huanld/speckle-server
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
3e7e11b8a11ebff55c64bfbf3196ea5fb2b2405e
speckle-server/packages/server/modules/workspaces/authz/loaders/index.ts
T
Gergő Jedlicska 4a2d85d68c feat(server): web 3485 prevent accounts from creating new workspaces (#4913) 
* feat(shared): rename user workspaces loader

* feat(gatekeeper): intoduce the enterprise plan

* chore(server): remove more "magic strings"

* refactor(shared): extract user is workspace admin to an auth fragment

* feat(shared): add can createWorkspacePolicy

* feat(workspaces): WIP block workspace creation

* feat(server): add can create workspace checks

* feat(workspaces): enforce canCreateWorkspace policy on the workspace
creation mutation

* feat(shared): allow workspace admins and guests to create workspaces
even if they are part of an exclusive workspace

* test(shared): use test fake properly

* fix(server): eligble workspace typing fixes

* test(shared): fix more workspace fakes

* fix(workspacesCore): add missing loader

* fix(shared): use proper exhaustive switch cases, they stop bugs from
happening

* feat(shared): introduce workspacePlanHasAccessToFeature function with tests

* chore(workspaces): fix more PR comments

* fix(workspaces): naming

* fix(workspaces): some more
2025-06-18 08:58:26 +01:00

90 lines
3.6 KiB
TypeScript
Raw Blame History

import { db } from '@/db/knex'
import { getPaginatedProjectModelsTotalCountFactory } from '@/modules/core/repositories/branches'
import { legacyGetStreamsFactory } from '@/modules/core/repositories/streams'
import { getWorkspacePlanFactory } from '@/modules/gatekeeper/repositories/billing'
import { defineModuleLoaders } from '@/modules/loaders'
import { getProjectDbClient } from '@/modules/multiregion/utils/dbSelector'
import {
getUserSsoSessionFactory,
getWorkspaceSsoProviderRecordFactory
} from '@/modules/workspaces/repositories/sso'
import {
getUserEligibleWorkspacesFactory,
getWorkspaceRoleForUserFactory
} from '@/modules/workspaces/repositories/workspaces'
import { queryAllWorkspaceProjectsFactory } from '@/modules/workspaces/services/projects'
import { getWorkspaceModelCountFactory } from '@/modules/workspaces/services/workspaceLimits'
import { getUsersCurrentAndEligibleToBecomeAMemberWorkspaces } from '@/modules/workspaces/services/retrieval'
import { findEmailsByUserIdFactory } from '@/modules/core/repositories/userEmails'
// TODO: Move everything to use dataLoaders
export default defineModuleLoaders(async () => {
const getWorkspacePlan = getWorkspacePlanFactory({ db })
return {
getWorkspace: async ({ workspaceId }, { dataLoaders }) => {
return (await dataLoaders.workspaces!.getWorkspace.load(workspaceId)) || null
},
getWorkspaceRole: async ({ userId, workspaceId }) => {
const role = await getWorkspaceRoleForUserFactory({ db })({
userId,
workspaceId
})
return role?.role || null
},
getWorkspaceSsoSession: async ({ userId, workspaceId }) => {
const ssoSession = await getUserSsoSessionFactory({ db })({
userId,
workspaceId
})
return ssoSession || null
},
getWorkspaceSsoProvider: async ({ workspaceId }) => {
const ssoProvider = await getWorkspaceSsoProviderRecordFactory({ db })({
workspaceId
})
return ssoProvider || null
},
getWorkspaceSeat: async ({ userId, workspaceId }, { dataLoaders }) => {
return (
(
await dataLoaders.gatekeeper!.getUserWorkspaceSeat.load({
userId,
workspaceId
})
)?.type || null
)
},
getWorkspaceModelCount: async ({ workspaceId }) => {
// TODO: Dataloader that has to dynamically pick regional dbs?
return await getWorkspaceModelCountFactory({
queryAllWorkspaceProjects: queryAllWorkspaceProjectsFactory({
getStreams: legacyGetStreamsFactory({ db })
}),
getPaginatedProjectModelsTotalCount: async (projectId, params) => {
const regionDb = await getProjectDbClient({ projectId })
return await getPaginatedProjectModelsTotalCountFactory({ db: regionDb })(
projectId,
params
)
}
})({ workspaceId })
},
getWorkspaceProjectCount: async ({ workspaceId }, { dataLoaders }) => {
return await dataLoaders.workspaces!.getProjectCount.load(workspaceId)
},
getWorkspacePlan: async ({ workspaceId }) => {
return await getWorkspacePlan({ workspaceId })
},
getUsersCurrentAndEligibleToBecomeAMemberWorkspaces: async ({ userId }) => {
return await getUsersCurrentAndEligibleToBecomeAMemberWorkspaces({
findEmailsByUserId: findEmailsByUserIdFactory({ db }),
getUserEligibleWorkspaces: getUserEligibleWorkspacesFactory({ db })
})({ userId })
},
getWorkspaceLimits: async ({ workspaceId }, { dataLoaders }) => {
return await dataLoaders.gatekeeper!.getWorkspaceLimits.load(workspaceId)
}
}
})
Reference in New Issue View Git Blame Copy Permalink