mirror of
https://github.com/Dokploy/dokploy
synced 2025-06-26 18:27:59 +00:00
refactor: update roles
This commit is contained in:
Mauricio Siu
@@ -39,7 +39,7 @@ export const adminRouter = createTRPCRouter({
|
||||
update: adminProcedure
|
||||
.input(apiUpdateAdmin)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
throw new TRPCError({
|
||||
code: "UNAUTHORIZED",
|
||||
message: "You are not allowed to update this admin",
|
||||
|
||||
@@ -60,7 +60,7 @@ export const applicationRouter = createTRPCRouter({
|
||||
.input(apiCreateApplication)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
try {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.projectId, "create");
|
||||
}
|
||||
|
||||
@@ -80,7 +80,7 @@ export const applicationRouter = createTRPCRouter({
|
||||
}
|
||||
const newApplication = await createApplication(input);
|
||||
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await addNewService(ctx.user.id, newApplication.applicationId);
|
||||
}
|
||||
return newApplication;
|
||||
@@ -98,7 +98,7 @@ export const applicationRouter = createTRPCRouter({
|
||||
one: protectedProcedure
|
||||
.input(apiFindOneApplication)
|
||||
.query(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.applicationId, "access");
|
||||
}
|
||||
const application = await findApplicationById(input.applicationId);
|
||||
@@ -140,7 +140,7 @@ export const applicationRouter = createTRPCRouter({
|
||||
delete: protectedProcedure
|
||||
.input(apiFindOneApplication)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.applicationId, "delete");
|
||||
}
|
||||
const application = await findApplicationById(input.applicationId);
|
||||
|
||||
@@ -176,6 +176,9 @@ export const authRouter = createTRPCRouter({
|
||||
eq(member.userId, ctx.user.id),
|
||||
eq(member.organizationId, ctx.session?.activeOrganizationId || ""),
|
||||
),
|
||||
with: {
|
||||
user: true,
|
||||
},
|
||||
});
|
||||
|
||||
return memberResult;
|
||||
@@ -251,7 +254,7 @@ export const authRouter = createTRPCRouter({
|
||||
await lucia.invalidateSession(session.id);
|
||||
res.setHeader("Set-Cookie", lucia.createBlankSessionCookie().serialize());
|
||||
|
||||
if (ctx.user.rol === "admin") {
|
||||
if (ctx.user.rol === "owner") {
|
||||
await removeAdminByAuthId(ctx.user.authId);
|
||||
} else {
|
||||
await removeUserByAuthId(ctx.user.authId);
|
||||
|
||||
@@ -61,7 +61,7 @@ export const composeRouter = createTRPCRouter({
|
||||
.input(apiCreateCompose)
|
||||
.mutation(async ({ ctx, input }) => {
|
||||
try {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.projectId, "create");
|
||||
}
|
||||
|
||||
@@ -80,7 +80,7 @@ export const composeRouter = createTRPCRouter({
|
||||
}
|
||||
const newService = await createCompose(input);
|
||||
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await addNewService(ctx.user.id, newService.composeId);
|
||||
}
|
||||
|
||||
@@ -93,7 +93,7 @@ export const composeRouter = createTRPCRouter({
|
||||
one: protectedProcedure
|
||||
.input(apiFindCompose)
|
||||
.query(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.composeId, "access");
|
||||
}
|
||||
|
||||
@@ -122,7 +122,7 @@ export const composeRouter = createTRPCRouter({
|
||||
delete: protectedProcedure
|
||||
.input(apiDeleteCompose)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.composeId, "delete");
|
||||
}
|
||||
const composeResult = await findComposeById(input.composeId);
|
||||
@@ -376,7 +376,7 @@ export const composeRouter = createTRPCRouter({
|
||||
deployTemplate: protectedProcedure
|
||||
.input(apiCreateComposeByTemplate)
|
||||
.mutation(async ({ ctx, input }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.projectId, "create");
|
||||
}
|
||||
|
||||
@@ -419,7 +419,7 @@ export const composeRouter = createTRPCRouter({
|
||||
isolatedDeployment: true,
|
||||
});
|
||||
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await addNewService(ctx.user.id, compose.composeId);
|
||||
}
|
||||
|
||||
|
||||
@@ -37,7 +37,7 @@ export const mariadbRouter = createTRPCRouter({
|
||||
.input(apiCreateMariaDB)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
try {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.projectId, "create");
|
||||
}
|
||||
|
||||
@@ -56,7 +56,7 @@ export const mariadbRouter = createTRPCRouter({
|
||||
});
|
||||
}
|
||||
const newMariadb = await createMariadb(input);
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await addNewService(ctx.user.id, newMariadb.mariadbId);
|
||||
}
|
||||
|
||||
@@ -79,7 +79,7 @@ export const mariadbRouter = createTRPCRouter({
|
||||
one: protectedProcedure
|
||||
.input(apiFindOneMariaDB)
|
||||
.query(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.mariadbId, "access");
|
||||
}
|
||||
const mariadb = await findMariadbById(input.mariadbId);
|
||||
@@ -201,7 +201,7 @@ export const mariadbRouter = createTRPCRouter({
|
||||
remove: protectedProcedure
|
||||
.input(apiFindOneMariaDB)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.mariadbId, "delete");
|
||||
}
|
||||
|
||||
|
||||
@@ -36,7 +36,7 @@ export const mongoRouter = createTRPCRouter({
|
||||
.input(apiCreateMongo)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
try {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.projectId, "create");
|
||||
}
|
||||
|
||||
@@ -55,7 +55,7 @@ export const mongoRouter = createTRPCRouter({
|
||||
});
|
||||
}
|
||||
const newMongo = await createMongo(input);
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await addNewService(ctx.user.id, newMongo.mongoId);
|
||||
}
|
||||
|
||||
@@ -82,7 +82,7 @@ export const mongoRouter = createTRPCRouter({
|
||||
one: protectedProcedure
|
||||
.input(apiFindOneMongo)
|
||||
.query(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.mongoId, "access");
|
||||
}
|
||||
|
||||
@@ -242,7 +242,7 @@ export const mongoRouter = createTRPCRouter({
|
||||
remove: protectedProcedure
|
||||
.input(apiFindOneMongo)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.mongoId, "delete");
|
||||
}
|
||||
|
||||
|
||||
@@ -38,7 +38,7 @@ export const mysqlRouter = createTRPCRouter({
|
||||
.input(apiCreateMySql)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
try {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.projectId, "create");
|
||||
}
|
||||
|
||||
@@ -58,7 +58,7 @@ export const mysqlRouter = createTRPCRouter({
|
||||
}
|
||||
|
||||
const newMysql = await createMysql(input);
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await addNewService(ctx.user.id, newMysql.mysqlId);
|
||||
}
|
||||
|
||||
@@ -85,7 +85,7 @@ export const mysqlRouter = createTRPCRouter({
|
||||
one: protectedProcedure
|
||||
.input(apiFindOneMySql)
|
||||
.query(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.mysqlId, "access");
|
||||
}
|
||||
const mysql = await findMySqlById(input.mysqlId);
|
||||
@@ -240,7 +240,7 @@ export const mysqlRouter = createTRPCRouter({
|
||||
remove: protectedProcedure
|
||||
.input(apiFindOneMySql)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.mysqlId, "delete");
|
||||
}
|
||||
const mongo = await findMySqlById(input.mysqlId);
|
||||
|
||||
@@ -44,7 +44,7 @@ export const postgresRouter = createTRPCRouter({
|
||||
.input(apiCreatePostgres)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
try {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.projectId, "create");
|
||||
}
|
||||
|
||||
@@ -63,7 +63,7 @@ export const postgresRouter = createTRPCRouter({
|
||||
});
|
||||
}
|
||||
const newPostgres = await createPostgres(input);
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await addNewService(ctx.user.id, newPostgres.postgresId);
|
||||
}
|
||||
|
||||
@@ -90,7 +90,7 @@ export const postgresRouter = createTRPCRouter({
|
||||
one: protectedProcedure
|
||||
.input(apiFindOnePostgres)
|
||||
.query(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.postgresId, "access");
|
||||
}
|
||||
|
||||
@@ -221,7 +221,7 @@ export const postgresRouter = createTRPCRouter({
|
||||
remove: protectedProcedure
|
||||
.input(apiFindOnePostgres)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.postgresId, "delete");
|
||||
}
|
||||
const postgres = await findPostgresById(input.postgresId);
|
||||
|
||||
@@ -36,7 +36,7 @@ export const projectRouter = createTRPCRouter({
|
||||
.input(apiCreateProject)
|
||||
.mutation(async ({ ctx, input }) => {
|
||||
try {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkProjectAccess(ctx.user.id, "create");
|
||||
}
|
||||
|
||||
@@ -50,7 +50,7 @@ export const projectRouter = createTRPCRouter({
|
||||
}
|
||||
|
||||
const project = await createProject(input, ctx.user.ownerId);
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await addNewProject(ctx.user.id, project.projectId);
|
||||
}
|
||||
|
||||
@@ -67,7 +67,7 @@ export const projectRouter = createTRPCRouter({
|
||||
one: protectedProcedure
|
||||
.input(apiFindOneProject)
|
||||
.query(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
const { accessedServices } = await findUserByAuthId(ctx.user.id);
|
||||
|
||||
await checkProjectAccess(ctx.user.id, "access", input.projectId);
|
||||
@@ -125,7 +125,7 @@ export const projectRouter = createTRPCRouter({
|
||||
}),
|
||||
all: protectedProcedure.query(async ({ ctx }) => {
|
||||
// console.log(ctx.user);
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
const { accessedProjects, accessedServices } = await findUserById(
|
||||
ctx.user.id,
|
||||
);
|
||||
@@ -203,7 +203,7 @@ export const projectRouter = createTRPCRouter({
|
||||
.input(apiRemoveProject)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
try {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkProjectAccess(ctx.user.id, "delete");
|
||||
}
|
||||
const currentProject = await findProjectById(input.projectId);
|
||||
|
||||
@@ -36,7 +36,7 @@ export const redisRouter = createTRPCRouter({
|
||||
.input(apiCreateRedis)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
try {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.projectId, "create");
|
||||
}
|
||||
|
||||
@@ -55,7 +55,7 @@ export const redisRouter = createTRPCRouter({
|
||||
});
|
||||
}
|
||||
const newRedis = await createRedis(input);
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await addNewService(ctx.user.id, newRedis.redisId);
|
||||
}
|
||||
|
||||
@@ -75,7 +75,7 @@ export const redisRouter = createTRPCRouter({
|
||||
one: protectedProcedure
|
||||
.input(apiFindOneRedis)
|
||||
.query(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.redisId, "access");
|
||||
}
|
||||
|
||||
@@ -232,7 +232,7 @@ export const redisRouter = createTRPCRouter({
|
||||
remove: protectedProcedure
|
||||
.input(apiFindOneRedis)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
await checkServiceAccess(ctx.user.id, input.redisId, "delete");
|
||||
}
|
||||
|
||||
|
||||
@@ -382,7 +382,7 @@ export const settingsRouter = createTRPCRouter({
|
||||
.input(apiServerSchema)
|
||||
.query(async ({ ctx, input }) => {
|
||||
try {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
const canAccess = await canAccessToTraefikFiles(ctx.user.authId);
|
||||
|
||||
if (!canAccess) {
|
||||
@@ -400,7 +400,7 @@ export const settingsRouter = createTRPCRouter({
|
||||
updateTraefikFile: protectedProcedure
|
||||
.input(apiModifyTraefikConfig)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
const canAccess = await canAccessToTraefikFiles(ctx.user.authId);
|
||||
|
||||
if (!canAccess) {
|
||||
@@ -418,7 +418,7 @@ export const settingsRouter = createTRPCRouter({
|
||||
readTraefikFile: protectedProcedure
|
||||
.input(apiReadTraefikConfig)
|
||||
.query(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "user") {
|
||||
if (ctx.user.rol === "member") {
|
||||
const canAccess = await canAccessToTraefikFiles(ctx.user.authId);
|
||||
|
||||
if (!canAccess) {
|
||||
|
||||
@@ -32,7 +32,7 @@ import { ZodError } from "zod";
|
||||
|
||||
interface CreateContextOptions {
|
||||
user: (User & { rol: "admin" | "user"; ownerId: string }) | null;
|
||||
session: (Session & { activeOrganizationId: string }) | null;
|
||||
session: (Session & { activeOrganizationId?: string }) | null;
|
||||
req: CreateNextContextOptions["req"];
|
||||
res: CreateNextContextOptions["res"];
|
||||
}
|
||||
@@ -67,31 +67,35 @@ export const createTRPCContext = async (opts: CreateNextContextOptions) => {
|
||||
const { req, res } = opts;
|
||||
|
||||
// Get from the request
|
||||
let { session, user } = await validateRequest(req);
|
||||
const { session, user } = await validateRequest(req);
|
||||
|
||||
if (!session) {
|
||||
const cookieResult = await validateRequest(req);
|
||||
session = cookieResult.session;
|
||||
user = cookieResult.user;
|
||||
}
|
||||
// if (!session) {
|
||||
// const cookieResult = await validateRequest(req);
|
||||
// session = cookieResult.session;
|
||||
// user = cookieResult.user;
|
||||
// }
|
||||
|
||||
console.log("session", { session, user });
|
||||
console.log("session", session);
|
||||
console.log("user", user);
|
||||
|
||||
return createInnerTRPCContext({
|
||||
req,
|
||||
res,
|
||||
session: session,
|
||||
...((user && {
|
||||
user: {
|
||||
...user,
|
||||
email: user.email,
|
||||
rol: user.role,
|
||||
id: user.id,
|
||||
ownerId: user.ownerId,
|
||||
},
|
||||
}) || {
|
||||
user: null,
|
||||
}),
|
||||
session: session
|
||||
? {
|
||||
...session,
|
||||
activeOrganizationId: session.activeOrganizationId ?? undefined,
|
||||
}
|
||||
: null,
|
||||
user: user
|
||||
? {
|
||||
...user,
|
||||
email: user.email,
|
||||
rol: user.role as "admin" | "user",
|
||||
id: user.id,
|
||||
ownerId: user.ownerId,
|
||||
}
|
||||
: null,
|
||||
});
|
||||
};
|
||||
|
||||
|
||||
Reference in New Issue
Block a user