Skip to content

Commit

Permalink
fix: everyone with write access can create api keys (#711)
Browse files Browse the repository at this point in the history
  • Loading branch information
@StarpTech
StarpTech authored Apr 8, 2024
1 parent 7ddc36f commit c473a28
Showing 1 changed file with 64 additions and 67 deletions.
131 changes: 64 additions & 67 deletions studio/src/pages/[organizationSlug]/apikeys.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,9 @@ const CreateAPIKeyDialog = ({
const { mutate, isPending } = useMutation(createAPIKey.useMutation());

const { data } = useQuery(getUserAccessibleResources.useQuery());
const { data: permissionsData } = useQuery(getUserAccessiblePermissions.useQuery());
const { data: permissionsData } = useQuery(
getUserAccessiblePermissions.useQuery(),
);
const federatedGraphs = data?.federatedGraphs || [];
const subgraphs = data?.subgraphs || [];
const isAdmin = user?.currentOrganization.roles.includes("admin");
Expand Down Expand Up @@ -209,21 +211,6 @@ const CreateAPIKeyDialog = ({
return result;
}, {});

// check if the user has access to create api keys only when rbac is enabled
if (
rbac &&
!(isAdmin || federatedGraphs.length > 0 || subgraphs.length > 0)
) {
return (
<Button disabled>
<div className="flex items-center gap-x-2">
<PlusIcon />
<span>New API key</span>
</div>
</Button>
);
}

return (
<Dialog open={open} onOpenChange={setOpen}>
<DialogTrigger>
Expand Down Expand Up @@ -271,52 +258,55 @@ const CreateAPIKeyDialog = ({
</SelectContent>
</Select>
</div>
{isAdmin && permissionsData && permissionsData.permissions.length > 0 && (
<div className="mt-2 flex flex-col gap-y-3">
<div className="flex flex-col gap-y-1">
<span className="text-base font-semibold">Permissions</span>
<span className="text-sm text-muted-foreground">
{
"Select permissions for the API key."
}
</span>
</div>
{permissionsData.permissions.map((permission) => {
return (
<div
className="flex items-center gap-x-2"
key={permission.value}
>
<Checkbox
id="scim"
checked={selectedPermissions.includes(permission.value)}
onCheckedChange={(checked) => {
if (checked) {
setSelectedPermissions([
...Array.from(
new Set([...selectedPermissions, permission.value]),
),
]);
} else {
setSelectedPermissions([
...selectedPermissions.filter(
(p) => p !== permission.value,
),
]);
}
}}
/>
<label
htmlFor="scim"
className="text-sm font-medium leading-none peer-disabled:cursor-not-allowed peer-disabled:opacity-70 capitalize"
{isAdmin &&
permissionsData &&
permissionsData.permissions.length > 0 && (
<div className="mt-2 flex flex-col gap-y-3">
<div className="flex flex-col gap-y-1">
<span className="text-base font-semibold">Permissions</span>
<span className="text-sm text-muted-foreground">
{"Select permissions for the API key."}
</span>
</div>
{permissionsData.permissions.map((permission) => {
return (
<div
className="flex items-center gap-x-2"
key={permission.value}
>
{permission.displayName}
</label>
</div>
);
})}
</div>
)}
<Checkbox
id="scim"
checked={selectedPermissions.includes(permission.value)}
onCheckedChange={(checked) => {
if (checked) {
setSelectedPermissions([
...Array.from(
new Set([
...selectedPermissions,
permission.value,
]),
),
]);
} else {
setSelectedPermissions([
...selectedPermissions.filter(
(p) => p !== permission.value,
),
]);
}
}}
/>
<label
htmlFor="scim"
className="text-sm font-medium capitalize leading-none peer-disabled:cursor-not-allowed peer-disabled:opacity-70"
>
{permission.displayName}
</label>
</div>
);
})}
</div>
)}
{rbac && (
<div className="mt-3 flex flex-col gap-y-3">
<div className="flex flex-col gap-y-1">
Expand Down Expand Up @@ -679,6 +669,8 @@ export const Empty = ({
open: boolean;
setOpen: Dispatch<SetStateAction<boolean>>;
}) => {
const user = useContext(UserContext);

return (
<EmptyState
icon={<KeyIcon />}
Expand All @@ -698,12 +690,17 @@ export const Empty = ({
}
actions={
<div className="mt-2">
<CreateAPIKey
apiKey={apiKey}
setApiKey={setApiKey}
open={open}
setOpen={setOpen}
/>
{checkUserAccess({
rolesToBe: ["admin", "developer"],
userRoles: user?.currentOrganization.roles || [],
}) && (
<CreateAPIKey
apiKey={apiKey}
setApiKey={setApiKey}
open={open}
setOpen={setOpen}
/>
)}
</div>
}
/>
Expand Down

0 comments on commit c473a28

Please sign in to comment.