wieerwill/platform
1
0
Fork 0
mirror of https://github.com/hcengineering/platform.git synced 2025-05-21 06:52:33 +00:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

Minor guests fixes (#8945)

Browse Source 
Signed-off-by: Denis Bykhov <bykhov.denis@gmail.com>
This commit is contained in:
Denis Bykhov 2025-05-15 20:13:01 +05:00 committed by GitHub
parent 259b3ff921
commit afca633175
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
11 changed files with 51 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
models/time/src/index.ts
View File

@ -27,7 +27,8 @@ import {
type Timestamp, type Timestamp,
type Type, type Type,
DateRangeMode, DateRangeMode,
IndexKind IndexKind,
AccountRole
} from '@hcengineering/core' } from '@hcengineering/core'
import lead from '@hcengineering/lead' import lead from '@hcengineering/lead'
import { import {
@ -194,6 +195,7 @@ export function createModel (builder: Builder): void {
{ {
label: time.string.Planner, label: time.string.Planner,
icon: calendarPlugin.icon.Calendar, icon: calendarPlugin.icon.Calendar,
accessLevel: AccountRole.User,
alias: timeId, alias: timeId,
hidden: false, hidden: false,
position: 'top', position: 'top',
@ -208,6 +210,7 @@ export function createModel (builder: Builder): void {
{ {
label: time.string.Team, label: time.string.Team,
icon: time.icon.Team, icon: time.icon.Team,
accessLevel: AccountRole.User,
alias: 'team', alias: 'team',
hidden: false, hidden: false,
component: time.component.Team component: time.component.Team

2
plugins/contact-resources/src/components/AccountArrayEditor.svelte
View File

@ -132,7 +132,7 @@
</script> </script>
<UserBoxList <UserBoxList
_class={!allowGuests ? contact.mixin.Employee : contact.class.Person} _class={contact.mixin.Employee}
items={employees} items={employees}
{label} {label}
{emptyLabel} {emptyLabel}

2
plugins/contact-resources/src/components/PersonIdArrayEditor.svelte
View File

@ -133,7 +133,7 @@
</script> </script>
<UserBoxList <UserBoxList
_class={!allowGuests ? contact.mixin.Employee : contact.class.Person} _class={contact.mixin.Employee}
items={employees} items={employees}
{label} {label}
{emptyLabel} {emptyLabel}

2
plugins/login-resources/src/components/Join.svelte
View File

@ -115,7 +115,7 @@
if (location.query?.inviteId === undefined || location.query?.inviteId === null) return if (location.query?.inviteId === undefined || location.query?.inviteId === null) return
status = new Status(Severity.INFO, login.status.ConnectingToServer, {}) status = new Status(Severity.INFO, login.status.ConnectingToServer, {})
const [, result] = await checkJoined(location.query.inviteId) const result = await checkJoined(location.query.inviteId)
status = OK status = OK
if (result != null) { if (result != null) {
setLoginInfo(result) setLoginInfo(result)

16
plugins/login-resources/src/utils.ts
View File

@ -491,26 +491,18 @@ export function navigateToWorkspace (
} }
} }
export async function checkJoined (inviteId: string): Promise<[Status, WorkspaceLoginInfo | null]> { export async function checkJoined (inviteId: string): Promise<WorkspaceLoginInfo | undefined> {
const token = getMetadata(presentation.metadata.Token) const token = getMetadata(presentation.metadata.Token)
if (token == null) { if (token == null) return
const loginInfo = await getAccountClient().getLoginInfoByToken()
if (loginInfo.token == null) {
return [unknownStatus('Please login'), null]
}
}
try { try {
const workspaceLoginInfo = await getAccountClient(token).checkJoin(inviteId) const workspaceLoginInfo = await getAccountClient(token).checkJoin(inviteId)
return [OK, workspaceLoginInfo] return workspaceLoginInfo
} catch (err: any) { } catch (err: any) {
if (err instanceof PlatformError) { if (!(err instanceof PlatformError)) {
return [err.status, null]
} else {
Analytics.handleError(err) Analytics.handleError(err)
return [unknownError(err), null]
} }
} }
} }

3
server-plugins/calendar-resources/src/index.ts
View File

@ -110,6 +110,9 @@ export async function OnEmployee (txes: Tx[], control: TriggerControl): Promise<
) )
)[0] )[0]
if (employee?.personUuid === undefined) continue if (employee?.personUuid === undefined) continue
if (employee.role === 'GUEST') {
continue
}
result.push(...(await createCalendar(control, employee.personUuid, socialId, socialId))) result.push(...(await createCalendar(control, employee.personUuid, socialId, socialId)))
} }

6
server-plugins/contact-resources/src/index.ts
View File

@ -102,11 +102,13 @@ export async function OnEmployeeCreate (_txes: Tx[], control: TriggerControl): P
const account = person?.personUuid as AccountUuid const account = person?.personUuid as AccountUuid
if (account === undefined) continue if (account === undefined) continue
const spaces = await control.findAll(control.ctx, core.class.Space, { autoJoin: true })
const txes = await createPersonSpace(account, mixinTx.objectId, control) const txes = await createPersonSpace(account, mixinTx.objectId, control)
result.push(...txes) result.push(...txes)
const emp = control.hierarchy.as(person, contact.mixin.Employee)
if (emp.role === 'GUEST') continue
const spaces = await control.findAll(control.ctx, core.class.Space, { autoJoin: true })
for (const space of spaces) { for (const space of spaces) {
if (space.members.includes(account)) continue if (space.members.includes(account)) continue

2
server-plugins/hr-resources/src/index.ts
View File

@ -218,6 +218,8 @@ export async function OnEmployee (txes: Tx[], control: TriggerControl): Promise<
continue continue
} }
if (employee.role === 'GUEST') continue
result.push( result.push(
control.txFactory.createTxMixin(ctx.objectId, ctx.objectClass, ctx.objectSpace, hr.mixin.Staff, { control.txFactory.createTxMixin(ctx.objectId, ctx.objectClass, ctx.objectSpace, hr.mixin.Staff, {
department: hr.ids.Head department: hr.ids.Head

9
server-plugins/love-resources/src/index.ts
View File

@ -70,6 +70,15 @@ export async function OnEmployee (txes: Tx[], control: TriggerControl): Promise<
if (val === undefined) { if (val === undefined) {
continue continue
} }
const user = (
await control.findAll(control.ctx, contact.mixin.Employee, { _id: actualTx.objectId as Ref<Employee> })
)[0]
if (user === undefined) {
continue
}
if (user.role === 'GUEST') {
continue
}
if (val) { if (val) {
const freeRoom = (await control.findAll(control.ctx, love.class.Office, { person: null }))[0] const freeRoom = (await control.findAll(control.ctx, love.class.Office, { person: null }))[0]
if (freeRoom !== undefined) { if (freeRoom !== undefined) {

21
server/middleware/src/spaceSecurity.ts
View File

@ -371,6 +371,23 @@ export class SpaceSecurityMiddleware extends BaseMiddleware implements Middlewar
} }
} }
private isForbiddenGuestTx (tx: TxCUD<Space>): boolean {
if (tx._class === core.class.TxRemoveDoc) return true
if (tx._class === core.class.TxCreateDoc) return false
if (tx._class === core.class.TxUpdateDoc) {
const updateTx = tx as TxUpdateDoc<Space>
const ops = updateTx.operations
const keys = ['members', 'private', 'archived', 'owners', 'autoJoin']
if (keys.some((key) => (ops as any)[key] !== undefined)) {
return true
}
if (ops.$push !== undefined || ops.$pull !== undefined) {
return true
}
}
return false
}
private async processTx (ctx: MeasureContext<SessionData>, tx: Tx): Promise<void> { private async processTx (ctx: MeasureContext<SessionData>, tx: Tx): Promise<void> {
const h = this.context.hierarchy const h = this.context.hierarchy
if (TxProcessor.isExtendsCUD(tx._class)) { if (TxProcessor.isExtendsCUD(tx._class)) {
@ -379,7 +396,9 @@ export class SpaceSecurityMiddleware extends BaseMiddleware implements Middlewar
if (isSpace) { if (isSpace) {
const account = ctx.contextData.account const account = ctx.contextData.account
if (account.role === AccountRole.Guest) { if (account.role === AccountRole.Guest) {
throw new PlatformError(new Status(Severity.ERROR, platform.status.Forbidden, {})) if (this.isForbiddenGuestTx(cudTx as TxCUD<Space>)) {
throw new PlatformError(new Status(Severity.ERROR, platform.status.Forbidden, {}))
}
} }
await this.handleTx(ctx, cudTx as TxCUD<Space>) await this.handleTx(ctx, cudTx as TxCUD<Space>)
} }

4
services/calendar/pod-calendar/src/main.ts
View File

@ -54,12 +54,12 @@ export const main = async (): Promise<void> => {
) )
}) })
const accountClient = getAccountClient(getServiceToken())
setMetadata(serverClient.metadata.Endpoint, config.AccountsURL) setMetadata(serverClient.metadata.Endpoint, config.AccountsURL)
setMetadata(serverClient.metadata.UserAgent, config.ServiceID) setMetadata(serverClient.metadata.UserAgent, config.ServiceID)
setMetadata(serverToken.metadata.Secret, config.Secret) setMetadata(serverToken.metadata.Secret, config.Secret)
const accountClient = getAccountClient(getServiceToken())
const pushHandler = new PushHandler(ctx, accountClient) const pushHandler = new PushHandler(ctx, accountClient)
const calendarController = CalendarController.getCalendarController(ctx, accountClient) const calendarController = CalendarController.getCalendarController(ctx, accountClient)
await calendarController.startAll() await calendarController.startAll()