mirror of
https://github.com/DeNNiiInc/dbgate.git
synced 2026-05-03 19:53:57 +00:00
storage permissions
This commit is contained in:
Jan Prochazka
@@ -6,7 +6,7 @@ const AD = require('activedirectory2').promiseWrapper;
|
|||||||
const crypto = require('crypto');
|
const crypto = require('crypto');
|
||||||
const { getTokenSecret, getTokenLifetime } = require('../auth/authCommon');
|
const { getTokenSecret, getTokenLifetime } = require('../auth/authCommon');
|
||||||
const { getAuthProvider } = require('../auth/authProvider');
|
const { getAuthProvider } = require('../auth/authProvider');
|
||||||
const { create } = require('lodash');
|
const storage = require('./storage');
|
||||||
|
|
||||||
const logger = getLogger('auth');
|
const logger = getLogger('auth');
|
||||||
|
|
||||||
@@ -65,7 +65,16 @@ module.exports = {
|
|||||||
if (isAdminPage) {
|
if (isAdminPage) {
|
||||||
if (process.env.ADMIN_PASSWORD && process.env.ADMIN_PASSWORD == password) {
|
if (process.env.ADMIN_PASSWORD && process.env.ADMIN_PASSWORD == password) {
|
||||||
return {
|
return {
|
||||||
accessToken: jwt.sign({ login: 'admin' }, getTokenSecret(), { expiresIn: getTokenLifetime() }),
|
accessToken: jwt.sign(
|
||||||
|
{
|
||||||
|
login: 'superadmin',
|
||||||
|
permissions: await storage.loadSuperadminPermissions(),
|
||||||
|
},
|
||||||
|
getTokenSecret(),
|
||||||
|
{
|
||||||
|
expiresIn: getTokenLifetime(),
|
||||||
|
}
|
||||||
|
),
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -7,4 +7,8 @@ module.exports = {
|
|||||||
async getConnection({ conid }) {
|
async getConnection({ conid }) {
|
||||||
return null;
|
return null;
|
||||||
},
|
},
|
||||||
|
|
||||||
|
async loadSuperadminPermissions() {
|
||||||
|
return [];
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -42,14 +42,16 @@
|
|||||||
const connections = await apiCall('connections/list');
|
const connections = await apiCall('connections/list');
|
||||||
const settings = await getSettings();
|
const settings = await getSettings();
|
||||||
const apps = await getUsedApps();
|
const apps = await getUsedApps();
|
||||||
loadedApi = settings && connections && config && apps;
|
const loadedApiValue = !!(settings && connections && config && apps);
|
||||||
|
|
||||||
if (loadedApi) {
|
if (loadedApiValue) {
|
||||||
subscribeApiDependendStores();
|
subscribeApiDependendStores();
|
||||||
subscribeConnectionPingers();
|
subscribeConnectionPingers();
|
||||||
subscribePermissionCompiler();
|
subscribePermissionCompiler();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
loadedApi = loadedApiValue;
|
||||||
|
|
||||||
if (!loadedApi) {
|
if (!loadedApi) {
|
||||||
console.log('API not initialized correctly, trying again in 1s');
|
console.log('API not initialized correctly, trying again in 1s');
|
||||||
setTimeout(loadApi, 1000);
|
setTimeout(loadApi, 1000);
|
||||||
|
|||||||
@@ -4,13 +4,17 @@ import { useConfig } from './metadataLoaders';
|
|||||||
let compiled = null;
|
let compiled = null;
|
||||||
|
|
||||||
export default function hasPermission(tested) {
|
export default function hasPermission(tested) {
|
||||||
|
// console.log('TESTING PERM', tested, compiled, testPermission(tested, compiled));
|
||||||
return testPermission(tested, compiled);
|
return testPermission(tested, compiled);
|
||||||
}
|
}
|
||||||
|
|
||||||
export function subscribePermissionCompiler() {
|
export function subscribePermissionCompiler() {
|
||||||
|
// console.log('subscribePermissionCompiler', compiled);
|
||||||
|
|
||||||
useConfig().subscribe(value => {
|
useConfig().subscribe(value => {
|
||||||
if (!value) return;
|
if (!value) return;
|
||||||
const { permissions } = value;
|
const { permissions } = value;
|
||||||
compiled = compilePermissions(permissions);
|
compiled = compilePermissions(permissions);
|
||||||
|
// console.log('COMPILED PERMS', compiled);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -12,20 +12,17 @@
|
|||||||
} from '../stores';
|
} from '../stores';
|
||||||
import mainMenuDefinition from '../../../../app/src/mainMenuDefinition';
|
import mainMenuDefinition from '../../../../app/src/mainMenuDefinition';
|
||||||
import hasPermission from '../utility/hasPermission';
|
import hasPermission from '../utility/hasPermission';
|
||||||
import { isAdminPage } from '../utility/pageDefs';
|
|
||||||
|
|
||||||
let domSettings;
|
let domSettings;
|
||||||
let domMainMenu;
|
let domMainMenu;
|
||||||
|
|
||||||
const isAdmin = isAdminPage();
|
|
||||||
|
|
||||||
const widgets = [
|
const widgets = [
|
||||||
getCurrentConfig().storageDatabase && {
|
getCurrentConfig().storageDatabase && {
|
||||||
icon: 'icon admin',
|
icon: 'icon admin',
|
||||||
name: 'admin',
|
name: 'admin',
|
||||||
title: 'Administration',
|
title: 'Administration',
|
||||||
},
|
},
|
||||||
!isAdmin && {
|
{
|
||||||
icon: 'icon database',
|
icon: 'icon database',
|
||||||
name: 'database',
|
name: 'database',
|
||||||
title: 'Database connections',
|
title: 'Database connections',
|
||||||
@@ -34,32 +31,32 @@
|
|||||||
// icon: 'fa-table',
|
// icon: 'fa-table',
|
||||||
// name: 'table',
|
// name: 'table',
|
||||||
// },
|
// },
|
||||||
!isAdmin && {
|
{
|
||||||
icon: 'icon file',
|
icon: 'icon file',
|
||||||
name: 'file',
|
name: 'file',
|
||||||
title: 'Favorites & Saved files',
|
title: 'Favorites & Saved files',
|
||||||
},
|
},
|
||||||
!isAdmin && {
|
{
|
||||||
icon: 'icon history',
|
icon: 'icon history',
|
||||||
name: 'history',
|
name: 'history',
|
||||||
title: 'Query history & Closed tabs',
|
title: 'Query history & Closed tabs',
|
||||||
},
|
},
|
||||||
!isAdmin && {
|
{
|
||||||
icon: 'icon archive',
|
icon: 'icon archive',
|
||||||
name: 'archive',
|
name: 'archive',
|
||||||
title: 'Archive (saved tabular data)',
|
title: 'Archive (saved tabular data)',
|
||||||
},
|
},
|
||||||
!isAdmin && {
|
{
|
||||||
icon: 'icon plugin',
|
icon: 'icon plugin',
|
||||||
name: 'plugins',
|
name: 'plugins',
|
||||||
title: 'Extensions & Plugins',
|
title: 'Extensions & Plugins',
|
||||||
},
|
},
|
||||||
!isAdmin && {
|
{
|
||||||
icon: 'icon cell-data',
|
icon: 'icon cell-data',
|
||||||
name: 'cell-data',
|
name: 'cell-data',
|
||||||
title: 'Selected cell data detail view',
|
title: 'Selected cell data detail view',
|
||||||
},
|
},
|
||||||
!isAdmin && {
|
{
|
||||||
icon: 'icon app',
|
icon: 'icon app',
|
||||||
name: 'app',
|
name: 'app',
|
||||||
title: 'Application layers',
|
title: 'Application layers',
|
||||||
@@ -119,17 +116,16 @@
|
|||||||
|
|
||||||
<div class="flex1"> </div>
|
<div class="flex1"> </div>
|
||||||
|
|
||||||
{#if !isAdmin}
|
<div
|
||||||
<div
|
class="wrapper"
|
||||||
class="wrapper"
|
title={`Toggle whether tabs from all databases are visible. Currently - ${$lockedDatabaseMode ? 'NO' : 'YES'}`}
|
||||||
title={`Toggle whether tabs from all databases are visible. Currently - ${$lockedDatabaseMode ? 'NO' : 'YES'}`}
|
on:click={() => {
|
||||||
on:click={() => {
|
$lockedDatabaseMode = !$lockedDatabaseMode;
|
||||||
$lockedDatabaseMode = !$lockedDatabaseMode;
|
}}
|
||||||
}}
|
>
|
||||||
>
|
<FontIcon icon={$lockedDatabaseMode ? 'icon locked-database-mode' : 'icon unlocked-database-mode'} />
|
||||||
<FontIcon icon={$lockedDatabaseMode ? 'icon locked-database-mode' : 'icon unlocked-database-mode'} />
|
</div>
|
||||||
</div>
|
|
||||||
{/if}
|
|
||||||
<div class="wrapper" on:click={handleSettingsMenu} bind:this={domSettings}>
|
<div class="wrapper" on:click={handleSettingsMenu} bind:this={domSettings}>
|
||||||
<FontIcon icon="icon settings" />
|
<FontIcon icon="icon settings" />
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
Reference in New Issue
Block a user