feat(editor): Replace middleware for Role checks with Scope checks (#7847)

2023-11-29 10:35:40 +02:00
parent d4970410e1
commit 72852a60eb
18 changed files with 267 additions and 111 deletions
--- a/packages/cli/src/permissions/roles.ts
+++ b/packages/cli/src/permissions/roles.ts
@@ -1,53 +1,17 @@
 import type { Scope } from '@n8n/permissions';

 export const ownerPermissions: Scope[] = [
-	'workflow:create',
-	'workflow:read',
-	'workflow:update',
-	'workflow:delete',
-	'workflow:list',
-	'workflow:share',
-	'tag:create',
-	'tag:read',
-	'tag:update',
-	'tag:delete',
-	'tag:list',
-	'user:create',
-	'user:read',
-	'user:update',
-	'user:delete',
-	'user:list',
-	'user:resetPassword',
+	'auditLogs:manage',
 	'credential:create',
 	'credential:read',
 	'credential:update',
 	'credential:delete',
 	'credential:list',
 	'credential:share',
-	'variable:create',
-	'variable:read',
-	'variable:update',
-	'variable:delete',
-	'variable:list',
-	'sourceControl:pull',
-	'sourceControl:push',
-	'sourceControl:manage',
-	'externalSecretsProvider:create',
-	'externalSecretsProvider:read',
-	'externalSecretsProvider:update',
-	'externalSecretsProvider:delete',
-	'externalSecretsProvider:list',
-	'externalSecretsProvider:sync',
-	'externalSecret:list',
-	'orchestration:read',
-	'orchestration:list',
 	'communityPackage:install',
 	'communityPackage:uninstall',
 	'communityPackage:update',
 	'communityPackage:list',
-	'ldap:manage',
-	'ldap:sync',
-	'saml:manage',
 	'eventBusEvent:create',
 	'eventBusEvent:read',
 	'eventBusEvent:update',
@@ -61,18 +25,56 @@ export const ownerPermissions: Scope[] = [
 	'eventBusDestination:delete',
 	'eventBusDestination:list',
 	'eventBusDestination:test',
-];
-export const adminPermissions: Scope[] = ownerPermissions.concat();
-export const memberPermissions: Scope[] = [
-	'user:list',
-	'variable:list',
-	'variable:read',
+	'externalSecretsProvider:create',
+	'externalSecretsProvider:read',
+	'externalSecretsProvider:update',
+	'externalSecretsProvider:delete',
+	'externalSecretsProvider:list',
+	'externalSecretsProvider:sync',
+	'externalSecret:list',
+	'ldap:manage',
+	'ldap:sync',
+	'logStreaming:manage',
+	'orchestration:read',
+	'orchestration:list',
+	'saml:manage',
+	'sourceControl:pull',
+	'sourceControl:push',
+	'sourceControl:manage',
 	'tag:create',
 	'tag:read',
 	'tag:update',
+	'tag:delete',
 	'tag:list',
+	'user:create',
+	'user:read',
+	'user:update',
+	'user:delete',
+	'user:list',
+	'user:resetPassword',
+	'variable:create',
+	'variable:read',
+	'variable:update',
+	'variable:delete',
+	'variable:list',
+	'workflow:create',
+	'workflow:read',
+	'workflow:update',
+	'workflow:delete',
+	'workflow:list',
+	'workflow:share',
+];
+export const adminPermissions: Scope[] = ownerPermissions.concat();
+export const memberPermissions: Scope[] = [
 	'eventBusEvent:list',
 	'eventBusEvent:read',
 	'eventBusDestination:list',
 	'eventBusDestination:test',
+	'tag:create',
+	'tag:read',
+	'tag:update',
+	'tag:list',
+	'user:list',
+	'variable:list',
+	'variable:read',
 ];