Draft Example of implementing access rights using prisma, and acl list view
select id from "User" where email='[email protected]';
-- Create 2 workspaces
INSERT INTO "public"."Workspace"("id","name","workspaceId","createdById")
VALUES
(E'91b71e9f-af2b-4c97-a5c8-a8ce5f824f1f',E'Main',E'91b71e9f-af2b-4c97-a5c8-a8ce5f824f1f',(select id from "User" where email='[email protected]'));
INSERT INTO "public"."Workspace"("id","name","workspaceId","createdById")
VALUES
(E'22271e9f-af2b-4c97-a5c8-a8ce5f824f1f',E'Secondary',E'22271e9f-af2b-4c97-a5c8-a8ce5f824f1f',(select id from "User" where email='[email protected]'));
-- Move 3 Projects into main workspace and all others into "Secondary"
update "Project" set
"workspaceId" = '22271e9f-af2b-4c97-a5c8-a8ce5f824f1f' WHERE id in
(select id from "Project" where "userId" in (select id from "User" where email='[email protected]') order by id);
update "Project" set
"workspaceId" = '91b71e9f-af2b-4c97-a5c8-a8ce5f824f1f' WHERE id in
(select id from "Project" where "userId" in (select id from "User" where email='[email protected]') order by id limit 3);
select * from "Project" where "workspaceId" = '91b71e9f-af2b-4c97-a5c8-a8ce5f824f1f';
-- Add users
INSERT INTO "public"."User"("id","createdAt","email","image","provider","username")
VALUES (E'00011111-f7ca-472d-8872-c2119b9eb861',E'2022-09-20 07:20:11.197',E'[email protected]',E'blbla',E'google',E'Ava Ava');
INSERT INTO "public"."User"("id","createdAt","email","image","provider","username")
VALUES (E'00022222-f7ca-472d-8872-c2119b9eb861',E'2022-09-20 07:20:11.197',E'[email protected]',E'blbla',E'google',E'Biba Biba');
INSERT INTO "public"."User"("id","createdAt","email","image","provider","username")
VALUES (E'00033333-f7ca-472d-8872-c2119b9eb861',E'2022-09-20 07:20:11.197',E'[email protected]',E'blbla',E'google',E'Cena Cena');
INSERT INTO "public"."User"("id","createdAt","email","image","provider","username")
VALUES (E'00044444-f7ca-472d-8872-c2119b9eb861',E'2022-09-20 07:20:11.197',E'[email protected]',E'blbla',E'google',E'Deca Deca');
-- Add groups
INSERT INTO "public"."Group"("id","name","createdById","workspaceId")
VALUES
(E'dc8661be-1aa3-4d07-a038-108f0ac1e0ed',E'main-ws-editors',E'3e4c13e7-adfc-47d4-be8e-b29c9f1bb9e7',E'91b71e9f-af2b-4c97-a5c8-a8ce5f824f1f');
INSERT INTO "public"."Group"("id","name","createdById","workspaceId")
VALUES
(E'82dd2c43-b1a2-4d96-a250-541aeac1d4bd',E'main-ws-readers',E'3e4c13e7-adfc-47d4-be8e-b29c9f1bb9e7',E'91b71e9f-af2b-4c97-a5c8-a8ce5f824f1f');
INSERT INTO "public"."Group"("id","name","createdById","workspaceId")
VALUES
(E'7ee80f33-f7cf-4c16-887d-b9700ed608ed',E'project-ivan-readers',E'3e4c13e7-adfc-47d4-be8e-b29c9f1bb9e7',E'91b71e9f-af2b-4c97-a5c8-a8ce5f824f1f');
-- Add users to groups
-- Add Ava to main-ws-editors
INSERT INTO "public"."UserGroup"("userId", "groupId") VALUES('00011111-f7ca-472d-8872-c2119b9eb861', 'dc8661be-1aa3-4d07-a038-108f0ac1e0ed') RETURNING "userId", "groupId";
-- Add Ava to main-ws-readers
INSERT INTO "public"."UserGroup"("userId", "groupId") VALUES('00011111-f7ca-472d-8872-c2119b9eb861', '82dd2c43-b1a2-4d96-a250-541aeac1d4bd') RETURNING "userId", "groupId";
-- Add Biba to main-ws-readers
INSERT INTO "public"."UserGroup"("userId", "groupId") VALUES('00022222-f7ca-472d-8872-c2119b9eb861', '82dd2c43-b1a2-4d96-a250-541aeac1d4bd') RETURNING "userId", "groupId";
-- Add Ava to project-ivan-readers
INSERT INTO "public"."UserGroup"("userId", "groupId") VALUES('00011111-f7ca-472d-8872-c2119b9eb861', '7ee80f33-f7cf-4c16-887d-b9700ed608ed') RETURNING "userId", "groupId";
-- Now lets add GROUP permissions.
-- Add main-ws-readers READ Main
-- Add main-ws-editors WRITE Main
INSERT INTO "public"."WorkspaceGroupPermission"("access", "workspaceId", "groupId", "createdById") VALUES('READ', '91b71e9f-af2b-4c97-a5c8-a8ce5f824f1f', '82dd2c43-b1a2-4d96-a250-541aeac1d4bd', '3e4c13e7-adfc-47d4-be8e-b29c9f1bb9e7') RETURNING "access", "workspaceId", "groupId", "createdById";
INSERT INTO "public"."WorkspaceGroupPermission"("access", "workspaceId", "groupId", "createdById") VALUES('WRITE', '91b71e9f-af2b-4c97-a5c8-a8ce5f824f1f', 'dc8661be-1aa3-4d07-a038-108f0ac1e0ed', '3e4c13e7-adfc-47d4-be8e-b29c9f1bb9e7') RETURNING "access", "workspaceId", "groupId", "createdById";
-- Add project-ivan-readers to ivan project
INSERT INTO "public"."ProjectGroupPermission"("access","projectId","groupId","createdById")
VALUES
(E'READ',E'56fa4b91-2fdb-4c78-8040-a243e6f43039',E'7ee80f33-f7cf-4c16-887d-b9700ed608ed',E'3e4c13e7-adfc-47d4-be8e-b29c9f1bb9e7');
-- Allow Cena comment workspace Main
INSERT INTO "public"."WorkspaceUserPermission"("access", "workspaceId", "userId", "createdById") VALUES('COMMENT', '91b71e9f-af2b-4c97-a5c8-a8ce5f824f1f', '00033333-f7ca-472d-8872-c2119b9eb861', '3e4c13e7-adfc-47d4-be8e-b29c9f1bb9e7') RETURNING "access", "workspaceId", "userId", "createdById";
-- Allow Biba Write to Ivan Project
INSERT INTO "public"."ProjectUserPermission"("access", "projectId", "userId", "createdById") VALUES('WRITE', '56fa4b91-2fdb-4c78-8040-a243e6f43039', '00022222-f7ca-472d-8872-c2119b9eb861', '3e4c13e7-adfc-47d4-be8e-b29c9f1bb9e7') RETURNING "access", "projectId", "userId", "createdById";
Description
- What is this PR about (link the issue and add a short description)
Steps for reproduction
- click button
- expect xyz
Code Review
- [ ] hi @kof, I need you to do
- conceptual review (architecture, feature-correctness)
- detailed review (read every line)
- test it on preview
Before requesting a review
- [ ] made a self-review
- [ ] added inline comments where things may be not obvious (the "why", not "what")
Before merging
- [ ] tested locally and on preview environment (preview dev login: 5de6)
- [ ] updated test cases document
- [ ] added tests
- [ ] if any new env variables are added, added them to
.env.example
and the designer/env-check.js
if mandatory