watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-11 08:07:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Block share token from all editing permissions.

Browse source 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Mike Cao 2026-01-24 19:13:49 -08:00
parent e782c2e627
commit fdafe13c35
6 changed files with 89 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/permissions/entity.ts
View file

@ -5,7 +5,11 @@ import type { Auth } from '@/lib/types';
import { getTeamUser } from '@/queries/prisma';
export async function canViewEntity({ user }: Auth, entityId: string) {
if (user?.isAdmin) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -25,6 +29,10 @@ export async function canViewEntity({ user }: Auth, entityId: string) {
}
export async function canUpdateEntity({ user }: Auth, entityId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}
@ -45,6 +53,10 @@ export async function canUpdateEntity({ user }: Auth, entityId: string) {
}
export async function canDeleteEntity({ user }: Auth, entityId: string) {
if (!user) {
return false;
}
if (user.isAdmin) {
return true;
}