@lightdash/common 0.1937.0 → 0.1937.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/authorization/index.d.ts +8 -4
- package/dist/cjs/authorization/index.d.ts.map +1 -1
- package/dist/cjs/authorization/index.js +26 -3
- package/dist/cjs/authorization/index.js.map +1 -1
- package/dist/cjs/authorization/index.mock.d.ts +2 -0
- package/dist/cjs/authorization/index.mock.d.ts.map +1 -1
- package/dist/cjs/authorization/index.mock.js +2 -0
- package/dist/cjs/authorization/index.mock.js.map +1 -1
- package/dist/cjs/authorization/organizationMemberAbility.mock.d.ts.map +1 -1
- package/dist/cjs/authorization/organizationMemberAbility.mock.js +1 -0
- package/dist/cjs/authorization/organizationMemberAbility.mock.js.map +1 -1
- package/dist/cjs/authorization/parseScopes.d.ts +3 -2
- package/dist/cjs/authorization/parseScopes.d.ts.map +1 -1
- package/dist/cjs/authorization/parseScopes.js +17 -8
- package/dist/cjs/authorization/parseScopes.js.map +1 -1
- package/dist/cjs/authorization/parseScopes.test.js +9 -14
- package/dist/cjs/authorization/parseScopes.test.js.map +1 -1
- package/dist/cjs/authorization/projectMemberAbility.mock.d.ts.map +1 -1
- package/dist/cjs/authorization/projectMemberAbility.mock.js +1 -0
- package/dist/cjs/authorization/projectMemberAbility.mock.js.map +1 -1
- package/dist/cjs/authorization/roleToScopeMapping.d.ts +19 -0
- package/dist/cjs/authorization/roleToScopeMapping.d.ts.map +1 -0
- package/dist/cjs/authorization/roleToScopeMapping.js +163 -0
- package/dist/cjs/authorization/roleToScopeMapping.js.map +1 -0
- package/dist/cjs/authorization/roleToScopeMapping.test.d.ts +2 -0
- package/dist/cjs/authorization/roleToScopeMapping.test.d.ts.map +1 -0
- package/dist/cjs/authorization/roleToScopeMapping.test.js +549 -0
- package/dist/cjs/authorization/roleToScopeMapping.test.js.map +1 -0
- package/dist/cjs/authorization/roleToScopeMapping.testUtils.d.ts +1393 -0
- package/dist/cjs/authorization/roleToScopeMapping.testUtils.d.ts.map +1 -0
- package/dist/cjs/authorization/roleToScopeMapping.testUtils.js +329 -0
- package/dist/cjs/authorization/roleToScopeMapping.testUtils.js.map +1 -0
- package/dist/cjs/authorization/scopeAbilityBuilder.d.ts +14 -8
- package/dist/cjs/authorization/scopeAbilityBuilder.d.ts.map +1 -1
- package/dist/cjs/authorization/scopeAbilityBuilder.js +7 -7
- package/dist/cjs/authorization/scopeAbilityBuilder.js.map +1 -1
- package/dist/cjs/authorization/scopeAbilityBuilder.test.js +258 -185
- package/dist/cjs/authorization/scopeAbilityBuilder.test.js.map +1 -1
- package/dist/cjs/authorization/scopes.d.ts.map +1 -1
- package/dist/cjs/authorization/scopes.js +132 -187
- package/dist/cjs/authorization/scopes.js.map +1 -1
- package/dist/cjs/types/organizationMemberProfile.d.ts +1 -0
- package/dist/cjs/types/organizationMemberProfile.d.ts.map +1 -1
- package/dist/cjs/types/organizationMemberProfile.js.map +1 -1
- package/dist/cjs/types/projectMemberProfile.d.ts +1 -0
- package/dist/cjs/types/projectMemberProfile.d.ts.map +1 -1
- package/dist/cjs/types/scopes.d.ts +19 -9
- package/dist/cjs/types/scopes.d.ts.map +1 -1
- package/dist/cjs/types/user.d.ts +1 -0
- package/dist/cjs/types/user.d.ts.map +1 -1
- package/dist/cjs/types/user.js.map +1 -1
- package/dist/esm/authorization/index.d.ts +8 -4
- package/dist/esm/authorization/index.d.ts.map +1 -1
- package/dist/esm/authorization/index.js +26 -3
- package/dist/esm/authorization/index.js.map +1 -1
- package/dist/esm/authorization/index.mock.d.ts +2 -0
- package/dist/esm/authorization/index.mock.d.ts.map +1 -1
- package/dist/esm/authorization/index.mock.js +2 -0
- package/dist/esm/authorization/index.mock.js.map +1 -1
- package/dist/esm/authorization/organizationMemberAbility.mock.d.ts.map +1 -1
- package/dist/esm/authorization/organizationMemberAbility.mock.js +1 -0
- package/dist/esm/authorization/organizationMemberAbility.mock.js.map +1 -1
- package/dist/esm/authorization/parseScopes.d.ts +3 -2
- package/dist/esm/authorization/parseScopes.d.ts.map +1 -1
- package/dist/esm/authorization/parseScopes.js +15 -7
- package/dist/esm/authorization/parseScopes.js.map +1 -1
- package/dist/esm/authorization/parseScopes.test.js +9 -14
- package/dist/esm/authorization/parseScopes.test.js.map +1 -1
- package/dist/esm/authorization/projectMemberAbility.mock.d.ts.map +1 -1
- package/dist/esm/authorization/projectMemberAbility.mock.js +1 -0
- package/dist/esm/authorization/projectMemberAbility.mock.js.map +1 -1
- package/dist/esm/authorization/roleToScopeMapping.d.ts +19 -0
- package/dist/esm/authorization/roleToScopeMapping.d.ts.map +1 -0
- package/dist/esm/authorization/roleToScopeMapping.js +157 -0
- package/dist/esm/authorization/roleToScopeMapping.js.map +1 -0
- package/dist/esm/authorization/roleToScopeMapping.test.d.ts +2 -0
- package/dist/esm/authorization/roleToScopeMapping.test.d.ts.map +1 -0
- package/dist/esm/authorization/roleToScopeMapping.test.js +547 -0
- package/dist/esm/authorization/roleToScopeMapping.test.js.map +1 -0
- package/dist/esm/authorization/roleToScopeMapping.testUtils.d.ts +1393 -0
- package/dist/esm/authorization/roleToScopeMapping.testUtils.d.ts.map +1 -0
- package/dist/esm/authorization/roleToScopeMapping.testUtils.js +319 -0
- package/dist/esm/authorization/roleToScopeMapping.testUtils.js.map +1 -0
- package/dist/esm/authorization/scopeAbilityBuilder.d.ts +14 -8
- package/dist/esm/authorization/scopeAbilityBuilder.d.ts.map +1 -1
- package/dist/esm/authorization/scopeAbilityBuilder.js +7 -7
- package/dist/esm/authorization/scopeAbilityBuilder.js.map +1 -1
- package/dist/esm/authorization/scopeAbilityBuilder.test.js +259 -186
- package/dist/esm/authorization/scopeAbilityBuilder.test.js.map +1 -1
- package/dist/esm/authorization/scopes.d.ts.map +1 -1
- package/dist/esm/authorization/scopes.js +132 -187
- package/dist/esm/authorization/scopes.js.map +1 -1
- package/dist/esm/types/organizationMemberProfile.d.ts +1 -0
- package/dist/esm/types/organizationMemberProfile.d.ts.map +1 -1
- package/dist/esm/types/organizationMemberProfile.js.map +1 -1
- package/dist/esm/types/projectMemberProfile.d.ts +1 -0
- package/dist/esm/types/projectMemberProfile.d.ts.map +1 -1
- package/dist/esm/types/scopes.d.ts +19 -9
- package/dist/esm/types/scopes.d.ts.map +1 -1
- package/dist/esm/types/user.d.ts +1 -0
- package/dist/esm/types/user.d.ts.map +1 -1
- package/dist/esm/types/user.js.map +1 -1
- package/dist/tsconfig.types.tsbuildinfo +1 -1
- package/dist/types/authorization/index.d.ts +8 -4
- package/dist/types/authorization/index.d.ts.map +1 -1
- package/dist/types/authorization/index.mock.d.ts +2 -0
- package/dist/types/authorization/index.mock.d.ts.map +1 -1
- package/dist/types/authorization/organizationMemberAbility.mock.d.ts.map +1 -1
- package/dist/types/authorization/parseScopes.d.ts +3 -2
- package/dist/types/authorization/parseScopes.d.ts.map +1 -1
- package/dist/types/authorization/projectMemberAbility.mock.d.ts.map +1 -1
- package/dist/types/authorization/roleToScopeMapping.d.ts +19 -0
- package/dist/types/authorization/roleToScopeMapping.d.ts.map +1 -0
- package/dist/types/authorization/roleToScopeMapping.test.d.ts +2 -0
- package/dist/types/authorization/roleToScopeMapping.test.d.ts.map +1 -0
- package/dist/types/authorization/roleToScopeMapping.testUtils.d.ts +1393 -0
- package/dist/types/authorization/roleToScopeMapping.testUtils.d.ts.map +1 -0
- package/dist/types/authorization/scopeAbilityBuilder.d.ts +14 -8
- package/dist/types/authorization/scopeAbilityBuilder.d.ts.map +1 -1
- package/dist/types/authorization/scopes.d.ts.map +1 -1
- package/dist/types/types/organizationMemberProfile.d.ts +1 -0
- package/dist/types/types/organizationMemberProfile.d.ts.map +1 -1
- package/dist/types/types/projectMemberProfile.d.ts +1 -0
- package/dist/types/types/projectMemberProfile.d.ts.map +1 -1
- package/dist/types/types/scopes.d.ts +19 -9
- package/dist/types/types/scopes.d.ts.map +1 -1
- package/dist/types/types/user.d.ts +1 -0
- package/dist/types/types/user.d.ts.map +1 -1
- package/package.json +1 -1
|
@@ -1,40 +1,42 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.getAllScopeMap = exports.getScopes = void 0;
|
|
4
|
+
const lodash_1 = require("lodash");
|
|
4
5
|
const projects_1 = require("../types/projects");
|
|
5
6
|
const scopes_1 = require("../types/scopes");
|
|
6
7
|
const space_1 = require("../types/space");
|
|
8
|
+
/** Context can have either/or organizationUuid or projectUuid. Applies the one we have. */
|
|
9
|
+
const addUuidCondition = (context, modifiers) => {
|
|
10
|
+
const projectOrOrg = context.organizationUuid
|
|
11
|
+
? { organizationUuid: context.organizationUuid }
|
|
12
|
+
: { projectUuid: context.projectUuid };
|
|
13
|
+
return {
|
|
14
|
+
...projectOrOrg,
|
|
15
|
+
...modifiers,
|
|
16
|
+
};
|
|
17
|
+
};
|
|
18
|
+
/** Applies the UUID condition with Space access. */
|
|
7
19
|
const addAccessCondition = (context, role) => ({
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
20
|
+
...addUuidCondition(context),
|
|
21
|
+
access: {
|
|
22
|
+
$elemMatch: {
|
|
23
|
+
userUuid: context.userUuid || false,
|
|
24
|
+
...(role ? { role } : {}),
|
|
25
|
+
},
|
|
11
26
|
},
|
|
12
27
|
});
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
organizationUuid: context.organizationUuid,
|
|
16
|
-
},
|
|
17
|
-
];
|
|
28
|
+
/** Applies the UUID condition as the only condition for a scope. */
|
|
29
|
+
const addDefaultUuidCondition = (0, lodash_1.flow)(addUuidCondition, Array.of);
|
|
18
30
|
const scopes = [
|
|
19
31
|
{
|
|
20
32
|
name: 'view:Dashboard',
|
|
21
33
|
description: 'View dashboards',
|
|
22
34
|
isEnterprise: false,
|
|
23
35
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
24
|
-
getConditions: (context) =>
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
organizationUuid: context.organizationUuid,
|
|
29
|
-
isPrivate: false,
|
|
30
|
-
},
|
|
31
|
-
];
|
|
32
|
-
conditions.push({
|
|
33
|
-
organizationUuid: context.organizationUuid,
|
|
34
|
-
access: addAccessCondition(context),
|
|
35
|
-
});
|
|
36
|
-
return conditions;
|
|
37
|
-
},
|
|
36
|
+
getConditions: (context) => [
|
|
37
|
+
addUuidCondition(context, { isPrivate: false }),
|
|
38
|
+
addAccessCondition(context),
|
|
39
|
+
],
|
|
38
40
|
},
|
|
39
41
|
{
|
|
40
42
|
name: 'manage:Dashboard',
|
|
@@ -42,19 +44,12 @@ const scopes = [
|
|
|
42
44
|
isEnterprise: false,
|
|
43
45
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
44
46
|
getConditions: (context) => {
|
|
45
|
-
const { organizationUuid } = context;
|
|
46
47
|
if (context.scopes.has('manage:Organization')) {
|
|
47
|
-
return
|
|
48
|
+
return addDefaultUuidCondition(context);
|
|
48
49
|
}
|
|
49
50
|
return [
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
access: addAccessCondition(context, space_1.SpaceMemberRole.EDITOR),
|
|
53
|
-
},
|
|
54
|
-
{
|
|
55
|
-
organizationUuid,
|
|
56
|
-
access: addAccessCondition(context, space_1.SpaceMemberRole.ADMIN),
|
|
57
|
-
},
|
|
51
|
+
addAccessCondition(context, space_1.SpaceMemberRole.EDITOR),
|
|
52
|
+
addAccessCondition(context, space_1.SpaceMemberRole.ADMIN),
|
|
58
53
|
];
|
|
59
54
|
},
|
|
60
55
|
},
|
|
@@ -63,23 +58,10 @@ const scopes = [
|
|
|
63
58
|
description: 'View saved charts',
|
|
64
59
|
isEnterprise: false,
|
|
65
60
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
66
|
-
getConditions: (context) =>
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
organizationUuid: context.organizationUuid,
|
|
71
|
-
projectUuid: context.projectUuid,
|
|
72
|
-
isPrivate: false,
|
|
73
|
-
},
|
|
74
|
-
];
|
|
75
|
-
// User's accessible saved charts via space access
|
|
76
|
-
conditions.push({
|
|
77
|
-
organizationUuid: context.organizationUuid,
|
|
78
|
-
projectUuid: context.projectUuid,
|
|
79
|
-
access: addAccessCondition(context),
|
|
80
|
-
});
|
|
81
|
-
return conditions;
|
|
82
|
-
},
|
|
61
|
+
getConditions: (context) => [
|
|
62
|
+
addUuidCondition(context, { isPrivate: false }),
|
|
63
|
+
addAccessCondition(context),
|
|
64
|
+
],
|
|
83
65
|
},
|
|
84
66
|
{
|
|
85
67
|
name: 'manage:SavedChart',
|
|
@@ -87,19 +69,12 @@ const scopes = [
|
|
|
87
69
|
isEnterprise: false,
|
|
88
70
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
89
71
|
getConditions: (context) => {
|
|
90
|
-
const { organizationUuid } = context;
|
|
91
72
|
if (context.scopes.has('manage:Organization')) {
|
|
92
|
-
return
|
|
73
|
+
return addDefaultUuidCondition(context);
|
|
93
74
|
}
|
|
94
75
|
return [
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
access: addAccessCondition(context, space_1.SpaceMemberRole.EDITOR),
|
|
98
|
-
},
|
|
99
|
-
{
|
|
100
|
-
organizationUuid,
|
|
101
|
-
access: addAccessCondition(context, space_1.SpaceMemberRole.ADMIN),
|
|
102
|
-
},
|
|
76
|
+
addAccessCondition(context, space_1.SpaceMemberRole.EDITOR),
|
|
77
|
+
addAccessCondition(context, space_1.SpaceMemberRole.ADMIN),
|
|
103
78
|
];
|
|
104
79
|
},
|
|
105
80
|
},
|
|
@@ -108,110 +83,91 @@ const scopes = [
|
|
|
108
83
|
description: 'View spaces',
|
|
109
84
|
isEnterprise: false,
|
|
110
85
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
111
|
-
getConditions: (context) =>
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
organizationUuid: context.organizationUuid,
|
|
116
|
-
projectUuid: context.projectUuid,
|
|
117
|
-
isPrivate: false,
|
|
118
|
-
},
|
|
119
|
-
];
|
|
120
|
-
// User's accessible spaces
|
|
121
|
-
conditions.push({
|
|
122
|
-
organizationUuid: context.organizationUuid,
|
|
123
|
-
projectUuid: context.projectUuid,
|
|
124
|
-
access: addAccessCondition(context),
|
|
125
|
-
});
|
|
126
|
-
return conditions;
|
|
127
|
-
},
|
|
86
|
+
getConditions: (context) => [
|
|
87
|
+
addUuidCondition(context, { isPrivate: false }),
|
|
88
|
+
addAccessCondition(context),
|
|
89
|
+
],
|
|
128
90
|
},
|
|
129
91
|
{
|
|
130
92
|
name: 'create:Space',
|
|
131
93
|
description: 'Create new spaces',
|
|
132
94
|
isEnterprise: false,
|
|
133
95
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
134
|
-
getConditions:
|
|
96
|
+
getConditions: addDefaultUuidCondition,
|
|
135
97
|
},
|
|
136
98
|
{
|
|
137
99
|
name: 'manage:Space',
|
|
138
|
-
description: '
|
|
100
|
+
description: 'Create, edit, and delete all spaces',
|
|
139
101
|
isEnterprise: false,
|
|
140
102
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
141
|
-
getConditions:
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
return conditions;
|
|
161
|
-
},
|
|
103
|
+
getConditions: addDefaultUuidCondition,
|
|
104
|
+
},
|
|
105
|
+
{
|
|
106
|
+
name: 'manage:Space@public',
|
|
107
|
+
description: 'Create, edit, and delete public spaces',
|
|
108
|
+
isEnterprise: false,
|
|
109
|
+
group: scopes_1.ScopeGroup.CONTENT,
|
|
110
|
+
getConditions: (context) => [
|
|
111
|
+
addUuidCondition(context, { isPrivate: false }),
|
|
112
|
+
],
|
|
113
|
+
},
|
|
114
|
+
{
|
|
115
|
+
name: 'manage:Space@assigned',
|
|
116
|
+
description: 'Create, edit, and delete spaces owned by the user',
|
|
117
|
+
isEnterprise: false,
|
|
118
|
+
group: scopes_1.ScopeGroup.CONTENT,
|
|
119
|
+
getConditions: (context) => [
|
|
120
|
+
addAccessCondition(context, space_1.SpaceMemberRole.ADMIN),
|
|
121
|
+
],
|
|
162
122
|
},
|
|
163
123
|
{
|
|
164
124
|
name: 'view:DashboardComments',
|
|
165
125
|
description: 'View dashboard comments',
|
|
166
126
|
isEnterprise: false,
|
|
167
127
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
168
|
-
getConditions:
|
|
128
|
+
getConditions: addDefaultUuidCondition,
|
|
169
129
|
},
|
|
170
130
|
{
|
|
171
131
|
name: 'create:DashboardComments',
|
|
172
132
|
description: 'Create dashboard comments',
|
|
173
133
|
isEnterprise: false,
|
|
174
134
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
175
|
-
getConditions:
|
|
135
|
+
getConditions: addDefaultUuidCondition,
|
|
176
136
|
},
|
|
177
137
|
{
|
|
178
138
|
name: 'manage:DashboardComments',
|
|
179
139
|
description: 'Edit and delete dashboard comments',
|
|
180
140
|
isEnterprise: false,
|
|
181
141
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
182
|
-
getConditions:
|
|
142
|
+
getConditions: addDefaultUuidCondition,
|
|
183
143
|
},
|
|
184
144
|
{
|
|
185
145
|
name: 'view:Tags',
|
|
186
146
|
description: 'View tags',
|
|
187
147
|
isEnterprise: false,
|
|
188
148
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
189
|
-
getConditions:
|
|
190
|
-
{
|
|
191
|
-
organizationUuid: context.organizationUuid,
|
|
192
|
-
},
|
|
193
|
-
],
|
|
149
|
+
getConditions: addDefaultUuidCondition,
|
|
194
150
|
},
|
|
195
151
|
{
|
|
196
152
|
name: 'manage:Tags',
|
|
197
153
|
description: 'Create, edit, and delete tags',
|
|
198
154
|
isEnterprise: false,
|
|
199
155
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
200
|
-
getConditions:
|
|
156
|
+
getConditions: addDefaultUuidCondition,
|
|
201
157
|
},
|
|
202
158
|
{
|
|
203
159
|
name: 'view:PinnedItems',
|
|
204
160
|
description: 'View pinned items',
|
|
205
161
|
isEnterprise: false,
|
|
206
162
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
207
|
-
getConditions:
|
|
163
|
+
getConditions: addDefaultUuidCondition,
|
|
208
164
|
},
|
|
209
165
|
{
|
|
210
166
|
name: 'manage:PinnedItems',
|
|
211
167
|
description: 'Pin and unpin items',
|
|
212
168
|
isEnterprise: false,
|
|
213
169
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
214
|
-
getConditions:
|
|
170
|
+
getConditions: addDefaultUuidCondition,
|
|
215
171
|
},
|
|
216
172
|
{
|
|
217
173
|
name: 'promote:SavedChart',
|
|
@@ -220,19 +176,9 @@ const scopes = [
|
|
|
220
176
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
221
177
|
getConditions: (context) => {
|
|
222
178
|
if (context.scopes.has('manage:Organization')) {
|
|
223
|
-
return
|
|
224
|
-
{
|
|
225
|
-
organizationUuid: context.organizationUuid,
|
|
226
|
-
},
|
|
227
|
-
];
|
|
179
|
+
return addDefaultUuidCondition(context);
|
|
228
180
|
}
|
|
229
|
-
return [
|
|
230
|
-
{
|
|
231
|
-
organizationUuid: context.organizationUuid,
|
|
232
|
-
projectUuid: context.projectUuid,
|
|
233
|
-
access: addAccessCondition(context, space_1.SpaceMemberRole.EDITOR),
|
|
234
|
-
},
|
|
235
|
-
];
|
|
181
|
+
return [addAccessCondition(context, space_1.SpaceMemberRole.EDITOR)];
|
|
236
182
|
},
|
|
237
183
|
},
|
|
238
184
|
{
|
|
@@ -242,19 +188,9 @@ const scopes = [
|
|
|
242
188
|
group: scopes_1.ScopeGroup.CONTENT,
|
|
243
189
|
getConditions: (context) => {
|
|
244
190
|
if (context.scopes.has('manage:Organization')) {
|
|
245
|
-
return
|
|
246
|
-
{
|
|
247
|
-
organizationUuid: context.organizationUuid,
|
|
248
|
-
},
|
|
249
|
-
];
|
|
191
|
+
return addDefaultUuidCondition(context);
|
|
250
192
|
}
|
|
251
|
-
return [
|
|
252
|
-
{
|
|
253
|
-
organizationUuid: context.organizationUuid,
|
|
254
|
-
projectUuid: context.projectUuid,
|
|
255
|
-
access: addAccessCondition(context, space_1.SpaceMemberRole.EDITOR),
|
|
256
|
-
},
|
|
257
|
-
];
|
|
193
|
+
return [addAccessCondition(context, space_1.SpaceMemberRole.EDITOR)];
|
|
258
194
|
},
|
|
259
195
|
},
|
|
260
196
|
// Project Management Scopes
|
|
@@ -263,7 +199,7 @@ const scopes = [
|
|
|
263
199
|
description: 'View project details',
|
|
264
200
|
isEnterprise: false,
|
|
265
201
|
group: scopes_1.ScopeGroup.PROJECT_MANAGEMENT,
|
|
266
|
-
getConditions:
|
|
202
|
+
getConditions: addDefaultUuidCondition,
|
|
267
203
|
},
|
|
268
204
|
{
|
|
269
205
|
name: 'create:Project',
|
|
@@ -274,7 +210,7 @@ const scopes = [
|
|
|
274
210
|
// Allow creating preview projects by default
|
|
275
211
|
[
|
|
276
212
|
{
|
|
277
|
-
|
|
213
|
+
...addUuidCondition(context),
|
|
278
214
|
type: projects_1.ProjectType.PREVIEW,
|
|
279
215
|
},
|
|
280
216
|
],
|
|
@@ -284,7 +220,7 @@ const scopes = [
|
|
|
284
220
|
description: 'Update project settings',
|
|
285
221
|
isEnterprise: false,
|
|
286
222
|
group: scopes_1.ScopeGroup.PROJECT_MANAGEMENT,
|
|
287
|
-
getConditions:
|
|
223
|
+
getConditions: addDefaultUuidCondition,
|
|
288
224
|
},
|
|
289
225
|
{
|
|
290
226
|
name: 'delete:Project',
|
|
@@ -293,69 +229,77 @@ const scopes = [
|
|
|
293
229
|
group: scopes_1.ScopeGroup.PROJECT_MANAGEMENT,
|
|
294
230
|
getConditions: (context) => {
|
|
295
231
|
if (context.projectUuid) {
|
|
296
|
-
return [
|
|
297
|
-
{
|
|
298
|
-
projectUuid: context.projectUuid,
|
|
299
|
-
},
|
|
300
|
-
];
|
|
232
|
+
return [{}];
|
|
301
233
|
}
|
|
302
234
|
// Can delete preview projects in organization
|
|
303
235
|
return [
|
|
304
236
|
{
|
|
305
|
-
|
|
237
|
+
...addUuidCondition(context),
|
|
306
238
|
type: projects_1.ProjectType.PREVIEW,
|
|
307
239
|
},
|
|
308
240
|
];
|
|
309
241
|
},
|
|
310
242
|
},
|
|
243
|
+
{
|
|
244
|
+
name: 'delete:Project@self',
|
|
245
|
+
description: 'Delete projects created by the user',
|
|
246
|
+
isEnterprise: false,
|
|
247
|
+
group: scopes_1.ScopeGroup.PROJECT_MANAGEMENT,
|
|
248
|
+
getConditions: (context) => [
|
|
249
|
+
{
|
|
250
|
+
createdByUserUuid: context.userUuid || false,
|
|
251
|
+
type: projects_1.ProjectType.PREVIEW,
|
|
252
|
+
},
|
|
253
|
+
],
|
|
254
|
+
},
|
|
311
255
|
{
|
|
312
256
|
name: 'manage:Project',
|
|
313
257
|
description: 'Full project management permissions',
|
|
314
258
|
isEnterprise: false,
|
|
315
259
|
group: scopes_1.ScopeGroup.PROJECT_MANAGEMENT,
|
|
316
|
-
getConditions:
|
|
260
|
+
getConditions: addDefaultUuidCondition,
|
|
317
261
|
},
|
|
318
262
|
{
|
|
319
263
|
name: 'manage:CompileProject',
|
|
320
264
|
description: 'Compile and refresh dbt projects',
|
|
321
265
|
isEnterprise: false,
|
|
322
266
|
group: scopes_1.ScopeGroup.PROJECT_MANAGEMENT,
|
|
323
|
-
getConditions:
|
|
267
|
+
getConditions: addDefaultUuidCondition,
|
|
324
268
|
},
|
|
325
269
|
{
|
|
326
270
|
name: 'manage:Validation',
|
|
327
271
|
description: 'Manage data validation rules',
|
|
328
272
|
isEnterprise: false,
|
|
329
273
|
group: scopes_1.ScopeGroup.PROJECT_MANAGEMENT,
|
|
330
|
-
getConditions:
|
|
274
|
+
getConditions: addDefaultUuidCondition,
|
|
331
275
|
},
|
|
332
276
|
{
|
|
333
277
|
name: 'create:ScheduledDeliveries',
|
|
334
278
|
description: 'Create scheduled deliveries',
|
|
335
279
|
isEnterprise: false,
|
|
336
280
|
group: scopes_1.ScopeGroup.PROJECT_MANAGEMENT,
|
|
337
|
-
getConditions:
|
|
281
|
+
getConditions: addDefaultUuidCondition,
|
|
338
282
|
},
|
|
339
283
|
{
|
|
340
284
|
name: 'manage:ScheduledDeliveries',
|
|
341
285
|
description: 'Manage scheduled deliveries',
|
|
342
286
|
isEnterprise: false,
|
|
343
287
|
group: scopes_1.ScopeGroup.PROJECT_MANAGEMENT,
|
|
344
|
-
getConditions:
|
|
288
|
+
getConditions: addDefaultUuidCondition,
|
|
345
289
|
},
|
|
346
290
|
{
|
|
347
291
|
name: 'manage:GoogleSheets',
|
|
348
292
|
description: 'Manage google sheets',
|
|
349
293
|
isEnterprise: false,
|
|
350
294
|
group: scopes_1.ScopeGroup.PROJECT_MANAGEMENT,
|
|
351
|
-
getConditions:
|
|
295
|
+
getConditions: addDefaultUuidCondition,
|
|
352
296
|
},
|
|
353
297
|
{
|
|
354
298
|
name: 'view:Analytics',
|
|
355
299
|
description: 'View usage analytics',
|
|
356
300
|
isEnterprise: false,
|
|
357
301
|
group: scopes_1.ScopeGroup.PROJECT_MANAGEMENT,
|
|
358
|
-
getConditions:
|
|
302
|
+
getConditions: addDefaultUuidCondition,
|
|
359
303
|
},
|
|
360
304
|
{
|
|
361
305
|
name: 'create:Job',
|
|
@@ -385,7 +329,7 @@ const scopes = [
|
|
|
385
329
|
group: scopes_1.ScopeGroup.PROJECT_MANAGEMENT,
|
|
386
330
|
getConditions: (context) => {
|
|
387
331
|
if (context.scopes.has('manage:Organization')) {
|
|
388
|
-
return
|
|
332
|
+
return addDefaultUuidCondition(context);
|
|
389
333
|
}
|
|
390
334
|
return [
|
|
391
335
|
{
|
|
@@ -394,62 +338,69 @@ const scopes = [
|
|
|
394
338
|
];
|
|
395
339
|
},
|
|
396
340
|
},
|
|
341
|
+
{
|
|
342
|
+
name: 'manage:Validation',
|
|
343
|
+
description: 'Manage data validation rules',
|
|
344
|
+
isEnterprise: false,
|
|
345
|
+
group: scopes_1.ScopeGroup.PROJECT_MANAGEMENT,
|
|
346
|
+
getConditions: addDefaultUuidCondition,
|
|
347
|
+
},
|
|
397
348
|
// Organization Management Scopes
|
|
398
349
|
{
|
|
399
350
|
name: 'view:Organization',
|
|
400
351
|
description: 'View organization details',
|
|
401
352
|
isEnterprise: false,
|
|
402
353
|
group: scopes_1.ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
403
|
-
getConditions:
|
|
354
|
+
getConditions: addDefaultUuidCondition,
|
|
404
355
|
},
|
|
405
356
|
{
|
|
406
357
|
name: 'manage:Organization',
|
|
407
358
|
description: 'Manage organization settings',
|
|
408
359
|
isEnterprise: false,
|
|
409
360
|
group: scopes_1.ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
410
|
-
getConditions:
|
|
361
|
+
getConditions: addDefaultUuidCondition,
|
|
411
362
|
},
|
|
412
363
|
{
|
|
413
364
|
name: 'view:OrganizationMemberProfile',
|
|
414
365
|
description: 'View organization member profiles',
|
|
415
366
|
isEnterprise: false,
|
|
416
367
|
group: scopes_1.ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
417
|
-
getConditions:
|
|
368
|
+
getConditions: addDefaultUuidCondition,
|
|
418
369
|
},
|
|
419
370
|
{
|
|
420
371
|
name: 'manage:OrganizationMemberProfile',
|
|
421
372
|
description: 'Manage organization member profiles and roles',
|
|
422
373
|
isEnterprise: false,
|
|
423
374
|
group: scopes_1.ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
424
|
-
getConditions:
|
|
375
|
+
getConditions: addDefaultUuidCondition,
|
|
425
376
|
},
|
|
426
377
|
{
|
|
427
378
|
name: 'manage:InviteLink',
|
|
428
379
|
description: 'Create and manage invite links',
|
|
429
380
|
isEnterprise: false,
|
|
430
381
|
group: scopes_1.ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
431
|
-
getConditions:
|
|
382
|
+
getConditions: addDefaultUuidCondition,
|
|
432
383
|
},
|
|
433
384
|
{
|
|
434
385
|
name: 'manage:Group',
|
|
435
386
|
description: 'Manage user groups',
|
|
436
387
|
isEnterprise: false,
|
|
437
388
|
group: scopes_1.ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
438
|
-
getConditions:
|
|
389
|
+
getConditions: addDefaultUuidCondition,
|
|
439
390
|
},
|
|
440
391
|
{
|
|
441
392
|
name: 'manage:ContentAsCode',
|
|
442
393
|
description: 'Manage content as code features',
|
|
443
394
|
isEnterprise: true,
|
|
444
395
|
group: scopes_1.ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
445
|
-
getConditions:
|
|
396
|
+
getConditions: addDefaultUuidCondition,
|
|
446
397
|
},
|
|
447
398
|
{
|
|
448
399
|
name: 'manage:PersonalAccessToken',
|
|
449
400
|
description: 'Create and manage personal access tokens',
|
|
450
401
|
isEnterprise: true,
|
|
451
402
|
group: scopes_1.ScopeGroup.ORGANIZATION_MANAGEMENT,
|
|
452
|
-
getConditions:
|
|
403
|
+
getConditions: addDefaultUuidCondition,
|
|
453
404
|
},
|
|
454
405
|
// Data Scopes
|
|
455
406
|
{
|
|
@@ -457,14 +408,14 @@ const scopes = [
|
|
|
457
408
|
description: 'View underlying data in charts',
|
|
458
409
|
isEnterprise: false,
|
|
459
410
|
group: scopes_1.ScopeGroup.DATA,
|
|
460
|
-
getConditions:
|
|
411
|
+
getConditions: addDefaultUuidCondition,
|
|
461
412
|
},
|
|
462
413
|
{
|
|
463
414
|
name: 'view:SemanticViewer',
|
|
464
415
|
description: 'View data in semantic viewer',
|
|
465
416
|
isEnterprise: false,
|
|
466
417
|
group: scopes_1.ScopeGroup.DATA,
|
|
467
|
-
getConditions:
|
|
418
|
+
getConditions: addDefaultUuidCondition,
|
|
468
419
|
},
|
|
469
420
|
{
|
|
470
421
|
name: 'manage:SemanticViewer',
|
|
@@ -473,14 +424,9 @@ const scopes = [
|
|
|
473
424
|
group: scopes_1.ScopeGroup.DATA,
|
|
474
425
|
getConditions: (context) => {
|
|
475
426
|
if (context.scopes.has('manage:Organization')) {
|
|
476
|
-
return
|
|
427
|
+
return addDefaultUuidCondition(context);
|
|
477
428
|
}
|
|
478
|
-
return [
|
|
479
|
-
{
|
|
480
|
-
organizationUuid: context.organizationUuid,
|
|
481
|
-
access: addAccessCondition(context, space_1.SpaceMemberRole.EDITOR),
|
|
482
|
-
},
|
|
483
|
-
];
|
|
429
|
+
return [addAccessCondition(context, space_1.SpaceMemberRole.EDITOR)];
|
|
484
430
|
},
|
|
485
431
|
},
|
|
486
432
|
{
|
|
@@ -488,56 +434,56 @@ const scopes = [
|
|
|
488
434
|
description: 'Explore and query data',
|
|
489
435
|
isEnterprise: false,
|
|
490
436
|
group: scopes_1.ScopeGroup.DATA,
|
|
491
|
-
getConditions:
|
|
437
|
+
getConditions: addDefaultUuidCondition,
|
|
492
438
|
},
|
|
493
439
|
{
|
|
494
440
|
name: 'manage:SqlRunner',
|
|
495
441
|
description: 'Run SQL queries directly',
|
|
496
442
|
isEnterprise: false,
|
|
497
443
|
group: scopes_1.ScopeGroup.DATA,
|
|
498
|
-
getConditions:
|
|
444
|
+
getConditions: addDefaultUuidCondition,
|
|
499
445
|
},
|
|
500
446
|
{
|
|
501
447
|
name: 'manage:CustomSql',
|
|
502
448
|
description: 'Create custom SQL queries',
|
|
503
449
|
isEnterprise: false,
|
|
504
450
|
group: scopes_1.ScopeGroup.DATA,
|
|
505
|
-
getConditions:
|
|
451
|
+
getConditions: addDefaultUuidCondition,
|
|
506
452
|
},
|
|
507
453
|
{
|
|
508
454
|
name: 'create:VirtualView',
|
|
509
455
|
description: 'Create virtual views',
|
|
510
456
|
isEnterprise: false,
|
|
511
457
|
group: scopes_1.ScopeGroup.DATA,
|
|
512
|
-
getConditions:
|
|
458
|
+
getConditions: addDefaultUuidCondition,
|
|
513
459
|
},
|
|
514
460
|
{
|
|
515
461
|
name: 'delete:VirtualView',
|
|
516
462
|
description: 'Delete virtual views',
|
|
517
463
|
isEnterprise: false,
|
|
518
464
|
group: scopes_1.ScopeGroup.DATA,
|
|
519
|
-
getConditions:
|
|
465
|
+
getConditions: addDefaultUuidCondition,
|
|
520
466
|
},
|
|
521
467
|
{
|
|
522
468
|
name: 'manage:VirtualView',
|
|
523
469
|
description: 'Create and manage virtual views',
|
|
524
470
|
isEnterprise: false,
|
|
525
471
|
group: scopes_1.ScopeGroup.DATA,
|
|
526
|
-
getConditions:
|
|
472
|
+
getConditions: addDefaultUuidCondition,
|
|
527
473
|
},
|
|
528
474
|
{
|
|
529
475
|
name: 'manage:ExportCsv',
|
|
530
476
|
description: 'Export data to CSV',
|
|
531
477
|
isEnterprise: false,
|
|
532
478
|
group: scopes_1.ScopeGroup.DATA,
|
|
533
|
-
getConditions:
|
|
479
|
+
getConditions: addDefaultUuidCondition,
|
|
534
480
|
},
|
|
535
481
|
{
|
|
536
482
|
name: 'manage:ChangeCsvResults',
|
|
537
483
|
description: 'Modify CSV export results',
|
|
538
484
|
isEnterprise: false,
|
|
539
485
|
group: scopes_1.ScopeGroup.DATA,
|
|
540
|
-
getConditions:
|
|
486
|
+
getConditions: addDefaultUuidCondition,
|
|
541
487
|
},
|
|
542
488
|
// Sharing Scopes
|
|
543
489
|
{
|
|
@@ -567,14 +513,14 @@ const scopes = [
|
|
|
567
513
|
description: 'View AI agent features',
|
|
568
514
|
isEnterprise: true,
|
|
569
515
|
group: scopes_1.ScopeGroup.AI,
|
|
570
|
-
getConditions:
|
|
516
|
+
getConditions: addDefaultUuidCondition,
|
|
571
517
|
},
|
|
572
518
|
{
|
|
573
519
|
name: 'manage:AiAgent',
|
|
574
520
|
description: 'Configure AI agent settings',
|
|
575
521
|
isEnterprise: true,
|
|
576
522
|
group: scopes_1.ScopeGroup.AI,
|
|
577
|
-
getConditions:
|
|
523
|
+
getConditions: addDefaultUuidCondition,
|
|
578
524
|
},
|
|
579
525
|
{
|
|
580
526
|
name: 'view:AiAgentThread',
|
|
@@ -585,9 +531,8 @@ const scopes = [
|
|
|
585
531
|
// View user's own AI agent threads
|
|
586
532
|
[
|
|
587
533
|
{
|
|
588
|
-
|
|
589
|
-
|
|
590
|
-
...(context.userUuid && { userUuid: context.userUuid }),
|
|
534
|
+
...addUuidCondition(context),
|
|
535
|
+
userUuid: context.userUuid || false,
|
|
591
536
|
},
|
|
592
537
|
],
|
|
593
538
|
},
|
|
@@ -596,7 +541,7 @@ const scopes = [
|
|
|
596
541
|
description: 'Start new AI agent conversations',
|
|
597
542
|
isEnterprise: true,
|
|
598
543
|
group: scopes_1.ScopeGroup.AI,
|
|
599
|
-
getConditions:
|
|
544
|
+
getConditions: addDefaultUuidCondition,
|
|
600
545
|
},
|
|
601
546
|
{
|
|
602
547
|
name: 'manage:AiAgentThread',
|
|
@@ -605,7 +550,7 @@ const scopes = [
|
|
|
605
550
|
group: scopes_1.ScopeGroup.AI,
|
|
606
551
|
getConditions: (context) => {
|
|
607
552
|
if (context.scopes.has('manage:Organization')) {
|
|
608
|
-
return
|
|
553
|
+
return addDefaultUuidCondition(context);
|
|
609
554
|
}
|
|
610
555
|
// Manage user's own AI agent threads
|
|
611
556
|
return [{ userUuid: context.userUuid || false }];
|
|
@@ -617,28 +562,28 @@ const scopes = [
|
|
|
617
562
|
description: 'Configure spotlight table settings',
|
|
618
563
|
isEnterprise: true,
|
|
619
564
|
group: scopes_1.ScopeGroup.SPOTLIGHT,
|
|
620
|
-
getConditions:
|
|
565
|
+
getConditions: addDefaultUuidCondition,
|
|
621
566
|
},
|
|
622
567
|
{
|
|
623
568
|
name: 'view:SpotlightTableConfig',
|
|
624
569
|
description: 'View spotlight table configuration',
|
|
625
570
|
isEnterprise: true,
|
|
626
571
|
group: scopes_1.ScopeGroup.SPOTLIGHT,
|
|
627
|
-
getConditions:
|
|
572
|
+
getConditions: addDefaultUuidCondition,
|
|
628
573
|
},
|
|
629
574
|
{
|
|
630
575
|
name: 'view:MetricsTree',
|
|
631
576
|
description: 'View metrics tree',
|
|
632
577
|
isEnterprise: true,
|
|
633
578
|
group: scopes_1.ScopeGroup.SPOTLIGHT,
|
|
634
|
-
getConditions:
|
|
579
|
+
getConditions: addDefaultUuidCondition,
|
|
635
580
|
},
|
|
636
581
|
{
|
|
637
582
|
name: 'manage:MetricsTree',
|
|
638
583
|
description: 'Manage metrics tree configuration',
|
|
639
584
|
isEnterprise: true,
|
|
640
585
|
group: scopes_1.ScopeGroup.SPOTLIGHT,
|
|
641
|
-
getConditions:
|
|
586
|
+
getConditions: addDefaultUuidCondition,
|
|
642
587
|
},
|
|
643
588
|
];
|
|
644
589
|
const getNonEnterpriseScopes = () => scopes.filter((scope) => !scope.isEnterprise);
|