/AiAgent/schemas/tools/toolSearchFieldValuesArgs.js.map +1 -0
- package/dist/esm/types/organizationMemberProfile.d.ts +1 -0
- package/dist/esm/types/organizationMemberProfile.d.ts.map +1 -1
- package/dist/esm/types/organizationMemberProfile.js.map +1 -1
- package/dist/esm/types/projectMemberProfile.d.ts +1 -0
- package/dist/esm/types/projectMemberProfile.d.ts.map +1 -1
- package/dist/esm/types/scopes.d.ts +19 -9
- package/dist/esm/types/scopes.d.ts.map +1 -1
- package/dist/esm/types/search.d.ts +20 -0
- package/dist/esm/types/search.d.ts.map +1 -1
- package/dist/esm/types/search.js.map +1 -1
- package/dist/esm/types/user.d.ts +1 -0
- package/dist/esm/types/user.d.ts.map +1 -1
- package/dist/esm/types/user.js.map +1 -1
- package/dist/tsconfig.types.tsbuildinfo +1 -1
- package/dist/types/authorization/index.d.ts +8 -4
- package/dist/types/authorization/index.d.ts.map +1 -1
- package/dist/types/authorization/index.mock.d.ts +2 -0
- package/dist/types/authorization/index.mock.d.ts.map +1 -1
- package/dist/types/authorization/organizationMemberAbility.mock.d.ts.map +1 -1
- package/dist/types/authorization/parseScopes.d.ts +3 -2
- package/dist/types/authorization/parseScopes.d.ts.map +1 -1
- package/dist/types/authorization/projectMemberAbility.mock.d.ts.map +1 -1
- package/dist/types/authorization/roleToScopeMapping.d.ts +19 -0
- package/dist/types/authorization/roleToScopeMapping.d.ts.map +1 -0
- package/dist/types/authorization/roleToScopeMapping.test.d.ts +2 -0
- package/dist/types/authorization/roleToScopeMapping.test.d.ts.map +1 -0
- package/dist/types/authorization/roleToScopeMapping.testUtils.d.ts +1393 -0
- package/dist/types/authorization/roleToScopeMapping.testUtils.d.ts.map +1 -0
- package/dist/types/authorization/scopeAbilityBuilder.d.ts +14 -8
- package/dist/types/authorization/scopeAbilityBuilder.d.ts.map +1 -1
- package/dist/types/authorization/scopes.d.ts.map +1 -1
- package/dist/types/ee/AiAgent/schemas/tools/index.d.ts +1 -0
- package/dist/types/ee/AiAgent/schemas/tools/index.d.ts.map +1 -1
- package/dist/types/ee/AiAgent/schemas/tools/toolSearchFieldValuesArgs.d.ts +2845 -0
- package/dist/types/ee/AiAgent/schemas/tools/toolSearchFieldValuesArgs.d.ts.map +1 -0
- package/dist/types/types/organizationMemberProfile.d.ts +1 -0
- package/dist/types/types/organizationMemberProfile.d.ts.map +1 -1
- package/dist/types/types/projectMemberProfile.d.ts +1 -0
- package/dist/types/types/projectMemberProfile.d.ts.map +1 -1
- package/dist/types/types/scopes.d.ts +19 -9
- package/dist/types/types/scopes.d.ts.map +1 -1
- package/dist/types/types/search.d.ts +20 -0
- package/dist/types/types/search.d.ts.map +1 -1
- package/dist/types/types/user.d.ts +1 -0
- package/dist/types/types/user.d.ts.map +1 -1
- package/package.json +1 -1
|
@@ -1,37 +1,39 @@
|
|
|
1
|
+
import { flow } from 'lodash';
|
|
1
2
|
import { ProjectType } from '../types/projects';
|
|
2
3
|
import { ScopeGroup, } from '../types/scopes';
|
|
3
4
|
import { SpaceMemberRole } from '../types/space';
|
|
5
|
+
/** Context can have either/or organizationUuid or projectUuid. Applies the one we have. */
|
|
6
|
+
const addUuidCondition = (context, modifiers) => {
|
|
7
|
+
const projectOrOrg = context.organizationUuid
|
|
8
|
+
? { organizationUuid: context.organizationUuid }
|
|
9
|
+
: { projectUuid: context.projectUuid };
|
|
10
|
+
return {
|
|
11
|
+
...projectOrOrg,
|
|
12
|
+
...modifiers,
|
|
13
|
+
};
|
|
14
|
+
};
|
|
15
|
+
/** Applies the UUID condition with Space access. */
|
|
4
16
|
const addAccessCondition = (context, role) => ({
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
17
|
+
...addUuidCondition(context),
|
|
18
|
+
access: {
|
|
19
|
+
$elemMatch: {
|
|
20
|
+
userUuid: context.userUuid || false,
|
|
21
|
+
...(role ? { role } : {}),
|
|
22
|
+
},
|
|
8
23
|
},
|
|
9
24
|
});
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
organizationUuid: context.organizationUuid,
|
|
13
|
-
},
|
|
14
|
-
];
|
|
25
|
+
/** Applies the UUID condition as the only condition for a scope. */
|
|
26
|
+
const addDefaultUuidCondition = flow(addUuidCondition, Array.of);
|
|
15
27
|
const scopes = [
|
|
16
28
|
{
|
|
17
29
|
name: 'view:Dashboard',
|
|
18
30
|
description: 'View dashboards',
|
|
19
31
|
isEnterprise: false,
|
|
20
32
|
group: ScopeGroup.CONTENT,
|
|
21
|
-
getConditions: (context) =>
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
organizationUuid: context.organizationUuid,
|
|
26
|
-
isPrivate: false,
|
|
27
|
-
},
|
|
28
|
-
];
|
|
29
|
-
conditions.push({
|
|
30
|
-
organizationUuid: context.organizationUuid,
|
|
31
|
-
access: addAccessCondition(context),
|
|
32
|
-
});
|
|
33
|
-
return conditions;
|
|
34
|
-
},
|
|
33
|
+
getConditions: (context) => [
|
|
34
|
+
addUuidCondition(context, { isPrivate: false }),
|
|
35
|
+
addAccessCondition(context),
|
|
36
|
+
],
|
|
35
37
|
},
|
|
36
38
|
{
|
|
37
39
|
name: 'manage:Dashboard',
|
|
@@ -39,19 +41,12 @@ const scopes = [
|
|
|
39
41
|
isEnterprise: false,
|
|
40
42
|
group: ScopeGroup.CONTENT,
|
|
41
43
|
getConditions: (context) => {
|
|
42
|
-
const { organizationUuid } = context;
|
|
43
44
|
if (context.scopes.has('manage:Organization')) {
|
|
44
|
-
return
|
|
45
|
+
return addDefaultUuidCondition(context);
|
|
45
46
|
}
|
|
46
47
|
return [
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
access: addAccessCondition(context, SpaceMemberRole.EDITOR),
|
|
50
|
-
},
|
|
51
|
-
{
|
|
52
|
-
organizationUuid,
|
|
53
|
-
access: addAccessCondition(context, SpaceMemberRole.ADMIN),
|
|
54
|
-
},
|
|
48
|
+
addAccessCondition(context, SpaceMemberRole.EDITOR),
|
|
49
|
+
addAccessCondition(context, SpaceMemberRole.ADMIN),
|
|
55
50
|
];
|
|
56
51
|
},
|
|
57
52
|
},
|
|
@@ -60,23 +55,10 @@ const scopes = [
|
|
|
60
55
|
description: 'View saved charts',
|
|
61
56
|
isEnterprise: false,
|
|
62
57
|
group: ScopeGroup.CONTENT,
|
|
63
|
-
getConditions: (context) =>
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
organizationUuid: context.organizationUuid,
|
|
68
|
-
projectUuid: context.projectUuid,
|
|
69
|
-
isPrivate: false,
|
|
70
|
-
},
|
|
71
|
-
];
|
|
72
|
-
// User's accessible saved charts via space access
|
|
73
|
-
conditions.push({
|
|
74
|
-
organizationUuid: context.organizationUuid,
|
|
75
|
-
projectUuid: context.projectUuid,
|
|
76
|
-
access: addAccessCondition(context),
|
|
77
|
-
});
|
|
78
|
-
return conditions;
|
|
79
|
-
},
|
|
58
|
+
getConditions: (context) => [
|
|
59
|
+
addUuidCondition(context, { isPrivate: false }),
|
|
60
|
+
addAccessCondition(context),
|
|
61
|
+
],
|
|
80
62
|
},
|
|
81
63
|
{
|
|
82
64
|
name: 'manage:SavedChart',
|
|
@@ -84,19 +66,12 @@ const scopes = [
|
|
|
84
66
|
isEnterprise: false,
|
|
85
67
|
group: ScopeGroup.CONTENT,
|
|
86
68
|
getConditions: (context) => {
|
|
87
|
-
const { organizationUuid } = context;
|
|
88
69
|
if (context.scopes.has('manage:Organization')) {
|
|
89
|
-
return
|
|
70
|
+
return addDefaultUuidCondition(context);
|
|
90
71
|
}
|
|
91
72
|
return [
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
access: addAccessCondition(context, SpaceMemberRole.EDITOR),
|
|
95
|
-
},
|
|
96
|
-
{
|
|
97
|
-
organizationUuid,
|
|
98
|
-
access: addAccessCondition(context, SpaceMemberRole.ADMIN),
|
|
99
|
-
},
|
|
73
|
+
addAccessCondition(context, SpaceMemberRole.EDITOR),
|
|
74
|
+
addAccessCondition(context, SpaceMemberRole.ADMIN),
|
|
100
75
|
];
|
|
101
76
|
},
|
|
102
77
|
},
|
|
@@ -105,110 +80,91 @@ const scopes = [
|
|
|
105
80
|
description: 'View spaces',
|
|
106
81
|
isEnterprise: false,
|
|
107
82
|
group: ScopeGroup.CONTENT,
|
|
108
|
-
getConditions: (context) =>
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
organizationUuid: context.organizationUuid,
|
|
113
|
-
projectUuid: context.projectUuid,
|
|
114
|
-
isPrivate: false,
|
|
115
|
-
},
|
|
116
|
-
];
|
|
117
|
-
// User's accessible spaces
|
|
118
|
-
conditions.push({
|
|
119
|
-
organizationUuid: context.organizationUuid,
|
|
120
|
-
projectUuid: context.projectUuid,
|
|
121
|
-
access: addAccessCondition(context),
|
|
122
|
-
});
|
|
123
|
-
return conditions;
|
|
124
|
-
},
|
|
83
|
+
getConditions: (context) => [
|
|
84
|
+
addUuidCondition(context, { isPrivate: false }),
|
|
85
|
+
addAccessCondition(context),
|
|
86
|
+
],
|
|
125
87
|
},
|
|
126
88
|
{
|
|
127
89
|
name: 'create:Space',
|
|
128
90
|
description: 'Create new spaces',
|
|
129
91
|
isEnterprise: false,
|
|
130
92
|
group: ScopeGroup.CONTENT,
|
|
131
|
-
getConditions:
|
|
93
|
+
getConditions: addDefaultUuidCondition,
|
|
132
94
|
},
|
|
133
95
|
{
|
|
134
96
|
name: 'manage:Space',
|
|
135
|
-
description: '
|
|
97
|
+
description: 'Create, edit, and delete all spaces',
|
|
136
98
|
isEnterprise: false,
|
|
137
99
|
group: ScopeGroup.CONTENT,
|
|
138
|
-
getConditions:
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
return conditions;
|
|
158
|
-
},
|
|
100
|
+
getConditions: addDefaultUuidCondition,
|
|
101
|
+
},
|
|
102
|
+
{
|
|
103
|
+
name: 'manage:Space@public',
|
|
104
|
+
description: 'Create, edit, and delete public spaces',
|
|
105
|
+
isEnterprise: false,
|
|
106
|
+
group: ScopeGroup.CONTENT,
|
|
107
|
+
getConditions: (context) => [
|
|
108
|
+
addUuidCondition(context, { isPrivate: false }),
|
|
109
|
+
],
|
|
110
|
+
},
|
|
111
|
+
{
|
|
112
|
+
name: 'manage:Space@assigned',
|
|
113
|
+
description: 'Create, edit, and delete spaces owned by the user',
|
|
114
|
+
isEnterprise: false,
|
|
115
|
+
group: ScopeGroup.CONTENT,
|
|
116
|
+
getConditions: (context) => [
|
|
117
|
+
addAccessCondition(context, SpaceMemberRole.ADMIN),
|
|
118
|
+
],
|
|
159
119
|
},
|
|
160
120
|
{
|
|
161
121
|
name: 'view:DashboardComments',
|
|
162
122
|
description: 'View dashboard comments',
|
|
163
123
|
isEnterprise: false,
|
|
164
124
|
group: ScopeGroup.CONTENT,
|
|
165
|
-
getConditions:
|
|
125
|
+
getConditions: addDefaultUuidCondition,
|
|
166
126
|
},
|
|
167
127
|
{
|
|
168
128
|
name: 'create:DashboardComments',
|
|
169
129
|
description: 'Create dashboard comments',
|
|
170
130
|
isEnterprise: false,
|
|
171
131
|
group: ScopeGroup.CONTENT,
|
|
172
|
-
getConditions:
|
|
132
|
+
getConditions: addDefaultUuidCondition,
|
|
173
133
|
},
|
|
174
134
|
{
|
|
175
135
|
name: 'manage:DashboardComments',
|
|
176
136
|
description: 'Edit and delete dashboard comments',
|
|
177
137
|
isEnterprise: false,
|
|
178
138
|
group: ScopeGroup.CONTENT,
|
|
179
|
-
getConditions:
|
|
139
|
+
getConditions: addDefaultUuidCondition,
|
|
180
140
|
},
|
|
181
141
|
{
|
|
182
142
|
name: 'view:Tags',
|
|
183
143
|
description: 'View tags',
|
|
184
144
|
isEnterprise: false,
|
|
185
145
|
group: ScopeGroup.CONTENT,
|
|
186
|
-
getConditions:
|
|
187
|
-
{
|
|
188
|
-
organizationUuid: context.organizationUuid,
|
|
189
|
-
},
|
|
190
|
-
],
|
|
146
|
+
getConditions: addDefaultUuidCondition,
|
|
191
147
|
},
|
|
192
148
|
{
|
|
193
149
|
name: 'manage:Tags',
|
|
194
150
|
description: 'Create, edit, and delete tags',
|
|
195
151
|
isEnterprise: false,
|
|
196
152
|
group: ScopeGroup.CONTENT,
|
|
197
|
-
getConditions:
|
|
153
|
+
getConditions: addDefaultUuidCondition,
|
|
198
154
|
},
|
|
199
155
|
{
|
|
200
156
|
name: 'view:PinnedItems',
|
|
201
157
|
description: 'View pinned items',
|
|
202
158
|
isEnterprise: false,
|
|
203
159
|
group: ScopeGroup.CONTENT,
|
|
204
|
-
getConditions:
|
|
160
|
+
getConditions: addDefaultUuidCondition,
|
|
205
161
|
},
|
|
206
162
|
{
|
|
207
163
|
name: 'manage:PinnedItems',
|
|
208
164
|
description: 'Pin and unpin items',
|
|
209
165
|
isEnterprise: false,
|
|
210
166
|
group: ScopeGroup.CONTENT,
|
|
211
|
-
getConditions:
|
|
167
|
+
getConditions: addDefaultUuidCondition,
|
|
212
168
|
},
|
|
213
169
|
{
|
|
214
170
|
name: 'promote:SavedChart',
|
|
@@ -217,19 +173,9 @@ const scopes = [
|
|
|
217
173
|
group: ScopeGroup.CONTENT,
|
|
218
174
|
getConditions: (context) => {
|
|
219
175
|
if (context.scopes.has('manage:Organization')) {
|
|
220
|
-
return
|
|
221
|
-
{
|
|
222
|
-
organizationUuid: context.organizationUuid,
|
|
223
|
-
},
|
|
224
|
-
];
|
|
176
|
+
return addDefaultUuidCondition(context);
|
|
225
177
|
}
|
|
226
|
-
return [
|
|
227
|
-
{
|
|
228
|
-
organizationUuid: context.organizationUuid,
|
|
229
|
-
projectUuid: context.projectUuid,
|
|
230
|
-
access: addAccessCondition(context, SpaceMemberRole.EDITOR),
|
|
231
|
-
},
|
|
232
|
-
];
|
|
178
|
+
return [addAccessCondition(context, SpaceMemberRole.EDITOR)];
|
|
233
179
|
},
|
|
234
180
|
},
|
|
235
181
|
{
|
|
@@ -239,19 +185,9 @@ const scopes = [
|
|
|
239
185
|
group: ScopeGroup.CONTENT,
|
|
240
186
|
getConditions: (context) => {
|
|
241
187
|
if (context.scopes.has('manage:Organization')) {
|
|
242
|
-
return
|
|
243
|
-
{
|
|
244
|
-
organizationUuid: context.organizationUuid,
|
|
245
|
-
},
|
|
246
|
-
];
|
|
188
|
+
return addDefaultUuidCondition(context);
|
|
247
189
|
}
|
|
248
|
-
return [
|
|
249
|
-
{
|
|
250
|
-
organizationUuid: context.organizationUuid,
|
|
251
|
-
projectUuid: context.projectUuid,
|
|
252
|
-
access: addAccessCondition(context, SpaceMemberRole.EDITOR),
|
|
253
|
-
},
|
|
254
|
-
];
|
|
190
|
+
return [addAccessCondition(context, SpaceMemberRole.EDITOR)];
|
|
255
191
|
},
|
|
256
192
|
},
|
|
257
193
|
// Project Management Scopes
|
|
@@ -260,7 +196,7 @@ const scopes = [
|
|
|
260
196
|
description: 'View project details',
|
|
261
197
|
isEnterprise: false,
|
|
262
198
|
group: ScopeGroup.PROJECT_MANAGEMENT,
|
|
263
|
-
getConditions:
|
|
199
|
+
getConditions: addDefaultUuidCondition,
|
|
264
200
|
},
|
|
265
201
|
{
|
|
266
202
|
name: 'create:Project',
|
|
@@ -271,7 +207,7 @@ const scopes = [
|
|
|
271
207
|
// Allow creating preview projects by default
|
|
272
208
|
[
|
|
273
209
|
{
|
|
274
|
-
|
|
210
|
+
...addUuidCondition(context),
|
|
275
211
|
type: ProjectType.PREVIEW,
|
|
276
212
|
},
|
|
277
213
|
],
|
|
@@ -281,7 +217,7 @@ const scopes = [
|
|
|
281
217
|
description: 'Update project settings',
|
|
282
218
|
isEnterprise: false,
|
|
283
219
|
group: ScopeGroup.PROJECT_MANAGEMENT,
|
|
284
|
-
getConditions:
|
|
220
|
+
getConditions: addDefaultUuidCondition,
|
|
285
221
|
},
|
|
286
222
|
{
|
|
287
223
|
name: 'delete:Project',
|
|
@@ -290,69 +226,77 @@ const scopes = [
|
|
|
290
226
|
group: ScopeGroup.PROJECT_MANAGEMENT,
|
|
291
227
|
getConditions: (context) => {
|
|
292
228
|
if (context.projectUuid) {
|
|
293
|
-
return [
|
|
294
|
-
{
|
|
295
|
-
projectUuid: context.projectUuid,
|
|
296
|
-
},
|
|
297
|
-
];
|
|
229
|
+
return [{}];
|
|
298
230
|
}
|
|
299
231
|
// Can delete preview projects in organization
|
|
300
232
|
return [
|
|
301
233
|
{
|
|
302
|
-
|
|
234
|
+
...addUuidCondition(context),
|
|
303
235
|
type: ProjectType.PREVIEW,
|
|
304
236
|
},
|
|
305
237
|
];
|
|
306
238
|
},
|
|
307
239
|
},
|
|
240
|
+
{
|
|
241
|
+
name: 'delete:Project@self',
|
|
242
|
+
description: 'Delete projects created by the user',
|
|
243
|
+
isEnterprise: false,
|
|
244
|
+
group: ScopeGroup.PROJECT_MANAGEMENT,
|
|
245
|
+
getConditions: (context) => [
|
|
246
|
+
{
|
|
247
|
+
createdByUserUuid: context.userUuid || false,
|
|
248
|
+
type: ProjectType.PREVIEW,
|
|
249
|
+
},
|
|
250
|
+
],
|
|
251
|
+
},
|
|
308
252
|
{
|
|
309
253
|
name: 'manage:Project',
|
|
310
254
|
description: 'Full project management permissions',
|
|
311
255
|
isEnterprise: false,
|
|
312
256
|
group: ScopeGroup.PROJECT_MANAGEMENT,
|
|
313
|
-
getConditions:
|
|
257
|
+
getConditions: addDefaultUuidCondition,
|
|
314
258
|
},
|
|
315
259
|
{
|
|
316
260
|
name: 'manage:CompileProject',
|
|
317
261
|
description: 'Compile and refresh dbt projects',
|
|
318
262
|
isEnterprise: false,
|
|
319
263
|
group: ScopeGroup.PROJECT_MANAGEMENT,
|
|
320
|
-
getConditions:
|
|
264
|
+
getConditions: addDefaultUuidCondition,
|
|
321
265
|
},
|
|
322
266
|
{
|
|
323
267
|
name: 'manage:Validation',
|
|
324
268
|
description: 'Manage data validation rules',
|
|
325
269
|
isEnterprise: false,
|
|
326
270
|
group: ScopeGroup.PROJECT_MANAGEMENT,
|
|
327
|
-
getConditions:
|
|
271
|
+
getConditions: addDefaultUuidCondition,
|
|
328
272
|
},
|
|
329
273
|
{
|
|
330
274
|
name: 'create:ScheduledDeliveries',
|
|
331
275
|
description: 'Create scheduled deliveries',
|
|
332
276
|
isEnterprise: false,
|
|
333
277
|
group: ScopeGroup.PROJECT_MANAGEMENT,
|
|
334
|
-
getConditions:
|
|
278
|
+
getConditions: addDefaultUuidCondition,
|
|
335
279
|
},
|
|
336
280
|
{
|
|
337
281
|
name: 'manage:ScheduledDeliveries',
|
|
338
282
|
description: 'Manage scheduled deliveries',
|
|
339
283
|
isEnterprise: false,
|
|
340
284
|
group: ScopeGroup.PROJECT_MANAGEMENT,
|
|
341
|
-
getConditions:
|
|
285
|
+
getConditions: addDefaultUuidCondition,
|
|
342
286
|
},
|
|
343
287
|
{
|
|
344
288
|
name: 'manage:GoogleSheets',
|
|
345
289
|
description: 'Manage google sheets',
|
|
346
290
|
isEnterprise: false,
|
|
347
291
|
group: ScopeGroup.PROJECT_MANAGEMENT,
|
|
348
|
-
getConditions:
|
|
292
|
+
getConditions: addDefaultUuidCondition,
|
|
349
293
|
},
|
|
350
294
|
{
|
|
351
295
|
name: 'view:Analytics',
|
|
352
296
|
description: 'View usage analytics',
|
|
353
297
|
isEnterprise: false,
|
|
354
298
|
group: ScopeGroup.PROJECT_MANAGEMENT,
|
|
355
|
-
getConditions:
|
|
299
|
+
getConditions: addDefaultUuidCondition,
|
|
356
300
|
},
|
|
357
301
|
{
|
|
358
302
|
name: 'create:Job',
|
|
@@ -382,7 +326,7 @@ const scopes = [
|
|
|
382
326
|
group: ScopeGroup.PROJECT_MANAGEMENT,
|
|
383
327
|
getConditions: (context) => {
|
|
384
328
|
if (context.scopes.has('manage:Organization')) {
|
|
385
|
-
return
|
|
329
|
+
return addDefaultUuidCondition(context);
|
|
386
330
|
}
|
|
387
331
|
return [
|
|
388
332
|
{
|
|
@@ -391,62 +335,69 @@ const scopes = [
|
|
|
391
335
|
];
|
|
392
336
|
},
|
|
393
337
|
},
|
|
338
|
+
{
|
|
339
|
+
name: 'manage:Validation',
|
|
340
|
+
description: 'Manage data validation rules',
|
|
341
|
+
isEnterprise: false,
|
|
342
|
+
group: ScopeGroup.PROJECT_MANAGEMENT,
|
|
343
|
+
getConditions: addDefaultUuidCondition,
|
|
344
|
+
},
|
|
394
345
|
// Organization Management Scopes
|
|
395
346
|
{
|
|
396
347
|
name: 'view:Organization',
|
|
397
348
|
description: 'View organization details',
|
|
398
349
|
isEnterprise: false,
|
|
399
350
|
group: ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
400
|
-
getConditions:
|
|
351
|
+
getConditions: addDefaultUuidCondition,
|
|
401
352
|
},
|
|
402
353
|
{
|
|
403
354
|
name: 'manage:Organization',
|
|
404
355
|
description: 'Manage organization settings',
|
|
405
356
|
isEnterprise: false,
|
|
406
357
|
group: ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
407
|
-
getConditions:
|
|
358
|
+
getConditions: addDefaultUuidCondition,
|
|
408
359
|
},
|
|
409
360
|
{
|
|
410
361
|
name: 'view:OrganizationMemberProfile',
|
|
411
362
|
description: 'View organization member profiles',
|
|
412
363
|
isEnterprise: false,
|
|
413
364
|
group: ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
414
|
-
getConditions:
|
|
365
|
+
getConditions: addDefaultUuidCondition,
|
|
415
366
|
},
|
|
416
367
|
{
|
|
417
368
|
name: 'manage:OrganizationMemberProfile',
|
|
418
369
|
description: 'Manage organization member profiles and roles',
|
|
419
370
|
isEnterprise: false,
|
|
420
371
|
group: ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
421
|
-
getConditions:
|
|
372
|
+
getConditions: addDefaultUuidCondition,
|
|
422
373
|
},
|
|
423
374
|
{
|
|
424
375
|
name: 'manage:InviteLink',
|
|
425
376
|
description: 'Create and manage invite links',
|
|
426
377
|
isEnterprise: false,
|
|
427
378
|
group: ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
428
|
-
getConditions:
|
|
379
|
+
getConditions: addDefaultUuidCondition,
|
|
429
380
|
},
|
|
430
381
|
{
|
|
431
382
|
name: 'manage:Group',
|
|
432
383
|
description: 'Manage user groups',
|
|
433
384
|
isEnterprise: false,
|
|
434
385
|
group: ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
435
|
-
getConditions:
|
|
386
|
+
getConditions: addDefaultUuidCondition,
|
|
436
387
|
},
|
|
437
388
|
{
|
|
438
389
|
name: 'manage:ContentAsCode',
|
|
439
390
|
description: 'Manage content as code features',
|
|
440
391
|
isEnterprise: true,
|
|
441
392
|
group: ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
442
|
-
getConditions:
|
|
393
|
+
getConditions: addDefaultUuidCondition,
|
|
443
394
|
},
|
|
444
395
|
{
|
|
445
396
|
name: 'manage:PersonalAccessToken',
|
|
446
397
|
description: 'Create and manage personal access tokens',
|
|
447
398
|
isEnterprise: true,
|
|
448
399
|
group: ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
449
|
-
getConditions:
|
|
400
|
+
getConditions: addDefaultUuidCondition,
|
|
450
401
|
},
|
|
451
402
|
// Data Scopes
|
|
452
403
|
{
|
|
@@ -454,14 +405,14 @@ const scopes = [
|
|
|
454
405
|
description: 'View underlying data in charts',
|
|
455
406
|
isEnterprise: false,
|
|
456
407
|
group: ScopeGroup.DATA,
|
|
457
|
-
getConditions:
|
|
408
|
+
getConditions: addDefaultUuidCondition,
|
|
458
409
|
},
|
|
459
410
|
{
|
|
460
411
|
name: 'view:SemanticViewer',
|
|
461
412
|
description: 'View data in semantic viewer',
|
|
462
413
|
isEnterprise: false,
|
|
463
414
|
group: ScopeGroup.DATA,
|
|
464
|
-
getConditions:
|
|
415
|
+
getConditions: addDefaultUuidCondition,
|
|
465
416
|
},
|
|
466
417
|
{
|
|
467
418
|
name: 'manage:SemanticViewer',
|
|
@@ -470,14 +421,9 @@ const scopes = [
|
|
|
470
421
|
group: ScopeGroup.DATA,
|
|
471
422
|
getConditions: (context) => {
|
|
472
423
|
if (context.scopes.has('manage:Organization')) {
|
|
473
|
-
return
|
|
424
|
+
return addDefaultUuidCondition(context);
|
|
474
425
|
}
|
|
475
|
-
return [
|
|
476
|
-
{
|
|
477
|
-
organizationUuid: context.organizationUuid,
|
|
478
|
-
access: addAccessCondition(context, SpaceMemberRole.EDITOR),
|
|
479
|
-
},
|
|
480
|
-
];
|
|
426
|
+
return [addAccessCondition(context, SpaceMemberRole.EDITOR)];
|
|
481
427
|
},
|
|
482
428
|
},
|
|
483
429
|
{
|
|
@@ -485,56 +431,56 @@ const scopes = [
|
|
|
485
431
|
description: 'Explore and query data',
|
|
486
432
|
isEnterprise: false,
|
|
487
433
|
group: ScopeGroup.DATA,
|
|
488
|
-
getConditions:
|
|
434
|
+
getConditions: addDefaultUuidCondition,
|
|
489
435
|
},
|
|
490
436
|
{
|
|
491
437
|
name: 'manage:SqlRunner',
|
|
492
438
|
description: 'Run SQL queries directly',
|
|
493
439
|
isEnterprise: false,
|
|
494
440
|
group: ScopeGroup.DATA,
|
|
495
|
-
getConditions:
|
|
441
|
+
getConditions: addDefaultUuidCondition,
|
|
496
442
|
},
|
|
497
443
|
{
|
|
498
444
|
name: 'manage:CustomSql',
|
|
499
445
|
description: 'Create custom SQL queries',
|
|
500
446
|
isEnterprise: false,
|
|
501
447
|
group: ScopeGroup.DATA,
|
|
502
|
-
getConditions:
|
|
448
|
+
getConditions: addDefaultUuidCondition,
|
|
503
449
|
},
|
|
504
450
|
{
|
|
505
451
|
name: 'create:VirtualView',
|
|
506
452
|
description: 'Create virtual views',
|
|
507
453
|
isEnterprise: false,
|
|
508
454
|
group: ScopeGroup.DATA,
|
|
509
|
-
getConditions:
|
|
455
|
+
getConditions: addDefaultUuidCondition,
|
|
510
456
|
},
|
|
511
457
|
{
|
|
512
458
|
name: 'delete:VirtualView',
|
|
513
459
|
description: 'Delete virtual views',
|
|
514
460
|
isEnterprise: false,
|
|
515
461
|
group: ScopeGroup.DATA,
|
|
516
|
-
getConditions:
|
|
462
|
+
getConditions: addDefaultUuidCondition,
|
|
517
463
|
},
|
|
518
464
|
{
|
|
519
465
|
name: 'manage:VirtualView',
|
|
520
466
|
description: 'Create and manage virtual views',
|
|
521
467
|
isEnterprise: false,
|
|
522
468
|
group: ScopeGroup.DATA,
|
|
523
|
-
getConditions:
|
|
469
|
+
getConditions: addDefaultUuidCondition,
|
|
524
470
|
},
|
|
525
471
|
{
|
|
526
472
|
name: 'manage:ExportCsv',
|
|
527
473
|
description: 'Export data to CSV',
|
|
528
474
|
isEnterprise: false,
|
|
529
475
|
group: ScopeGroup.DATA,
|
|
530
|
-
getConditions:
|
|
476
|
+
getConditions: addDefaultUuidCondition,
|
|
531
477
|
},
|
|
532
478
|
{
|
|
533
479
|
name: 'manage:ChangeCsvResults',
|
|
534
480
|
description: 'Modify CSV export results',
|
|
535
481
|
isEnterprise: false,
|
|
536
482
|
group: ScopeGroup.DATA,
|
|
537
|
-
getConditions:
|
|
483
|
+
getConditions: addDefaultUuidCondition,
|
|
538
484
|
},
|
|
539
485
|
// Sharing Scopes
|
|
540
486
|
{
|
|
@@ -564,14 +510,14 @@ const scopes = [
|
|
|
564
510
|
description: 'View AI agent features',
|
|
565
511
|
isEnterprise: true,
|
|
566
512
|
group: ScopeGroup.AI,
|
|
567
|
-
getConditions:
|
|
513
|
+
getConditions: addDefaultUuidCondition,
|
|
568
514
|
},
|
|
569
515
|
{
|
|
570
516
|
name: 'manage:AiAgent',
|
|
571
517
|
description: 'Configure AI agent settings',
|
|
572
518
|
isEnterprise: true,
|
|
573
519
|
group: ScopeGroup.AI,
|
|
574
|
-
getConditions:
|
|
520
|
+
getConditions: addDefaultUuidCondition,
|
|
575
521
|
},
|
|
576
522
|
{
|
|
577
523
|
name: 'view:AiAgentThread',
|
|
@@ -582,9 +528,8 @@ const scopes = [
|
|
|
582
528
|
// View user's own AI agent threads
|
|
583
529
|
[
|
|
584
530
|
{
|
|
585
|
-
|
|
586
|
-
|
|
587
|
-
...(context.userUuid && { userUuid: context.userUuid }),
|
|
531
|
+
...addUuidCondition(context),
|
|
532
|
+
userUuid: context.userUuid || false,
|
|
588
533
|
},
|
|
589
534
|
],
|
|
590
535
|
},
|
|
@@ -593,7 +538,7 @@ const scopes = [
|
|
|
593
538
|
description: 'Start new AI agent conversations',
|
|
594
539
|
isEnterprise: true,
|
|
595
540
|
group: ScopeGroup.AI,
|
|
596
|
-
getConditions:
|
|
541
|
+
getConditions: addDefaultUuidCondition,
|
|
597
542
|
},
|
|
598
543
|
{
|
|
599
544
|
name: 'manage:AiAgentThread',
|
|
@@ -602,7 +547,7 @@ const scopes = [
|
|
|
602
547
|
group: ScopeGroup.AI,
|
|
603
548
|
getConditions: (context) => {
|
|
604
549
|
if (context.scopes.has('manage:Organization')) {
|
|
605
|
-
return
|
|
550
|
+
return addDefaultUuidCondition(context);
|
|
606
551
|
}
|
|
607
552
|
// Manage user's own AI agent threads
|
|
608
553
|
return [{ userUuid: context.userUuid || false }];
|
|
@@ -614,28 +559,28 @@ const scopes = [
|
|
|
614
559
|
description: 'Configure spotlight table settings',
|
|
615
560
|
isEnterprise: true,
|
|
616
561
|
group: ScopeGroup.SPOTLIGHT,
|
|
617
|
-
getConditions:
|
|
562
|
+
getConditions: addDefaultUuidCondition,
|
|
618
563
|
},
|
|
619
564
|
{
|
|
620
565
|
name: 'view:SpotlightTableConfig',
|
|
621
566
|
description: 'View spotlight table configuration',
|
|
622
567
|
isEnterprise: true,
|
|
623
568
|
group: ScopeGroup.SPOTLIGHT,
|
|
624
|
-
getConditions:
|
|
569
|
+
getConditions: addDefaultUuidCondition,
|
|
625
570
|
},
|
|
626
571
|
{
|
|
627
572
|
name: 'view:MetricsTree',
|
|
628
573
|
description: 'View metrics tree',
|
|
629
574
|
isEnterprise: true,
|
|
630
575
|
group: ScopeGroup.SPOTLIGHT,
|
|
631
|
-
getConditions:
|
|
576
|
+
getConditions: addDefaultUuidCondition,
|
|
632
577
|
},
|
|
633
578
|
{
|
|
634
579
|
name: 'manage:MetricsTree',
|
|
635
580
|
description: 'Manage metrics tree configuration',
|
|
636
581
|
isEnterprise: true,
|
|
637
582
|
group: ScopeGroup.SPOTLIGHT,
|
|
638
|
-
getConditions:
|
|
583
|
+
getConditions: addDefaultUuidCondition,
|
|
639
584
|
},
|
|
640
585
|
];
|
|
641
586
|
const getNonEnterpriseScopes = () => scopes.filter((scope) => !scope.isEnterprise);
|