SYNC: Merge pull request #8 from dbgate/feature/db-table-permissions

packages/web/src/appobj/ArchiveFolderAppObject.svelte

@@ -167,7 +167,7 @@ await dbgateApi.deployDb(${JSON.stringify(
       isProApp() && { text: 'Data deployer', onClick: handleOpenDataDeployTab },
       $currentDatabase && [
         { text: 'Generate deploy DB SQL', onClick: handleGenerateDeploySql },
-        { text: 'Shell: Deploy DB', onClick: handleGenerateDeployScript },
+        hasPermission(`run-shell-script`) && { text: 'Shell: Deploy DB', onClick: handleGenerateDeployScript },
       ],
       data.name != 'default' &&
         isProApp() &&

packages/web/src/appobj/ConnectionAppObject.svelte

@@ -382,7 +382,8 @@
           $extensions,
           $currentDatabase,
           $apps,
-          $openedSingleDatabaseConnections
+          $openedSingleDatabaseConnections,
+          data.databasePermissionRole,
         ),
       ],
 

packages/web/src/appobj/DatabaseAppObject.svelte

@@ -46,7 +46,8 @@
     $extensions,
     $currentDatabase,
     $apps,
-    $openedSingleDatabaseConnections
+    $openedSingleDatabaseConnections,
+    databasePermissionRole
   ) {
     const apps = filterAppsForDatabase(connection, name, $apps);
     const handleNewQuery = () => {
@@ -412,11 +413,12 @@ await dbgateApi.executeQuery(${JSON.stringify(
       driver?.databaseEngineTypes?.includes('sql') || driver?.databaseEngineTypes?.includes('document');
 
     return [
-      hasPermission(`dbops/query`) && {
-        onClick: handleNewQuery,
-        text: _t('database.newQuery', { defaultMessage: 'New query' }),
-        isNewQuery: true,
-      },
+      hasPermission(`dbops/query`) &&
+        isAllowedDatabaseRunScript(databasePermissionRole) && {
+          onClick: handleNewQuery,
+          text: _t('database.newQuery', { defaultMessage: 'New query' }),
+          isNewQuery: true,
+        },
       hasPermission(`dbops/model/edit`) &&
         !connection.isReadOnly &&
         driver?.databaseEngineTypes?.includes('sql') && {
@@ -545,12 +547,13 @@ await dbgateApi.executeQuery(${JSON.stringify(
       { divider: true },
 
       driver?.databaseEngineTypes?.includes('sql') &&
+        hasPermission(`run-shell-script`) &&
         hasPermission(`dbops/dropdb`) && {
           onClick: handleGenerateDropAllObjectsScript,
           text: _t('database.shellDropAllObjects', { defaultMessage: 'Shell: Drop all objects' }),
         },
 
-      {
+      hasPermission(`run-shell-script`) && {
         onClick: handleGenerateRunScript,
         text: _t('database.shellRunScript', { defaultMessage: 'Shell: Run script' }),
       },
@@ -625,7 +628,7 @@ await dbgateApi.executeQuery(${JSON.stringify(
   import ConfirmModal from '../modals/ConfirmModal.svelte';
   import { closeMultipleTabs } from '../tabpanel/TabsPanel.svelte';
   import NewCollectionModal from '../modals/NewCollectionModal.svelte';
-  import hasPermission from '../utility/hasPermission';
+  import hasPermission, { isAllowedDatabaseRunScript } from '../utility/hasPermission';
   import { openImportExportTab } from '../utility/importExportTools';
   import newTable from '../tableeditor/newTable';
   import { loadSchemaList, switchCurrentDatabase } from '../utility/common';
@@ -636,6 +639,7 @@ await dbgateApi.executeQuery(${JSON.stringify(
   import { getNumberIcon } from '../icons/FontIcon.svelte';
   import { getDatabaseClickActionSetting } from '../settings/settingsTools';
   import { _t } from '../translations';
+  import { dataGridRowHeight } from '../datagrid/DataGridRowHeightMeter.svelte';
 
   export let data;
   export let passProps;
@@ -647,7 +651,8 @@ await dbgateApi.executeQuery(${JSON.stringify(
       $extensions,
       $currentDatabase,
       $apps,
-      $openedSingleDatabaseConnections
+      $openedSingleDatabaseConnections,
+      data.databasePermissionRole
     );
   }
 
@@ -697,6 +702,9 @@ await dbgateApi.executeQuery(${JSON.stringify(
           ).length
         )
       : ''}
+  statusIconBefore={data.databasePermissionRole == 'read_content' || data.databasePermissionRole == 'view'
+    ? 'icon lock'
+    : null}
   menu={createMenu}
   showPinnedInsteadOfUnpin={passProps?.showPinnedInsteadOfUnpin}
   onPin={isPinned ? null : () => pinnedDatabases.update(list => [...list, data])}

packages/web/src/appobj/DatabaseObjectAppObject.svelte

@@ -703,15 +703,29 @@
   }
 
   function createMenus(objectTypeField, driver, data): ReturnType<typeof createMenusCore> {
-    return createMenusCore(objectTypeField, driver, data).filter(x => {
-      if (x.scriptTemplate) {
-        return hasPermission(`dbops/sql-template/${x.scriptTemplate}`);
+    const coreMenus = createMenusCore(objectTypeField, driver, data);
+
+    const filteredSumenus = coreMenus.map(item => {
+      if (!item.submenu) {
+        return item;
       }
-      if (x.sqlGeneratorProps) {
-        return hasPermission(`dbops/sql-generator`);
-      }
-      return true;
+      return {
+        ...item,
+        submenu: item.submenu.filter(x => {
+          if (x.scriptTemplate) {
+            return hasPermission(`dbops/sql-template/${x.scriptTemplate}`);
+          }
+          if (x.sqlGeneratorProps) {
+            return hasPermission(`dbops/sql-generator`);
+          }
+          return true;
+        }),
+      };
     });
+
+    const filteredNoEmptySubmenus = filteredSumenus.filter(x => !x.submenu || x.submenu.length > 0);
+    
+    return filteredNoEmptySubmenus;
   }
 
   function getObjectTitle(connection, schemaName, pureName) {
@@ -1062,6 +1076,7 @@
       : null}
   extInfo={getExtInfo(data)}
   isChoosed={matchDatabaseObjectAppObject($selectedDatabaseObjectAppObject, data)}
+  statusIconBefore={data.tablePermissionRole == 'read' ? 'icon lock' : null}
   on:click={() => handleObjectClick(data, 'leftClick')}
   on:middleclick={() => handleObjectClick(data, 'middleClick')}
   on:dblclick={() => handleObjectClick(data, 'dblClick')}