mirror of
https://github.com/Infisical/infisical.git
synced 2026-01-09 15:38:03 -05:00
feat: adjusted doc and brought back permission
This commit is contained in:
=
@@ -87,6 +87,7 @@ export enum OrgPermissionBillingActions {
|
||||
|
||||
export enum OrgPermissionSubjects {
|
||||
Workspace = "workspace",
|
||||
Project = "project",
|
||||
Role = "role",
|
||||
Member = "member",
|
||||
Settings = "settings",
|
||||
@@ -117,6 +118,7 @@ export type AppConnectionSubjectFields = {
|
||||
|
||||
export type OrgPermissionSet =
|
||||
| [OrgPermissionActions.Create, OrgPermissionSubjects.Workspace]
|
||||
| [OrgPermissionActions.Create, OrgPermissionSubjects.Project]
|
||||
| [OrgPermissionActions, OrgPermissionSubjects.Role]
|
||||
| [OrgPermissionActions, OrgPermissionSubjects.Member]
|
||||
| [OrgPermissionActions, OrgPermissionSubjects.Settings]
|
||||
@@ -166,6 +168,10 @@ export const OrgPermissionSchema = z.discriminatedUnion("subject", [
|
||||
subject: z.literal(OrgPermissionSubjects.Workspace).describe("The entity this permission pertains to."),
|
||||
action: CASL_ACTION_SCHEMA_ENUM([OrgPermissionActions.Create]).describe("Describe what action an entity can take.")
|
||||
}),
|
||||
z.object({
|
||||
subject: z.literal(OrgPermissionSubjects.Project).describe("The entity this permission pertains to."),
|
||||
action: CASL_ACTION_SCHEMA_ENUM([OrgPermissionActions.Create]).describe("Describe what action an entity can take.")
|
||||
}),
|
||||
z.object({
|
||||
subject: z.literal(OrgPermissionSubjects.Role).describe("The entity this permission pertains to."),
|
||||
action: CASL_ACTION_SCHEMA_NATIVE_ENUM(OrgPermissionActions).describe("Describe what action an entity can take.")
|
||||
@@ -280,6 +286,7 @@ const buildAdminPermission = () => {
|
||||
const { can, rules } = new AbilityBuilder<MongoAbility<OrgPermissionSet>>(createMongoAbility);
|
||||
// ws permissions
|
||||
can(OrgPermissionActions.Create, OrgPermissionSubjects.Workspace);
|
||||
can(OrgPermissionActions.Create, OrgPermissionSubjects.Project);
|
||||
// role permission
|
||||
can(OrgPermissionActions.Read, OrgPermissionSubjects.Role);
|
||||
can(OrgPermissionActions.Create, OrgPermissionSubjects.Role);
|
||||
@@ -413,6 +420,7 @@ const buildMemberPermission = () => {
|
||||
const { can, rules } = new AbilityBuilder<MongoAbility<OrgPermissionSet>>(createMongoAbility);
|
||||
|
||||
can(OrgPermissionActions.Create, OrgPermissionSubjects.Workspace);
|
||||
can(OrgPermissionActions.Create, OrgPermissionSubjects.Project);
|
||||
can(OrgPermissionActions.Read, OrgPermissionSubjects.Member);
|
||||
can(OrgPermissionGroupActions.Read, OrgPermissionSubjects.Groups);
|
||||
can(OrgPermissionActions.Read, OrgPermissionSubjects.Role);
|
||||
|
||||
@@ -254,7 +254,13 @@ export const projectServiceFactory = ({
|
||||
actorAuthMethod,
|
||||
actorOrgId
|
||||
);
|
||||
ForbiddenError.from(permission).throwUnlessCan(OrgPermissionActions.Create, OrgPermissionSubjects.Workspace);
|
||||
|
||||
if (
|
||||
permission.cannot(OrgPermissionActions.Create, OrgPermissionSubjects.Workspace) &&
|
||||
permission.cannot(OrgPermissionActions.Create, OrgPermissionSubjects.Project)
|
||||
) {
|
||||
throw new ForbiddenRequestError({ message: "You don't have permission to create a project" });
|
||||
}
|
||||
|
||||
const results = await (trx || projectDAL).transaction(async (tx) => {
|
||||
await tx.raw("SELECT pg_advisory_xact_lock(?)", [PgSqlLock.CreateProject(organization.id)]);
|
||||
|
||||
247
docs/docs.json
247
docs/docs.json
@@ -1008,7 +1008,13 @@
|
||||
"api-reference/endpoints/organizations/update-membership",
|
||||
"api-reference/endpoints/organizations/delete-membership",
|
||||
"api-reference/endpoints/organizations/bulk-delete-memberships",
|
||||
"api-reference/endpoints/organizations/list-identity-memberships"
|
||||
"api-reference/endpoints/organizations/list-identity-memberships",
|
||||
{
|
||||
"group": "To be deprecated",
|
||||
"pages": [
|
||||
"api-reference/endpoints/deprecated/organizations/projects"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
@@ -1019,7 +1025,18 @@
|
||||
"api-reference/endpoints/projects/delete-project",
|
||||
"api-reference/endpoints/projects/get-project",
|
||||
"api-reference/endpoints/projects/update-project",
|
||||
"api-reference/endpoints/projects/secret-snapshots"
|
||||
"api-reference/endpoints/projects/secret-snapshots",
|
||||
{
|
||||
"group": "To be deprecated",
|
||||
"pages": [
|
||||
"api-reference/endpoints/deprecated/projects/get-project-by-slug",
|
||||
"api-reference/endpoints/deprecated/projects/create-project",
|
||||
"api-reference/endpoints/deprecated/projects/delete-project",
|
||||
"api-reference/endpoints/deprecated/projects/get-project",
|
||||
"api-reference/endpoints/deprecated/projects/update-project",
|
||||
"api-reference/endpoints/deprecated/projects/secret-snapshots"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
@@ -1029,7 +1046,17 @@
|
||||
"api-reference/endpoints/project-users/remove-member-from-project",
|
||||
"api-reference/endpoints/project-users/memberships",
|
||||
"api-reference/endpoints/project-users/get-by-username",
|
||||
"api-reference/endpoints/project-users/update-membership"
|
||||
"api-reference/endpoints/project-users/update-membership",
|
||||
{
|
||||
"group": "To be deprecated",
|
||||
"pages": [
|
||||
"api-reference/endpoints/deprecated/project-users/invite-member-to-project",
|
||||
"api-reference/endpoints/deprecated/project-users/remove-member-from-project",
|
||||
"api-reference/endpoints/deprecated/project-users/memberships",
|
||||
"api-reference/endpoints/deprecated/project-users/get-by-username",
|
||||
"api-reference/endpoints/deprecated/project-users/update-membership"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
@@ -1039,7 +1066,17 @@
|
||||
"api-reference/endpoints/project-groups/delete",
|
||||
"api-reference/endpoints/project-groups/get-by-id",
|
||||
"api-reference/endpoints/project-groups/list",
|
||||
"api-reference/endpoints/project-groups/update"
|
||||
"api-reference/endpoints/project-groups/update",
|
||||
{
|
||||
"group": "To be deprecated",
|
||||
"pages": [
|
||||
"api-reference/endpoints/deprecated/project-groups/create",
|
||||
"api-reference/endpoints/deprecated/project-groups/delete",
|
||||
"api-reference/endpoints/deprecated/project-groups/get-by-id",
|
||||
"api-reference/endpoints/deprecated/project-groups/list",
|
||||
"api-reference/endpoints/deprecated/project-groups/update"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
@@ -1049,7 +1086,17 @@
|
||||
"api-reference/endpoints/project-identities/list-identity-memberships",
|
||||
"api-reference/endpoints/project-identities/get-by-id",
|
||||
"api-reference/endpoints/project-identities/update-identity-membership",
|
||||
"api-reference/endpoints/project-identities/delete-identity-membership"
|
||||
"api-reference/endpoints/project-identities/delete-identity-membership",
|
||||
{
|
||||
"group": "To be deprecated",
|
||||
"pages": [
|
||||
"api-reference/endpoints/deprecated/project-identities/add-identity-membership",
|
||||
"api-reference/endpoints/deprecated/project-identities/list-identity-memberships",
|
||||
"api-reference/endpoints/deprecated/project-identities/get-by-id",
|
||||
"api-reference/endpoints/deprecated/project-identities/update-identity-membership",
|
||||
"api-reference/endpoints/deprecated/project-identities/delete-identity-membership"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
@@ -1059,7 +1106,17 @@
|
||||
"api-reference/endpoints/project-roles/update",
|
||||
"api-reference/endpoints/project-roles/delete",
|
||||
"api-reference/endpoints/project-roles/get-by-slug",
|
||||
"api-reference/endpoints/project-roles/list"
|
||||
"api-reference/endpoints/project-roles/list",
|
||||
{
|
||||
"group": "To be deprecated",
|
||||
"pages": [
|
||||
"api-reference/endpoints/deprecated/project-roles/create",
|
||||
"api-reference/endpoints/deprecated/project-roles/update",
|
||||
"api-reference/endpoints/deprecated/project-roles/delete",
|
||||
"api-reference/endpoints/deprecated/project-roles/get-by-slug",
|
||||
"api-reference/endpoints/deprecated/project-roles/list"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
@@ -1077,7 +1134,15 @@
|
||||
"pages": [
|
||||
"api-reference/endpoints/environments/create",
|
||||
"api-reference/endpoints/environments/update",
|
||||
"api-reference/endpoints/environments/delete"
|
||||
"api-reference/endpoints/environments/delete",
|
||||
{
|
||||
"group": "To be deprecated",
|
||||
"pages": [
|
||||
"api-reference/endpoints/deprecated/environments/create",
|
||||
"api-reference/endpoints/deprecated/environments/update",
|
||||
"api-reference/endpoints/deprecated/environments/delete"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
@@ -1087,7 +1152,17 @@
|
||||
"api-reference/endpoints/folders/get-by-id",
|
||||
"api-reference/endpoints/folders/create",
|
||||
"api-reference/endpoints/folders/update",
|
||||
"api-reference/endpoints/folders/delete"
|
||||
"api-reference/endpoints/folders/delete",
|
||||
{
|
||||
"group": "To be deprecated",
|
||||
"pages": [
|
||||
"api-reference/endpoints/deprecated/folders/list",
|
||||
"api-reference/endpoints/deprecated/folders/get-by-id",
|
||||
"api-reference/endpoints/deprecated/folders/create",
|
||||
"api-reference/endpoints/deprecated/folders/update",
|
||||
"api-reference/endpoints/deprecated/folders/delete"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
@@ -1098,7 +1173,18 @@
|
||||
"api-reference/endpoints/secret-tags/get-by-slug",
|
||||
"api-reference/endpoints/secret-tags/create",
|
||||
"api-reference/endpoints/secret-tags/update",
|
||||
"api-reference/endpoints/secret-tags/delete"
|
||||
"api-reference/endpoints/secret-tags/delete",
|
||||
{
|
||||
"group": "To be deprecated",
|
||||
"pages": [
|
||||
"api-reference/endpoints/deprecated/secret-tags/list",
|
||||
"api-reference/endpoints/deprecated/secret-tags/get-by-id",
|
||||
"api-reference/endpoints/deprecated/secret-tags/get-by-slug",
|
||||
"api-reference/endpoints/deprecated/secret-tags/create",
|
||||
"api-reference/endpoints/deprecated/secret-tags/update",
|
||||
"api-reference/endpoints/deprecated/secret-tags/delete"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
@@ -1111,7 +1197,22 @@
|
||||
"api-reference/endpoints/secrets/delete",
|
||||
"api-reference/endpoints/secrets/create-many",
|
||||
"api-reference/endpoints/secrets/update-many",
|
||||
"api-reference/endpoints/secrets/delete-many"
|
||||
"api-reference/endpoints/secrets/delete-many",
|
||||
{
|
||||
"group": "To be deprecated",
|
||||
"pages": [
|
||||
"api-reference/endpoints/deprecated/secrets/list",
|
||||
"api-reference/endpoints/deprecated/secrets/create",
|
||||
"api-reference/endpoints/deprecated/secrets/read",
|
||||
"api-reference/endpoints/deprecated/secrets/update",
|
||||
"api-reference/endpoints/deprecated/secrets/delete",
|
||||
"api-reference/endpoints/deprecated/secrets/create-many",
|
||||
"api-reference/endpoints/deprecated/secrets/update-many",
|
||||
"api-reference/endpoints/deprecated/secrets/delete-many",
|
||||
"api-reference/endpoints/deprecated/secrets/attach-tags",
|
||||
"api-reference/endpoints/deprecated/secrets/detach-tags"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
@@ -1141,7 +1242,16 @@
|
||||
"api-reference/endpoints/secret-imports/list",
|
||||
"api-reference/endpoints/secret-imports/create",
|
||||
"api-reference/endpoints/secret-imports/update",
|
||||
"api-reference/endpoints/secret-imports/delete"
|
||||
"api-reference/endpoints/secret-imports/delete",
|
||||
{
|
||||
"group": "To be deprecated",
|
||||
"pages": [
|
||||
"api-reference/endpoints/deprecated/secret-imports/list",
|
||||
"api-reference/endpoints/deprecated/secret-imports/create",
|
||||
"api-reference/endpoints/deprecated/secret-imports/update",
|
||||
"api-reference/endpoints/deprecated/secret-imports/delete"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
@@ -2460,121 +2570,6 @@
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"group": "To be depreciated",
|
||||
"pages": [
|
||||
{
|
||||
"group": "Organizations",
|
||||
"pages": [
|
||||
"api-reference/endpoints/depreciated/organizations/projects"
|
||||
]
|
||||
},
|
||||
{
|
||||
"group": "Projects",
|
||||
"pages": [
|
||||
"api-reference/endpoints/depreciated/projects/get-project-by-slug",
|
||||
"api-reference/endpoints/depreciated/projects/create-project",
|
||||
"api-reference/endpoints/depreciated/projects/delete-project",
|
||||
"api-reference/endpoints/depreciated/projects/get-project",
|
||||
"api-reference/endpoints/depreciated/projects/update-project",
|
||||
"api-reference/endpoints/depreciated/projects/secret-snapshots"
|
||||
]
|
||||
},
|
||||
{
|
||||
"group": "Project Users",
|
||||
"pages": [
|
||||
"api-reference/endpoints/depreciated/project-users/invite-member-to-project",
|
||||
"api-reference/endpoints/depreciated/project-users/remove-member-from-project",
|
||||
"api-reference/endpoints/depreciated/project-users/memberships",
|
||||
"api-reference/endpoints/depreciated/project-users/get-by-username",
|
||||
"api-reference/endpoints/depreciated/project-users/update-membership"
|
||||
]
|
||||
},
|
||||
{
|
||||
"group": "Project Groups",
|
||||
"pages": [
|
||||
"api-reference/endpoints/depreciated/project-groups/create",
|
||||
"api-reference/endpoints/depreciated/project-groups/delete",
|
||||
"api-reference/endpoints/depreciated/project-groups/get-by-id",
|
||||
"api-reference/endpoints/depreciated/project-groups/list",
|
||||
"api-reference/endpoints/depreciated/project-groups/update"
|
||||
]
|
||||
},
|
||||
{
|
||||
"group": "Project Identities",
|
||||
"pages": [
|
||||
"api-reference/endpoints/depreciated/project-identities/add-identity-membership",
|
||||
"api-reference/endpoints/depreciated/project-identities/list-identity-memberships",
|
||||
"api-reference/endpoints/depreciated/project-identities/get-by-id",
|
||||
"api-reference/endpoints/depreciated/project-identities/update-identity-membership",
|
||||
"api-reference/endpoints/depreciated/project-identities/delete-identity-membership"
|
||||
]
|
||||
},
|
||||
{
|
||||
"group": "Project Roles",
|
||||
"pages": [
|
||||
"api-reference/endpoints/depreciated/project-roles/create",
|
||||
"api-reference/endpoints/depreciated/project-roles/update",
|
||||
"api-reference/endpoints/depreciated/project-roles/delete",
|
||||
"api-reference/endpoints/depreciated/project-roles/get-by-slug",
|
||||
"api-reference/endpoints/depreciated/project-roles/list"
|
||||
]
|
||||
},
|
||||
{
|
||||
"group": "Environments",
|
||||
"pages": [
|
||||
"api-reference/endpoints/depreciated/environments/create",
|
||||
"api-reference/endpoints/depreciated/environments/update",
|
||||
"api-reference/endpoints/depreciated/environments/delete"
|
||||
]
|
||||
},
|
||||
{
|
||||
"group": "Folders",
|
||||
"pages": [
|
||||
"api-reference/endpoints/depreciated/folders/list",
|
||||
"api-reference/endpoints/depreciated/folders/get-by-id",
|
||||
"api-reference/endpoints/depreciated/folders/create",
|
||||
"api-reference/endpoints/depreciated/folders/update",
|
||||
"api-reference/endpoints/depreciated/folders/delete"
|
||||
]
|
||||
},
|
||||
{
|
||||
"group": "Secret Tags",
|
||||
"pages": [
|
||||
"api-reference/endpoints/depreciated/secret-tags/list",
|
||||
"api-reference/endpoints/depreciated/secret-tags/get-by-id",
|
||||
"api-reference/endpoints/depreciated/secret-tags/get-by-slug",
|
||||
"api-reference/endpoints/depreciated/secret-tags/create",
|
||||
"api-reference/endpoints/depreciated/secret-tags/update",
|
||||
"api-reference/endpoints/depreciated/secret-tags/delete"
|
||||
]
|
||||
},
|
||||
{
|
||||
"group": "Secrets",
|
||||
"pages": [
|
||||
"api-reference/endpoints/depreciated/secrets/list",
|
||||
"api-reference/endpoints/depreciated/secrets/create",
|
||||
"api-reference/endpoints/depreciated/secrets/read",
|
||||
"api-reference/endpoints/depreciated/secrets/update",
|
||||
"api-reference/endpoints/depreciated/secrets/delete",
|
||||
"api-reference/endpoints/depreciated/secrets/create-many",
|
||||
"api-reference/endpoints/depreciated/secrets/update-many",
|
||||
"api-reference/endpoints/depreciated/secrets/delete-many",
|
||||
"api-reference/endpoints/depreciated/secrets/attach-tags",
|
||||
"api-reference/endpoints/depreciated/secrets/detach-tags"
|
||||
]
|
||||
},
|
||||
{
|
||||
"group": "Secret Imports",
|
||||
"pages": [
|
||||
"api-reference/endpoints/depreciated/secret-imports/list",
|
||||
"api-reference/endpoints/depreciated/secret-imports/create",
|
||||
"api-reference/endpoints/depreciated/secret-imports/update",
|
||||
"api-reference/endpoints/depreciated/secret-imports/delete"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@@ -32,6 +32,7 @@ export enum OrgPermissionMachineIdentityAuthTemplateActions {
|
||||
|
||||
export enum OrgPermissionSubjects {
|
||||
Workspace = "workspace",
|
||||
Project = "project",
|
||||
Role = "role",
|
||||
Member = "member",
|
||||
Settings = "settings",
|
||||
@@ -109,6 +110,7 @@ export type AppConnectionSubjectFields = {
|
||||
|
||||
export type OrgPermissionSet =
|
||||
| [OrgPermissionActions.Create, OrgPermissionSubjects.Workspace]
|
||||
| [OrgPermissionActions.Create, OrgPermissionSubjects.Project]
|
||||
| [OrgPermissionActions.Read, OrgPermissionSubjects.Workspace]
|
||||
| [OrgPermissionActions, OrgPermissionSubjects.Role]
|
||||
| [OrgPermissionActions, OrgPermissionSubjects.Member]
|
||||
|
||||
@@ -200,16 +200,20 @@ export const ProjectSelect = () => {
|
||||
</div>
|
||||
<div className="mt-1 h-1 border-t border-mineshaft-600" />
|
||||
<OrgPermissionCan I={OrgPermissionActions.Create} a={OrgPermissionSubjects.Workspace}>
|
||||
{(isAllowed) => (
|
||||
<DropdownMenuItem
|
||||
isDisabled={!isAllowed}
|
||||
icon={<FontAwesomeIcon icon={faPlus} />}
|
||||
onClick={() =>
|
||||
handlePopUpOpen(isAddingProjectsAllowed ? "addNewWs" : "upgradePlan")
|
||||
}
|
||||
>
|
||||
New Project
|
||||
</DropdownMenuItem>
|
||||
{(isOldProjectPermissionAllowed) => (
|
||||
<OrgPermissionCan I={OrgPermissionActions.Create} a={OrgPermissionSubjects.Project}>
|
||||
{(isAllowed) => (
|
||||
<DropdownMenuItem
|
||||
isDisabled={!isAllowed && !isOldProjectPermissionAllowed}
|
||||
icon={<FontAwesomeIcon icon={faPlus} />}
|
||||
onClick={() =>
|
||||
handlePopUpOpen(isAddingProjectsAllowed ? "addNewWs" : "upgradePlan")
|
||||
}
|
||||
>
|
||||
New Project
|
||||
</DropdownMenuItem>
|
||||
)}
|
||||
</OrgPermissionCan>
|
||||
)}
|
||||
</OrgPermissionCan>
|
||||
</DropdownMenuContent>
|
||||
|
||||
@@ -278,22 +278,26 @@ export const AllProjectView = ({
|
||||
</IconButton>
|
||||
</div>
|
||||
<OrgPermissionCan I={OrgPermissionActions.Create} an={OrgPermissionSubjects.Workspace}>
|
||||
{(isAllowed) => (
|
||||
<Button
|
||||
isDisabled={!isAllowed}
|
||||
colorSchema="secondary"
|
||||
leftIcon={<FontAwesomeIcon icon={faPlus} />}
|
||||
onClick={() => {
|
||||
if (isAddingProjectsAllowed) {
|
||||
onAddNewProject();
|
||||
} else {
|
||||
onUpgradePlan();
|
||||
}
|
||||
}}
|
||||
className="ml-2"
|
||||
>
|
||||
Add New Project
|
||||
</Button>
|
||||
{(isOldProjectPermissionAllowed) => (
|
||||
<OrgPermissionCan I={OrgPermissionActions.Create} an={OrgPermissionSubjects.Project}>
|
||||
{(isAllowed) => (
|
||||
<Button
|
||||
isDisabled={!isAllowed && !isOldProjectPermissionAllowed}
|
||||
colorSchema="secondary"
|
||||
leftIcon={<FontAwesomeIcon icon={faPlus} />}
|
||||
onClick={() => {
|
||||
if (isAddingProjectsAllowed) {
|
||||
onAddNewProject();
|
||||
} else {
|
||||
onUpgradePlan();
|
||||
}
|
||||
}}
|
||||
className="ml-2"
|
||||
>
|
||||
Add New Project
|
||||
</Button>
|
||||
)}
|
||||
</OrgPermissionCan>
|
||||
)}
|
||||
</OrgPermissionCan>
|
||||
</div>
|
||||
|
||||
@@ -480,22 +480,26 @@ export const MyProjectView = ({
|
||||
</IconButton>
|
||||
</div>
|
||||
<OrgPermissionCan I={OrgPermissionActions.Create} an={OrgPermissionSubjects.Workspace}>
|
||||
{(isAllowed) => (
|
||||
<Button
|
||||
isDisabled={!isAllowed}
|
||||
colorSchema="secondary"
|
||||
leftIcon={<FontAwesomeIcon icon={faPlus} />}
|
||||
onClick={() => {
|
||||
if (isAddingProjectsAllowed) {
|
||||
onAddNewProject();
|
||||
} else {
|
||||
onUpgradePlan();
|
||||
}
|
||||
}}
|
||||
className="ml-2"
|
||||
>
|
||||
Add New Project
|
||||
</Button>
|
||||
{(isOldProjectV1Allowed) => (
|
||||
<OrgPermissionCan I={OrgPermissionActions.Create} an={OrgPermissionSubjects.Project}>
|
||||
{(isAllowed) => (
|
||||
<Button
|
||||
isDisabled={!isAllowed && !isOldProjectV1Allowed}
|
||||
colorSchema="secondary"
|
||||
leftIcon={<FontAwesomeIcon icon={faPlus} />}
|
||||
onClick={() => {
|
||||
if (isAddingProjectsAllowed) {
|
||||
onAddNewProject();
|
||||
} else {
|
||||
onUpgradePlan();
|
||||
}
|
||||
}}
|
||||
className="ml-2"
|
||||
>
|
||||
Add New Project
|
||||
</Button>
|
||||
)}
|
||||
</OrgPermissionCan>
|
||||
)}
|
||||
</OrgPermissionCan>
|
||||
</div>
|
||||
|
||||
@@ -122,12 +122,11 @@ export const formSchema = z.object({
|
||||
.refine((val) => val !== "custom", { message: "Cannot use custom as its a keyword" }),
|
||||
permissions: z
|
||||
.object({
|
||||
workspace: z
|
||||
project: z
|
||||
.object({
|
||||
create: z.boolean().optional()
|
||||
})
|
||||
.optional(),
|
||||
|
||||
"audit-logs": auditLogsPermissionSchema,
|
||||
member: generalPermissionSchema,
|
||||
groups: groupPermissionSchema,
|
||||
@@ -162,7 +161,11 @@ export const rolePermission2Form = (permissions: TPermission[] = []) => {
|
||||
// i would have to write a if loop with both conditions same
|
||||
const formVal: Record<string, any> = {};
|
||||
permissions.forEach((permission) => {
|
||||
const { subject, action } = permission;
|
||||
const { action } = permission;
|
||||
let { subject } = permission;
|
||||
if (subject === OrgPermissionSubjects.Workspace) {
|
||||
subject = OrgPermissionSubjects.Project;
|
||||
}
|
||||
if (!formVal?.[subject]) formVal[subject] = {};
|
||||
formVal[subject][action] = true;
|
||||
});
|
||||
|
||||
@@ -28,7 +28,7 @@ export const OrgRoleWorkspaceRow = ({ isEditable, control, setValue }: Props) =>
|
||||
|
||||
const rule = useWatch({
|
||||
control,
|
||||
name: "permissions.workspace"
|
||||
name: "permissions.project"
|
||||
});
|
||||
|
||||
const selectedPermissionCategory = useMemo(() => {
|
||||
@@ -60,7 +60,7 @@ export const OrgRoleWorkspaceRow = ({ isEditable, control, setValue }: Props) =>
|
||||
setIsCustom.off();
|
||||
|
||||
if (val === Permission.NoAccess) {
|
||||
setValue("permissions.workspace", { create: false }, { shouldDirty: true });
|
||||
setValue("permissions.project", { create: false }, { shouldDirty: true });
|
||||
}
|
||||
};
|
||||
|
||||
@@ -95,8 +95,8 @@ export const OrgRoleWorkspaceRow = ({ isEditable, control, setValue }: Props) =>
|
||||
{PERMISSION_ACTIONS.map(({ action, label }) => {
|
||||
return (
|
||||
<Controller
|
||||
name={`permissions.workspace.${action}`}
|
||||
key={`permissions.workspace.${action}`}
|
||||
name={`permissions.project.${action}`}
|
||||
key={`permissions.project.${action}`}
|
||||
control={control}
|
||||
render={({ field }) => (
|
||||
<Checkbox
|
||||
|
||||
@@ -1,9 +1,8 @@
|
||||
import { faArrowUpRightFromSquare, faBookOpen, faPlus } from "@fortawesome/free-solid-svg-icons";
|
||||
import { FontAwesomeIcon } from "@fortawesome/react-fontawesome";
|
||||
|
||||
import { OrgPermissionCan } from "@app/components/permissions";
|
||||
import { Button } from "@app/components/v2";
|
||||
import { OrgPermissionActions, OrgPermissionSubjects, useOrgPermission } from "@app/context";
|
||||
import { useOrgPermission } from "@app/context";
|
||||
import { usePopUp } from "@app/hooks";
|
||||
import { ProjectMembershipRole } from "@app/hooks/api/roles/types";
|
||||
|
||||
@@ -15,52 +14,45 @@ export const ExternalMigrationsTab = () => {
|
||||
const { popUp, handlePopUpOpen, handlePopUpToggle } = usePopUp(["selectImportPlatform"] as const);
|
||||
|
||||
return (
|
||||
<OrgPermissionCan
|
||||
I={OrgPermissionActions.Create}
|
||||
a={OrgPermissionSubjects.Workspace}
|
||||
renderGuardBanner
|
||||
passThrough={false}
|
||||
>
|
||||
<div className="rounded-lg border border-mineshaft-600 bg-mineshaft-900 p-4">
|
||||
<div className="flex justify-between">
|
||||
<div className="flex items-center gap-2">
|
||||
<p className="text-xl font-semibold text-mineshaft-100">Import from external source</p>
|
||||
<div className="rounded-lg border border-mineshaft-600 bg-mineshaft-900 p-4">
|
||||
<div className="flex justify-between">
|
||||
<div className="flex items-center gap-2">
|
||||
<p className="text-xl font-semibold text-mineshaft-100">Import from external source</p>
|
||||
|
||||
<div>
|
||||
<a
|
||||
target="_blank"
|
||||
rel="noopener noreferrer"
|
||||
href="https://infisical.com/docs/documentation/platform/external-migrations/overview"
|
||||
>
|
||||
<div className="ml-2 inline-block rounded-md bg-yellow/20 px-1.5 pb-[0.03rem] pt-[0.04rem] text-sm text-yellow opacity-80 hover:opacity-100">
|
||||
<FontAwesomeIcon icon={faBookOpen} className="mr-1.5" />
|
||||
Docs
|
||||
<FontAwesomeIcon
|
||||
icon={faArrowUpRightFromSquare}
|
||||
className="mb-[0.07rem] ml-1.5 text-xxs"
|
||||
/>
|
||||
</div>
|
||||
</a>
|
||||
</div>
|
||||
<div>
|
||||
<a
|
||||
target="_blank"
|
||||
rel="noopener noreferrer"
|
||||
href="https://infisical.com/docs/documentation/platform/external-migrations/overview"
|
||||
>
|
||||
<div className="ml-2 inline-block rounded-md bg-yellow/20 px-1.5 pb-[0.03rem] pt-[0.04rem] text-sm text-yellow opacity-80 hover:opacity-100">
|
||||
<FontAwesomeIcon icon={faBookOpen} className="mr-1.5" />
|
||||
Docs
|
||||
<FontAwesomeIcon
|
||||
icon={faArrowUpRightFromSquare}
|
||||
className="mb-[0.07rem] ml-1.5 text-xxs"
|
||||
/>
|
||||
</div>
|
||||
</a>
|
||||
</div>
|
||||
|
||||
<Button
|
||||
onClick={() => {
|
||||
handlePopUpOpen("selectImportPlatform");
|
||||
}}
|
||||
isDisabled={membership?.role !== ProjectMembershipRole.Admin}
|
||||
leftIcon={<FontAwesomeIcon icon={faPlus} />}
|
||||
>
|
||||
Import
|
||||
</Button>
|
||||
</div>
|
||||
<p className="mb-4 text-gray-400">Import data from another platform to Infisical.</p>
|
||||
|
||||
<SelectImportFromPlatformModal
|
||||
isOpen={popUp.selectImportPlatform.isOpen}
|
||||
onToggle={(state) => handlePopUpToggle("selectImportPlatform", state)}
|
||||
/>
|
||||
<Button
|
||||
onClick={() => {
|
||||
handlePopUpOpen("selectImportPlatform");
|
||||
}}
|
||||
isDisabled={membership?.role !== ProjectMembershipRole.Admin}
|
||||
leftIcon={<FontAwesomeIcon icon={faPlus} />}
|
||||
>
|
||||
Import
|
||||
</Button>
|
||||
</div>
|
||||
</OrgPermissionCan>
|
||||
<p className="mb-4 text-gray-400">Import data from another platform to Infisical.</p>
|
||||
|
||||
<SelectImportFromPlatformModal
|
||||
isOpen={popUp.selectImportPlatform.isOpen}
|
||||
onToggle={(state) => handlePopUpToggle("selectImportPlatform", state)}
|
||||
/>
|
||||
</div>
|
||||
);
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user