More fine-grained permissions for Fact Tables and SDK Connections

packages/back-end/src/util/organization.util.ts

@@ -339,6 +339,7 @@ export function getRoles(_organization: OrganizationInterface): Role[] {
         "manageFeatureDrafts",
         "manageTargetingAttributes",
         "manageEnvironments",
+        "manageSDKConnections",
         "manageNamespaces",
         "manageSavedGroups",
         "manageArchetype",
@@ -358,8 +359,10 @@ export function getRoles(_organization: OrganizationInterface): Role[] {
         "createAnalyses",
         "createDimensions",
         "createMetrics",
+        "manageFactMetrics",
         "createSegments",
         "manageFactTables",
+        "manageFactFilters",
         "manageTags",
         "runQueries",
         "editDatasourceSettings",
@@ -379,6 +382,7 @@ export function getRoles(_organization: OrganizationInterface): Role[] {
         "manageFeatureDrafts",
         "manageTargetingAttributes",
         "manageEnvironments",
+        "manageSDKConnections",
         "manageNamespaces",
         "manageSavedGroups",
         "manageArchetype",
@@ -388,7 +392,9 @@ export function getRoles(_organization: OrganizationInterface): Role[] {
         "createDimensions",
         "createSegments",
         "createMetrics",
+        "manageFactMetrics",
         "manageFactTables",
+        "manageFactFilters",
         "runQueries",
         "editDatasourceSettings",
         "canReview",

packages/back-end/src/util/permission-constants.ts

@@ -2,6 +2,7 @@
 export const ENV_SCOPED_PERMISSIONS = [
   "publishFeatures",
   "manageEnvironments",
+  "manageSDKConnections",
   "runExperiments",
 ] as const;
 
@@ -14,7 +15,9 @@ export const PROJECT_SCOPED_PERMISSIONS = [
   "createAnalyses",
   "createIdeas",
   "createMetrics",
+  "manageFactMetrics",
   "manageFactTables",
+  "manageFactFilters",
   "createDatasources",
   "editDatasourceSettings",
   "runQueries",
@@ -31,7 +34,8 @@ export const GLOBAL_PERMISSIONS = [
   "manageTags",
   "manageApiKeys",
   "manageIntegrations",
-  "manageWebhooks",
+  "manageEventWebhooks",
+  "manageSDKWebhooks",
   "manageBilling",
   "manageNorthStarMetric",
   "manageTargetingAttributes",

packages/front-end/services/UserContext.tsx

@@ -85,7 +85,8 @@ export const DEFAULT_PERMISSIONS: Record<GlobalPermission, boolean> = {
   manageArchetype: false,
   manageTags: false,
   manageTeam: false,
-  manageWebhooks: false,
+  manageEventWebhooks: false,
+  manageSDKWebhooks: false,
   manageIntegrations: false,
   organizationSettings: false,
   superDeleteReport: false,

packages/shared/src/permissions/permissions.utils.ts

@@ -7,6 +7,7 @@ import {
 export const ENV_SCOPED_PERMISSIONS = [
   "publishFeatures",
   "manageEnvironments",
+  "manageSDKConnections",
   "runExperiments",
 ] as const;
 
@@ -21,7 +22,9 @@ export const PROJECT_SCOPED_PERMISSIONS = [
   "createAnalyses",
   "createIdeas",
   "createMetrics",
+  "manageFactMetrics",
   "manageFactTables",
+  "manageFactFilters",
   "createDatasources",
   "editDatasourceSettings",
   "runQueries",
@@ -40,7 +43,8 @@ export const GLOBAL_PERMISSIONS = [
   "manageTags",
   "manageApiKeys",
   "manageIntegrations",
-  "manageWebhooks",
+  "manageEventWebhooks",
+  "manageSDKWebhooks",
   "manageBilling",
   "manageNorthStarMetric",
   "manageNamespaces",

packages/shared/src/permissions/permissionsClass.ts

@@ -61,31 +61,31 @@ export class Permissions {
   };
 
   public canViewEventWebhook = (): boolean => {
-    return this.checkGlobalPermission("manageWebhooks");
+    return this.checkGlobalPermission("manageEventWebhooks");
   };
 
   public canCreateEventWebhook = (): boolean => {
-    return this.checkGlobalPermission("manageWebhooks");
+    return this.checkGlobalPermission("manageEventWebhooks");
   };
 
   public canUpdateEventWebhook = (): boolean => {
-    return this.checkGlobalPermission("manageWebhooks");
+    return this.checkGlobalPermission("manageEventWebhooks");
   };
 
   public canDeleteEventWebhook = (): boolean => {
-    return this.checkGlobalPermission("manageWebhooks");
+    return this.checkGlobalPermission("manageEventWebhooks");
   };
 
   public canCreateSDKWebhook = (): boolean => {
-    return this.checkGlobalPermission("manageWebhooks");
+    return this.checkGlobalPermission("manageSDKWebhooks");
   };
 
   public canUpdateSDKWebhook = (): boolean => {
-    return this.checkGlobalPermission("manageWebhooks");
+    return this.checkGlobalPermission("manageSDKWebhooks");
   };
 
   public canDeleteSDKWebhook = (): boolean => {
-    return this.checkGlobalPermission("manageWebhooks");
+    return this.checkGlobalPermission("manageSDKWebhooks");
   };
 
   public canCreateAndUpdateTag = (): boolean => {
@@ -436,19 +436,19 @@ export class Permissions {
   public canCreateAndUpdateFactFilter = (
     factTable: Pick<FactTableInterface, "projects">
   ): boolean => {
-    return this.checkProjectFilterPermission(factTable, "manageFactTables");
+    return this.checkProjectFilterPermission(factTable, "manageFactFilters");
   };
 
   public canDeleteFactFilter = (
     factTable: Pick<FactTableInterface, "projects">
   ): boolean => {
-    return this.checkProjectFilterPermission(factTable, "manageFactTables");
+    return this.checkProjectFilterPermission(factTable, "manageFactFilters");
   };
 
   public canCreateFactMetric = (
     metric: Pick<FactMetricInterface, "projects">
   ): boolean => {
-    return this.checkProjectFilterPermission(metric, "createMetrics");
+    return this.checkProjectFilterPermission(metric, "manageFactMetrics");
   };
 
   public canUpdateFactMetric = (
@@ -458,14 +458,14 @@ export class Permissions {
     return this.checkProjectFilterUpdatePermission(
       existing,
       updates,
-      "createMetrics"
+      "manageFactMetrics"
     );
   };
 
   public canDeleteFactMetric = (
     metric: Pick<FactMetricInterface, "projects">
   ): boolean => {
-    return this.checkProjectFilterPermission(metric, "createMetrics");
+    return this.checkProjectFilterPermission(metric, "manageFactMetrics");
   };
 
   public canCreateMetric = (
@@ -688,7 +688,7 @@ export class Permissions {
     return this.checkEnvFilterPermission(
       sdkConnection,
       [sdkConnection.environment],
-      "manageEnvironments"
+      "manageSDKConnections"
     );
   };
 
@@ -699,7 +699,7 @@ export class Permissions {
     return this.checkEnvFilterUpdatePermission(
       existing,
       updates,
-      "manageEnvironments"
+      "manageSDKConnections"
     );
   };
 
@@ -709,7 +709,7 @@ export class Permissions {
     return this.checkEnvFilterPermission(
       sdkConnection,
       [sdkConnection.environment],
-      "manageEnvironments"
+      "manageSDKConnections"
     );
   };