watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-09 23:27:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Merge branch 'dev' into boards
Some checks failed
Node.js CI / build (push) Has been cancelled
Details

Browse source 
# Conflicts:
#	.gitignore
#	package.json
#	pnpm-lock.yaml
#	prisma/migrations/16_boards/migration.sql
#	prisma/schema.prisma
#	src/app/(main)/MobileNav.tsx
#	src/app/(main)/websites/[websiteId]/WebsiteHeader.tsx
#	src/app/(main)/websites/[websiteId]/settings/WebsiteShareForm.tsx
#	src/components/common/SideMenu.tsx
#	src/lib/types.ts
This commit is contained in:
Mike Cao 2026-02-05 20:05:25 -08:00
commit c3e0290e65
150 changed files with 3028 additions and 787 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/permissions/entity.ts
View file

@ -5,7 +5,11 @@ import type { Auth } from '@/lib/types';
import { getTeamUser } from '@/queries/prisma';
export async function canViewEntity({ user }: Auth, entityId: string) {
if (user?.isAdmin) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -25,6 +29,10 @@ export async function canViewEntity({ user }: Auth, entityId: string) {
}
export async function canUpdateEntity({ user }: Auth, entityId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -45,6 +53,10 @@ export async function canUpdateEntity({ user }: Auth, entityId: string) {
}
export async function canDeleteEntity({ user }: Auth, entityId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}

14
src/permissions/link.ts
View file

@ -4,7 +4,11 @@ import type { Auth } from '@/lib/types';
import { getLink, getTeamUser } from '@/queries/prisma';
export async function canViewLink({ user }: Auth, linkId: string) {
if (user?.isAdmin) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -24,6 +28,10 @@ export async function canViewLink({ user }: Auth, linkId: string) {
}
export async function canUpdateLink({ user }: Auth, linkId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -44,6 +52,10 @@ export async function canUpdateLink({ user }: Auth, linkId: string) {
}
export async function canDeleteLink({ user }: Auth, linkId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}

14
src/permissions/pixel.ts
View file

@ -4,7 +4,11 @@ import type { Auth } from '@/lib/types';
import { getPixel, getTeamUser } from '@/queries/prisma';
export async function canViewPixel({ user }: Auth, pixelId: string) {
if (user?.isAdmin) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -24,6 +28,10 @@ export async function canViewPixel({ user }: Auth, pixelId: string) {
}
export async function canUpdatePixel({ user }: Auth, pixelId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -44,6 +52,10 @@ export async function canUpdatePixel({ user }: Auth, pixelId: string) {
}
export async function canDeletePixel({ user }: Auth, pixelId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}

8
src/permissions/report.ts
View file

@ -3,11 +3,11 @@ import type { Auth } from '@/lib/types';
import { canViewWebsite } from './website';
export async function canViewReport(auth: Auth, report: Report) {
if (auth.user.isAdmin) {
if (auth.user?.isAdmin) {
return true;
}
if (auth.user.id === report.userId) {
if (auth.user?.id === report.userId) {
return true;
}
@ -15,6 +15,10 @@ export async function canViewReport(auth: Auth, report: Report) {
}
export async function canUpdateReport({ user }: Auth, report: Report) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}

28
src/permissions/team.ts
View file

@ -4,6 +4,10 @@ import type { Auth } from '@/lib/types';
import { getTeamUser } from '@/queries/prisma';
export async function canViewTeam({ user }: Auth, teamId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -12,14 +16,22 @@ export async function canViewTeam({ user }: Auth, teamId: string) {
}
export async function canCreateTeam({ user }: Auth) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
return !!user;
return hasPermission(user.role, PERMISSIONS.teamCreate);
}
export async function canUpdateTeam({ user }: Auth, teamId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -30,6 +42,10 @@ export async function canUpdateTeam({ user }: Auth, teamId: string) {
}
export async function canDeleteTeam({ user }: Auth, teamId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -40,6 +56,10 @@ export async function canDeleteTeam({ user }: Auth, teamId: string) {
}
export async function canDeleteTeamUser({ user }: Auth, teamId: string, removeUserId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -54,6 +74,10 @@ export async function canDeleteTeamUser({ user }: Auth, teamId: string, removeUs
}
export async function canCreateTeamWebsite({ user }: Auth, teamId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -64,5 +88,5 @@ export async function canCreateTeamWebsite({ user }: Auth, teamId: string) {
}
export async function canViewAllTeams({ user }: Auth) {
return user.isAdmin;
return user?.isAdmin ?? false;
}

14
src/permissions/user.ts
View file

@ -1,10 +1,14 @@
import type { Auth } from '@/lib/types';
export async function canCreateUser({ user }: Auth) {
return user.isAdmin;
return user?.isAdmin ?? false;
}
export async function canViewUser({ user }: Auth, viewedUserId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -13,10 +17,14 @@ export async function canViewUser({ user }: Auth, viewedUserId: string) {
}
export async function canViewUsers({ user }: Auth) {
return user.isAdmin;
return user?.isAdmin ?? false;
}
export async function canUpdateUser({ user }: Auth, viewedUserId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -25,5 +33,5 @@ export async function canUpdateUser({ user }: Auth, viewedUserId: string) {
}
export async function canDeleteUser({ user }: Auth) {
return user.isAdmin;
return user?.isAdmin ?? false;
}

33
src/permissions/website.ts
View file

@ -1,7 +1,8 @@
import { hasPermission } from '@/lib/auth';
import { PERMISSIONS } from '@/lib/constants';
import { getEntity } from '@/lib/entity';
import type { Auth } from '@/lib/types';
import { getLink, getPixel, getTeamUser, getWebsite } from '@/queries/prisma';
import { getTeamUser, getWebsite } from '@/queries/prisma';
export async function canViewWebsite({ user, shareToken }: Auth, websiteId: string) {
if (user?.isAdmin) {
@ -12,13 +13,9 @@ export async function canViewWebsite({ user, shareToken }: Auth, websiteId: stri
return true;
}
const website = await getWebsite(websiteId);
const link = await getLink(websiteId);
const pixel = await getPixel(websiteId);
const entity = await getEntity(websiteId);
const entity = website || link || pixel;
if (!entity) {
if (!entity || !user) {
return false;
}
@ -36,10 +33,14 @@ export async function canViewWebsite({ user, shareToken }: Auth, websiteId: stri
}
export async function canViewAllWebsites({ user }: Auth) {
return user.isAdmin;
return user?.isAdmin ?? false;
}
export async function canCreateWebsite({ user }: Auth) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -48,6 +49,10 @@ export async function canCreateWebsite({ user }: Auth) {
}
export async function canUpdateWebsite({ user }: Auth, websiteId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -72,6 +77,10 @@ export async function canUpdateWebsite({ user }: Auth, websiteId: string) {
}
export async function canDeleteWebsite({ user }: Auth, websiteId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -96,6 +105,10 @@ export async function canDeleteWebsite({ user }: Auth, websiteId: string) {
}
export async function canTransferWebsiteToUser({ user }: Auth, websiteId: string, userId: string) {
if (!user) {
return false;
}
const website = await getWebsite(websiteId);
if (!website) {
@ -112,6 +125,10 @@ export async function canTransferWebsiteToUser({ user }: Auth, websiteId: string
}
export async function canTransferWebsiteToTeam({ user }: Auth, websiteId: string, teamId: string) {
if (!user) {
return false;
}
const website = await getWebsite(websiteId);
if (!website) {