diff --git a/apps/dokploy/components/dashboard/settings/users/add-permissions.tsx b/apps/dokploy/components/dashboard/settings/users/add-permissions.tsx index 6366e9cf..51d73b1f 100644 --- a/apps/dokploy/components/dashboard/settings/users/add-permissions.tsx +++ b/apps/dokploy/components/dashboard/settings/users/add-permissions.tsx @@ -52,7 +52,7 @@ interface Props { export const AddUserPermissions = ({ userId }: Props) => { const { data: projects } = api.project.all.useQuery(); - const { data, refetch } = api.auth.one.useQuery( + const { data, refetch } = api.user.one.useQuery( { userId, }, diff --git a/apps/dokploy/drizzle/0066_yielding_echo.sql b/apps/dokploy/drizzle/0066_yielding_echo.sql index f4877cf6..4fd42538 100644 --- a/apps/dokploy/drizzle/0066_yielding_echo.sql +++ b/apps/dokploy/drizzle/0066_yielding_echo.sql @@ -1,7 +1,6 @@ CREATE TABLE "user_temp" ( "id" text PRIMARY KEY NOT NULL, "name" text DEFAULT '' NOT NULL, - "token" text NOT NULL, "isRegistered" boolean DEFAULT false NOT NULL, "expirationDate" text NOT NULL, "createdAt" text NOT NULL, @@ -82,6 +81,7 @@ CREATE TABLE "member" ( "user_id" text NOT NULL, "role" text NOT NULL, "created_at" timestamp NOT NULL, + "token" text NOT NULL, "canCreateProjects" boolean DEFAULT false NOT NULL, "canAccessToSSHKeys" boolean DEFAULT false NOT NULL, "canCreateServices" boolean DEFAULT false NOT NULL, @@ -148,7 +148,6 @@ WITH inserted_users AS ( INSERT INTO user_temp ( id, email, - token, "email_verified", "updated_at", "serverIp", @@ -174,7 +173,6 @@ WITH inserted_users AS ( SELECT a."adminId", auth.email, - COALESCE(auth.token, ''), true, CURRENT_TIMESTAMP, a."serverIp", @@ -247,7 +245,6 @@ inserted_members AS ( INSERT INTO user_temp ( id, email, - token, "email_verified", "updated_at", image, @@ -258,7 +255,6 @@ inserted_members AS ( SELECT u."userId", auth.email, - COALESCE(u.token, ''), true, CURRENT_TIMESTAMP, auth.image, @@ -302,6 +298,7 @@ inserted_admin_members AS ( "user_id", role, "created_at", + "token", "canAccessToAPI", "canAccessToDocker", "canAccessToGitProviders", @@ -320,6 +317,7 @@ inserted_admin_members AS ( a."adminId", 'owner', NOW(), + COALESCE(auth.token, ''), true, -- Los admins tienen todos los permisos por defecto true, true, @@ -333,6 +331,7 @@ inserted_admin_members AS ( '{}' FROM admin a JOIN inserted_orgs o ON o."owner_id" = a."adminId" + JOIN auth ON auth.id = a."authId" RETURNING * ) -- Insertar miembros regulares en las organizaciones @@ -342,6 +341,7 @@ INSERT INTO member ( "user_id", role, "created_at", + "token", "canAccessToAPI", "canAccessToDocker", "canAccessToGitProviders", @@ -360,6 +360,7 @@ SELECT u."userId", 'member', NOW(), + COALESCE(auth.token, ''), COALESCE(u."canAccessToAPI", false), COALESCE(u."canAccessToDocker", false), COALESCE(u."canAccessToGitProviders", false), @@ -373,7 +374,8 @@ SELECT COALESCE(u."accesedServices", '{}') FROM "user" u JOIN admin a ON u."adminId" = a."adminId" -JOIN inserted_orgs o ON o."owner_id" = a."adminId"; +JOIN inserted_orgs o ON o."owner_id" = a."adminId" +JOIN auth ON auth.id = u."authId"; -- Migration tables foreign keys @@ -411,7 +413,7 @@ ALTER TABLE "git_provider" ADD CONSTRAINT "git_provider_userId_user_temp_id_fk" ALTER TABLE "server" ADD CONSTRAINT "server_userId_user_temp_id_fk" FOREIGN KEY ("userId") REFERENCES "public"."user_temp"("id") ON DELETE cascade ON UPDATE no action; -ALTER TABLE "user_temp" ALTER COLUMN "token" SET DEFAULT '';--> statement-breakpoint +ALTER TABLE "member" ALTER COLUMN "token" SET DEFAULT '';--> statement-breakpoint ALTER TABLE "user_temp" ADD COLUMN "created_at" timestamp DEFAULT now(); diff --git a/apps/dokploy/drizzle/meta/0066_snapshot.json b/apps/dokploy/drizzle/meta/0066_snapshot.json index 71a7e3ea..2264814c 100644 --- a/apps/dokploy/drizzle/meta/0066_snapshot.json +++ b/apps/dokploy/drizzle/meta/0066_snapshot.json @@ -748,13 +748,6 @@ "notNull": true, "default": "''" }, - "token": { - "name": "token", - "type": "text", - "primaryKey": false, - "notNull": true, - "default": "''" - }, "isRegistered": { "name": "isRegistered", "type": "boolean", @@ -4494,6 +4487,13 @@ "primaryKey": false, "notNull": true, "default": "ARRAY[]::text[]" + }, + "token": { + "name": "token", + "type": "text", + "primaryKey": false, + "notNull": true, + "default": "''" } }, "indexes": {}, diff --git a/apps/dokploy/server/api/routers/user.ts b/apps/dokploy/server/api/routers/user.ts index c0717a92..6b4e8ede 100644 --- a/apps/dokploy/server/api/routers/user.ts +++ b/apps/dokploy/server/api/routers/user.ts @@ -18,7 +18,7 @@ import { member, } from "@dokploy/server/db/schema"; import { TRPCError } from "@trpc/server"; -import { and, eq } from "drizzle-orm"; +import { and, asc, desc, eq } from "drizzle-orm"; import { z } from "zod"; import { adminProcedure, @@ -33,6 +33,7 @@ export const userRouter = createTRPCRouter({ with: { user: true, }, + orderBy: [asc(member.createdAt)], }); }), one: protectedProcedure @@ -42,14 +43,17 @@ export const userRouter = createTRPCRouter({ }), ) .query(async ({ input, ctx }) => { - const user = await findUserById(input.userId); - // if (user.adminId !== ctx.user.adminId) { - // throw new TRPCError({ - // code: "UNAUTHORIZED", - // message: "You are not allowed to access this user", - // }); - // } - return user; + const memberResult = await db.query.member.findFirst({ + where: and( + eq(member.userId, input.userId), + eq(member.organizationId, ctx.session?.activeOrganizationId || ""), + ), + with: { + user: true, + }, + }); + + return memberResult; }), get: protectedProcedure.query(async ({ ctx }) => { const memberResult = await db.query.member.findFirst({ @@ -111,9 +115,12 @@ export const userRouter = createTRPCRouter({ }); } - await updateUser(user.id, { - ...input, - }); + await db + .update(member) + .set({ + ...input, + }) + .where(eq(member.userId, input.id)); } catch (error) { throw error; } diff --git a/packages/server/src/db/schema/user.ts b/packages/server/src/db/schema/user.ts index d1ebf9df..5860875f 100644 --- a/packages/server/src/db/schema/user.ts +++ b/packages/server/src/db/schema/user.ts @@ -29,7 +29,6 @@ export const users_temp = pgTable("user_temp", { .primaryKey() .$defaultFn(() => nanoid()), name: text("name").notNull().default(""), - token: text("token").notNull().default(""), isRegistered: boolean("isRegistered").notNull().default(false), expirationDate: text("expirationDate") .notNull() @@ -128,16 +127,7 @@ export const usersRelations = relations(users_temp, ({ one, many }) => ({ const createSchema = createInsertSchema(users_temp, { id: z.string().min(1), - token: z.string().min(1), isRegistered: z.boolean().optional(), - // accessedProjects: z.array(z.string()).optional(), - // accessedServices: z.array(z.string()).optional(), - // canCreateProjects: z.boolean().optional(), - // canCreateServices: z.boolean().optional(), - // canDeleteProjects: z.boolean().optional(), - // canDeleteServices: z.boolean().optional(), - // canAccessToDocker: z.boolean().optional(), - // canAccessToTraefikFiles: z.boolean().optional(), }); export const apiCreateUserInvitation = createSchema.pick({}).extend({ @@ -150,11 +140,7 @@ export const apiRemoveUser = createSchema }) .required(); -export const apiFindOneToken = createSchema - .pick({ - token: true, - }) - .required(); +export const apiFindOneToken = createSchema.pick({}).required(); export const apiAssignPermissions = createSchema .pick({ @@ -171,6 +157,19 @@ export const apiAssignPermissions = createSchema // canAccessToSSHKeys: true, // canAccessToGitProviders: true, }) + .extend({ + accessedProjects: z.array(z.string()).optional(), + accessedServices: z.array(z.string()).optional(), + canCreateProjects: z.boolean().optional(), + canCreateServices: z.boolean().optional(), + canDeleteProjects: z.boolean().optional(), + canDeleteServices: z.boolean().optional(), + canAccessToDocker: z.boolean().optional(), + canAccessToTraefikFiles: z.boolean().optional(), + canAccessToAPI: z.boolean().optional(), + canAccessToSSHKeys: z.boolean().optional(), + canAccessToGitProviders: z.boolean().optional(), + }) .required(); export const apiFindOneUser = createSchema