watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-10 23:57:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Removed grant checks.

Browse source
This commit is contained in:
Mike Cao 2025-09-22 13:57:42 -07:00
parent 48c7028a3a
commit 5c9f97182e
4 changed files with 9 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

20
src/permissions/team.ts
View file

@ -3,8 +3,6 @@ import { PERMISSIONS } from '@/lib/constants';
import { getTeamUser } from '@/queries';
import { hasPermission } from '@/lib/auth';
const cloudMode = !!process.env.CLOUD_URL;
export async function canViewTeam({ user }: Auth, teamId: string) {
if (user.isAdmin) {
return true;
@ -13,11 +11,7 @@ export async function canViewTeam({ user }: Auth, teamId: string) {
return getTeamUser(teamId, user.id);
}
export async function canCreateTeam({ user, grant }: Auth) {
if (cloudMode) {
return !!grant?.find(a => a === PERMISSIONS.teamCreate);
}
export async function canCreateTeam({ user }: Auth) {
if (user.isAdmin) {
return true;
}
@ -25,15 +19,11 @@ export async function canCreateTeam({ user, grant }: Auth) {
return !!user;
}
export async function canUpdateTeam({ user, grant }: Auth, teamId: string) {
export async function canUpdateTeam({ user }: Auth, teamId: string) {
if (user.isAdmin) {
return true;
}
if (cloudMode) {
return !!grant?.find(a => a === PERMISSIONS.teamUpdate);
}
const teamUser = await getTeamUser(teamId, user.id);
return teamUser && hasPermission(teamUser.role, PERMISSIONS.teamUpdate);
@ -49,11 +39,7 @@ export async function canDeleteTeam({ user }: Auth, teamId: string) {
return teamUser && hasPermission(teamUser.role, PERMISSIONS.teamDelete);
}
export async function canAddUserToTeam({ user, grant }: Auth) {
if (cloudMode) {
return !!grant?.find(a => a === PERMISSIONS.teamUpdate);
}
export async function canAddUserToTeam({ user }: Auth) {
return user.isAdmin;
}

8
src/permissions/website.ts
View file

@ -3,8 +3,6 @@ import { PERMISSIONS } from '@/lib/constants';
import { hasPermission } from '@/lib/auth';
import { getTeamUser, getWebsite } from '@/queries';
const cloudMode = !!process.env.CLOUD_URL;
export async function canViewWebsite({ user, shareToken }: Auth, websiteId: string) {
if (user?.isAdmin) {
return true;
@ -33,11 +31,7 @@ export async function canViewAllWebsites({ user }: Auth) {
return user.isAdmin;
}
export async function canCreateWebsite({ user, grant }: Auth) {
if (cloudMode) {
return !!grant?.find(a => a === PERMISSIONS.websiteCreate);
}
export async function canCreateWebsite({ user }: Auth) {
if (user.isAdmin) {
return true;
}