From 0f8e2b4b0df0fb497cb520555ad184358e90fb15 Mon Sep 17 00:00:00 2001 From: NathanVss Date: Fri, 14 Jun 2024 16:38:06 +0200 Subject: [PATCH] feat: Ability to allow everyone to create projects (#787) --- client/src/containers/ProjectsContainer.js | 3 ++- docker-compose-dev.yml | 9 +++++---- docker-compose.yml | 2 ++ server/.env.sample | 2 ++ server/api/controllers/projects/create.js | 16 ++++++++++++++++ server/api/controllers/show-config.js | 1 + server/config/custom.js | 2 ++ server/config/policies.js | 2 -- 8 files changed, 30 insertions(+), 7 deletions(-) diff --git a/client/src/containers/ProjectsContainer.js b/client/src/containers/ProjectsContainer.js index b3622c7d..2080f730 100755 --- a/client/src/containers/ProjectsContainer.js +++ b/client/src/containers/ProjectsContainer.js @@ -6,12 +6,13 @@ import entryActions from '../entry-actions'; import Projects from '../components/Projects'; const mapStateToProps = (state) => { + const { allowAllToCreateProjects } = selectors.selectConfig(state); const { isAdmin } = selectors.selectCurrentUser(state); const projects = selectors.selectProjectsForCurrentUser(state); return { items: projects, - canAdd: isAdmin, + canAdd: allowAllToCreateProjects || isAdmin, }; }; diff --git a/docker-compose-dev.yml b/docker-compose-dev.yml index cd758993..ecde54c5 100644 --- a/docker-compose-dev.yml +++ b/docker-compose-dev.yml @@ -1,7 +1,6 @@ version: '3.8' services: - server: build: context: ./server @@ -13,6 +12,7 @@ services: - NODE_ENV=development - DATABASE_URL=postgresql://user:password@postgres:5432/planka_db - SECRET_KEY=notsecretkey + # - TRUST_PROXY=0 # - TOKEN_EXPIRES_IN=365 # In days @@ -23,6 +23,9 @@ services: # Configure knex to accept SSL certificates # - KNEX_REJECT_UNAUTHORIZED_SSL_CERTIFICATE=false + + # - ALLOW_ALL_TO_CREATE_PROJECTS=true + # - OIDC_ISSUER= # - OIDC_CLIENT_ID= # - OIDC_CLIENT_SECRET= @@ -56,7 +59,6 @@ services: # - SLACK_BOT_TOKEN= # - SLACK_CHANNEL_ID= - working_dir: /app command: ["sh", "-c", "npm run start"] depends_on: @@ -85,11 +87,11 @@ services: dockerfile: ../config/development/Dockerfile.server environment: - DATABASE_URL=postgresql://user:password@postgres:5432/planka_db + # - DEFAULT_ADMIN_EMAIL=demo@demo.demo # Do not remove if you want to prevent this user from being edited/deleted # - DEFAULT_ADMIN_PASSWORD=demo # - DEFAULT_ADMIN_NAME=Demo Demo # - DEFAULT_ADMIN_USERNAME=demo - working_dir: /app command: ["sh", "-c", "npm run db:init"] volumes: @@ -126,6 +128,5 @@ services: - server - client - volumes: db-data: diff --git a/docker-compose.yml b/docker-compose.yml index 0601a057..11064c83 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -31,6 +31,8 @@ services: # - DEFAULT_ADMIN_NAME=Demo Demo # - DEFAULT_ADMIN_USERNAME=demo + # - ALLOW_ALL_TO_CREATE_PROJECTS=true + # - OIDC_ISSUER= # - OIDC_CLIENT_ID= # - OIDC_CLIENT_SECRET= diff --git a/server/.env.sample b/server/.env.sample index f005b294..690587d6 100644 --- a/server/.env.sample +++ b/server/.env.sample @@ -22,6 +22,8 @@ SECRET_KEY=notsecretkey # DEFAULT_ADMIN_NAME=Demo Demo # DEFAULT_ADMIN_USERNAME=demo +# ALLOW_ALL_TO_CREATE_PROJECTS=true + # OIDC_ISSUER= # OIDC_CLIENT_ID= # OIDC_CLIENT_SECRET= diff --git a/server/api/controllers/projects/create.js b/server/api/controllers/projects/create.js index 5a8702ec..54bd7f00 100755 --- a/server/api/controllers/projects/create.js +++ b/server/api/controllers/projects/create.js @@ -1,3 +1,9 @@ +const Errors = { + NOT_ENOUGH_RIGHTS: { + notEnoughRights: 'Not enough rights', + }, +}; + module.exports = { inputs: { name: { @@ -6,9 +12,19 @@ module.exports = { }, }, + exits: { + notEnoughRights: { + responseType: 'forbidden', + }, + }, + async fn(inputs) { const { currentUser } = this.req; + if (!currentUser.isAdmin && !sails.config.custom.allowAllToCreateProjects) { + throw Errors.NOT_ENOUGH_RIGHTS; + } + const values = _.pick(inputs, ['name']); const { project, projectManager } = await sails.helpers.projects.createOne.with({ diff --git a/server/api/controllers/show-config.js b/server/api/controllers/show-config.js index 5349149a..d1dc6f67 100644 --- a/server/api/controllers/show-config.js +++ b/server/api/controllers/show-config.js @@ -17,6 +17,7 @@ module.exports = { return { item: { oidc, + allowAllToCreateProjects: sails.config.custom.allowAllToCreateProjects, }, }; }, diff --git a/server/config/custom.js b/server/config/custom.js index 8e5e0962..ac8b9276 100644 --- a/server/config/custom.js +++ b/server/config/custom.js @@ -34,6 +34,8 @@ module.exports.custom = { defaultAdminEmail: process.env.DEFAULT_ADMIN_EMAIL && process.env.DEFAULT_ADMIN_EMAIL.toLowerCase(), + allowAllToCreateProjects: process.env.ALLOW_ALL_TO_CREATE_PROJECTS === 'true', + oidcIssuer: process.env.OIDC_ISSUER, oidcClientId: process.env.OIDC_CLIENT_ID, oidcClientSecret: process.env.OIDC_CLIENT_SECRET, diff --git a/server/config/policies.js b/server/config/policies.js index 665689df..a871368e 100644 --- a/server/config/policies.js +++ b/server/config/policies.js @@ -21,8 +21,6 @@ module.exports.policies = { 'users/create': ['is-authenticated', 'is-admin'], 'users/delete': ['is-authenticated', 'is-admin'], - 'projects/create': ['is-authenticated', 'is-admin'], - 'show-config': true, 'access-tokens/create': true, 'access-tokens/exchange-using-oidc': true,