From ad68519ac248bb8fa77944fc6f573e0ab2f853af Mon Sep 17 00:00:00 2001 From: Boaz Poolman Date: Wed, 10 Nov 2021 19:51:00 +0100 Subject: [PATCH] feat: Managed access for the settings page (RBAC) --- admin/src/containers/App/index.js | 14 +++++++++----- admin/src/index.js | 4 ++-- admin/src/permissions.js | 10 ++++++++++ server/bootstrap.js | 18 ++++++++++++++++++ 4 files changed, 39 insertions(+), 7 deletions(-) create mode 100644 admin/src/permissions.js diff --git a/admin/src/containers/App/index.js b/admin/src/containers/App/index.js index e908210..26778c7 100644 --- a/admin/src/containers/App/index.js +++ b/admin/src/containers/App/index.js @@ -7,17 +7,21 @@ import React from 'react'; import { Provider } from 'react-redux'; -import Header from '../../components/Header'; +import { CheckPagePermissions } from '@strapi/helper-plugin'; +import pluginPermissions from '../../permissions'; +import Header from '../../components/Header'; import { store } from "../../helpers/configureStore"; import ConfigPage from '../ConfigPage'; const App = () => { return ( - -
- - + + +
+ + + ); }; diff --git a/admin/src/index.js b/admin/src/index.js index b60becf..f56daaa 100644 --- a/admin/src/index.js +++ b/admin/src/index.js @@ -2,7 +2,7 @@ import { prefixPluginTranslations } from '@strapi/helper-plugin'; import pluginPkg from '../../package.json'; import pluginId from './helpers/pluginId'; import pluginIcon from './components/PluginIcon'; -// import pluginPermissions from './permissions'; +import pluginPermissions from './permissions'; // import getTrad from './helpers/getTrad'; const pluginDescription = pluginPkg.strapi.description || pluginPkg.description; @@ -32,7 +32,7 @@ export default { return component; }, - permissions: [], // TODO: Add permission to view settings page. + permissions: pluginPermissions['menu-item'], }); }, bootstrap(app) {}, diff --git a/admin/src/permissions.js b/admin/src/permissions.js new file mode 100644 index 0000000..cfc7f85 --- /dev/null +++ b/admin/src/permissions.js @@ -0,0 +1,10 @@ +const pluginPermissions = { + // This permission regards the main component (App) and is used to tell + // If the plugin link should be displayed in the menu + // And also if the plugin is accessible. This use case is found when a user types the url of the + // plugin directly in the browser + 'menu-item': [{ action: 'plugin::config-sync.menu-item', subject: null }], + settings: [{ action: 'plugin::config-sync.settings.read', subject: null }], +}; + +export default pluginPermissions; diff --git a/server/bootstrap.js b/server/bootstrap.js index d8b9dee..447d3c6 100644 --- a/server/bootstrap.js +++ b/server/bootstrap.js @@ -13,9 +13,27 @@ const fs = require('fs'); */ module.exports = async () => { + // Import on bootstrap. if (strapi.plugins['config-sync'].config.importOnBootstrap) { if (fs.existsSync(strapi.plugins['config-sync'].config.destination)) { await strapi.plugins['config-sync'].services.main.importAllConfig(); } } + + // Register permission actions. + const actions = [ + { + section: 'plugins', + displayName: 'Access the plugin settings', + uid: 'settings.read', + pluginName: 'config-sync', + }, + { + section: 'plugins', + displayName: 'Link to plugin settings from the main menu', + uid: 'menu-item', + pluginName: 'config-sync', + }, + ]; + await strapi.admin.services.permission.actionProvider.registerMany(actions); };