Skip to content

Commit

Permalink
fix: project permissions (#3317)
Browse files Browse the repository at this point in the history 
This PR fixes an issue where permissions would not allow you to create
an API token in the new project API management view. In addition, it
fixes an issue where if you missed the permission to read API tokens,
you would be blocked from creating one as well.
  • Loading branch information
@FredrikOseberg
FredrikOseberg committed Mar 15, 2023
1 parent fd4874e commit 40f8ed7
Showing 1 changed file with 25 additions and 26 deletions.
51 changes: 25 additions & 26 deletions frontend/src/component/project/Project/ProjectSettings/ProjectApiAccess/ProjectApiAccess.tsx
View file
Expand Up @@ -3,10 +3,6 @@ import { PageContent } from 'component/common/PageContent/PageContent';
import { Alert } from '@mui/material';
import { PageHeader } from 'component/common/PageHeader/PageHeader';
import AccessContext from 'contexts/AccessContext';
import {
CREATE_API_TOKEN,
READ_PROJECT_API_TOKEN,
} from 'component/providers/AccessProvider/permissions';
import { useRequiredPathParam } from 'hooks/useRequiredPathParam';
import { usePageTitle } from 'hooks/usePageTitle';
import { useProjectNameOrId } from 'hooks/api/getters/useProject/useProject';
Expand All @@ -20,12 +16,14 @@ import { Search } from 'component/common/Search/Search';
import {
CREATE_PROJECT_API_TOKEN,
DELETE_PROJECT_API_TOKEN,
READ_PROJECT_API_TOKEN,
} from '@server/types/permissions';
import { CopyApiTokenButton } from 'component/common/ApiTokenTable/CopyApiTokenButton/CopyApiTokenButton';
import { RemoveApiTokenButton } from 'component/common/ApiTokenTable/RemoveApiTokenButton/RemoveApiTokenButton';
import { ActionCell } from 'component/common/Table/cells/ActionCell/ActionCell';
import { usePlausibleTracker } from 'hooks/usePlausibleTracker';
import useProjectApiTokensApi from 'hooks/api/actions/useProjectApiTokensApi/useProjectApiTokensApi';
import { ConditionallyRender } from 'component/common/ConditionallyRender/ConditionallyRender';

export const ProjectApiAccess = () => {
const projectId = useRequiredPathParam('projectId');
Expand Down Expand Up @@ -81,17 +79,6 @@ export const ProjectApiAccess = () => {
</ActionCell>
));

if (!hasAccess(READ_PROJECT_API_TOKEN, projectId)) {
return (
<PageContent header={<PageHeader title="Api access" />}>
<Alert severity="error">
You need to be a member of the project or admin to access
this section.
</Alert>
</PageContent>
);
}

return (
<div style={{ width: '100%', overflow: 'hidden' }}>
<PageContent
Expand All @@ -108,23 +95,35 @@ export const ProjectApiAccess = () => {
<CreateApiTokenButton
permission={CREATE_PROJECT_API_TOKEN}
path="create"
project={projectId}
/>
</>
}
/>
}
>
<ApiTokenTable
compact
loading={loading}
headerGroups={headerGroups}
setHiddenColumns={setHiddenColumns}
prepareRow={prepareRow}
getTableBodyProps={getTableBodyProps}
getTableProps={getTableProps}
rows={rows}
columns={columns}
globalFilter={globalFilter}
<ConditionallyRender
condition={!hasAccess(READ_PROJECT_API_TOKEN, projectId)}
show={
<Alert severity="warning">
You need to have the correct permissions to read API
tokens
</Alert>
}
elseShow={
<ApiTokenTable
compact
loading={loading}
headerGroups={headerGroups}
setHiddenColumns={setHiddenColumns}
prepareRow={prepareRow}
getTableBodyProps={getTableBodyProps}
getTableProps={getTableProps}
rows={rows}
columns={columns}
globalFilter={globalFilter}
/>
}
/>
</PageContent>

Expand Down

0 comments on commit 40f8ed7

Please sign in to comment.