CodeMirror/budibase
1
0
Fork 0
mirror of synced 2024-07-01 04:21:06 +12:00
Code Issues Projects Releases Wiki Activity

make logged in users basic by default, prevent allowing users to be assigned as default in the UI

Browse source
This commit is contained in:
Martin McKeaveney 2021-07-06 18:43:04 +01:00
parent 197d895174
commit 13517d5298
5 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
packages/auth/src/security/roles.js
View file

@ -147,7 +147,7 @@ exports.getRole = async (appId, roleId) => {
*/
async function getAllUserRoles(appId, userRoleId) {
if (!userRoleId) {
return [BUILTIN_IDS.PUBLIC]
return [BUILTIN_IDS.BASIC]
}
let currentRole = await exports.getRole(appId, userRoleId)
let roles = currentRole ? [currentRole] : []
@ -226,7 +226,7 @@ exports.getAllRoles = async appId => {
dbRole => exports.getExternalRoleID(dbRole._id) === builtinRoleId
)[0]
if (dbBuiltin == null) {
roles.push(builtinRole || builtinRoles.PUBLIC)
roles.push(builtinRole || builtinRoles.BASIC)
} else {
// remove role and all back after combining with the builtin
roles = roles.filter(role => role._id !== dbBuiltin._id)

2
packages/builder/src/pages/builder/portal/manage/users/[userId].svelte
View file

@ -33,7 +33,7 @@
role: {},
}
$: defaultRoleId = $userFetch?.data?.builder?.global ? "ADMIN" : "PUBLIC"
$: defaultRoleId = $userFetch?.data?.builder?.global ? "ADMIN" : "BASIC"
// Merge the Apps list and the roles response to get something that makes sense for the table
$: appList = Object.keys($apps?.data).map(id => {
const role = $userFetch?.data?.roles?.[id] || defaultRoleId

2
packages/builder/src/pages/builder/portal/manage/users/_components/UpdateRolesModal.svelte
View file

@ -9,7 +9,7 @@
const dispatch = createEventDispatcher()
const roles = app.roles
let options = roles.map(role => role._id)
let options = roles.map(role => role._id).filter(id => id !== "PUBLIC")
let selectedRole = user?.roles?.[app?._id]
async function updateUserRoles() {

4
packages/server/src/middleware/currentapp.js
View file

@ -45,10 +45,10 @@ module.exports = async (ctx, next) => {
updateCookie = true
appId = requestAppId
// retrieving global user gets the right role
roleId = globalUser.roleId || BUILTIN_ROLE_IDS.PUBLIC
roleId = globalUser.roleId || BUILTIN_ROLE_IDS.BASIC
} else if (appCookie != null) {
appId = appCookie.appId
roleId = appCookie.roleId || BUILTIN_ROLE_IDS.PUBLIC
roleId = appCookie.roleId || BUILTIN_ROLE_IDS.BASIC
}
// nothing more to do
if (!appId) {

2
packages/server/src/utilities/global.js
View file

@ -19,7 +19,7 @@ exports.updateAppRole = (appId, user) => {
if (!user.roleId && user.builder && user.builder.global) {
user.roleId = BUILTIN_ROLE_IDS.ADMIN
} else if (!user.roleId) {
user.roleId = BUILTIN_ROLE_IDS.PUBLIC
user.roleId = BUILTIN_ROLE_IDS.BASIC
}
delete user.roles
return user