mirror/fosrl.pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2025-08-28 21:58:15 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

add createNewt action and remove max orgs restriction

Browse source
This commit is contained in:
miloschwartz 2025-03-26 22:20:22 -04:00
parent fefb07e14c
commit 5e2f9e1eeb
No known key found for this signature in database
4 changed files with 24 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

1
server/auth/actions.ts
View file

@ -63,6 +63,7 @@ export enum ActionsEnum {
listResourceRules = "listResourceRules", listResourceRules = "listResourceRules",
updateResourceRule = "updateResourceRule", updateResourceRule = "updateResourceRule",
listOrgDomains = "listOrgDomains", listOrgDomains = "listOrgDomains",
createNewt = "createNewt",
} }
export async function checkUserActionPermission( export async function checkUserActionPermission(

14
server/middlewares/verifyRoleAccess.ts
View file

@ -44,6 +44,8 @@ export async function verifyRoleAccess(
); );
} }
const orgIds = new Set(rolesData.map((role) => role.orgId));
// Check user access to each role's organization // Check user access to each role's organization
for (const role of rolesData) { for (const role of rolesData) {
const userOrgRole = await db const userOrgRole = await db
@ -69,7 +71,16 @@ export async function verifyRoleAccess(
req.userOrgId = role.orgId; req.userOrgId = role.orgId;
} }
const orgId = req.userOrgId; if (orgIds.size > 1) {
return next(
createHttpError(
HttpCode.FORBIDDEN,
"Roles must belong to the same organization"
)
);
}
const orgId = orgIds.values().next().value;
if (!orgId) { if (!orgId) {
return next( return next(
@ -105,3 +116,4 @@ export async function verifyRoleAccess(
); );
} }
} }

11
server/routers/external.ts
View file

@ -383,7 +383,10 @@ authenticated.get(
authenticated.get(`/org/:orgId/overview`, verifyOrgAccess, org.getOrgOverview); authenticated.get(`/org/:orgId/overview`, verifyOrgAccess, org.getOrgOverview);
authenticated.post(`/supporter-key/validate`, supporterKey.validateSupporterKey); authenticated.post(
`/supporter-key/validate`,
supporterKey.validateSupporterKey
);
authenticated.post(`/supporter-key/hide`, supporterKey.hideSupporterKey); authenticated.post(`/supporter-key/hide`, supporterKey.hideSupporterKey);
unauthenticated.get("/resource/:resourceId/auth", resource.getResourceAuthInfo); unauthenticated.get("/resource/:resourceId/auth", resource.getResourceAuthInfo);
@ -470,7 +473,11 @@ authenticated.delete(
// role.removeRoleAction // role.removeRoleAction
// ); // );
authenticated.put("/newt", createNewt); authenticated.put(
"/newt",
verifyUserHasAction(ActionsEnum.createNewt),
createNewt
);
// Auth routes // Auth routes
export const authRouter = Router(); export const authRouter = Router();

2
server/routers/org/createOrg.ts
View file

@ -27,7 +27,7 @@ const createOrgSchema = z
}) })
.strict(); .strict();
const MAX_ORGS = 5; // const MAX_ORGS = 5;
export async function createOrg( export async function createOrg(
req: Request, req: Request,