diff --git a/README.md b/README.md index 735976da1..76062ebce 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ pnpm create vitnode-app@latest | 🛠️ Software | Minimum | Recommended | | :---------- | :------ | :---------- | -| Node.js | 18.17 | 20 | +| Node.js | 20 | 20 | | PostgreSQL | 14 | 16 | | 🖥️ Hardware | Minimum | Development | diff --git a/packages/backend/src/core/admin/ai/test/test.resolver.ts b/packages/backend/src/core/admin/ai/test/test.resolver.ts index 952b2dddf..38203cb95 100644 --- a/packages/backend/src/core/admin/ai/test/test.resolver.ts +++ b/packages/backend/src/core/admin/ai/test/test.resolver.ts @@ -1,3 +1,5 @@ +import { AdminAuthGuards, AdminPermission } from '@/utils'; +import { UseGuards } from '@nestjs/common'; import { Args, Mutation, Resolver } from '@nestjs/graphql'; import { TestAdminCoreAiService } from './test.service'; @@ -7,6 +9,12 @@ export class TestAdminCoreAiResolver { constructor(private readonly service: TestAdminCoreAiService) {} @Mutation(() => String) + @UseGuards(AdminAuthGuards) + @AdminPermission({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_ai', + }) async admin__core_ai__test( @Args('prompt', { type: () => String }) prompt: string, ): Promise { diff --git a/packages/backend/src/core/admin/email/logs/logs.resolver.ts b/packages/backend/src/core/admin/email/logs/logs.resolver.ts index e936d8e57..711c271b0 100644 --- a/packages/backend/src/core/admin/email/logs/logs.resolver.ts +++ b/packages/backend/src/core/admin/email/logs/logs.resolver.ts @@ -1,4 +1,4 @@ -import { AdminAuthGuards } from '@/utils'; +import { AdminAuthGuards, AdminPermission } from '@/utils'; import { UseGuards } from '@nestjs/common'; import { Args, Query, Resolver } from '@nestjs/graphql'; @@ -11,6 +11,11 @@ export class LogsAdminEmailResolver { @Query(() => LogsAdminEmailObj) @UseGuards(AdminAuthGuards) + @AdminPermission({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_email', + }) async admin__core_email__logs( @Args() args: LogsAdminEmailArgs, ): Promise { diff --git a/packages/backend/src/core/admin/email/settings/edit/edit.resolver.ts b/packages/backend/src/core/admin/email/settings/edit/edit.resolver.ts index ed1406592..fb99936af 100644 --- a/packages/backend/src/core/admin/email/settings/edit/edit.resolver.ts +++ b/packages/backend/src/core/admin/email/settings/edit/edit.resolver.ts @@ -1,4 +1,4 @@ -import { AdminAuthGuards } from '@/utils'; +import { AdminAuthGuards, AdminPermission } from '@/utils'; import { UseGuards } from '@nestjs/common'; import { Args, Mutation, Resolver } from '@nestjs/graphql'; @@ -12,6 +12,11 @@ export class EditAdminEmailSettingsResolver { @Mutation(() => ShowAdminEmailSettingsServiceObj) @UseGuards(AdminAuthGuards) + @AdminPermission({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_email', + }) async admin__core_email_settings__edit( @Args() args: EditAdminEmailSettingsServiceArgs, ): Promise { diff --git a/packages/backend/src/core/admin/email/settings/show/show.resolver.ts b/packages/backend/src/core/admin/email/settings/show/show.resolver.ts index 89150cd74..3154bd15e 100644 --- a/packages/backend/src/core/admin/email/settings/show/show.resolver.ts +++ b/packages/backend/src/core/admin/email/settings/show/show.resolver.ts @@ -1,4 +1,4 @@ -import { AdminAuthGuards } from '@/utils'; +import { AdminAuthGuards, AdminPermission } from '@/utils'; import { UseGuards } from '@nestjs/common'; import { Query, Resolver } from '@nestjs/graphql'; @@ -11,6 +11,11 @@ export class ShowAdminEmailSettingsResolver { @Query(() => ShowAdminEmailSettingsServiceObj) @UseGuards(AdminAuthGuards) + @AdminPermission({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_email', + }) admin__core_email_settings__show(): ShowAdminEmailSettingsServiceObj { return this.service.show(); } diff --git a/packages/backend/src/core/admin/email/settings/test/test.resolver.ts b/packages/backend/src/core/admin/email/settings/test/test.resolver.ts index feb048ddd..d39872bf9 100644 --- a/packages/backend/src/core/admin/email/settings/test/test.resolver.ts +++ b/packages/backend/src/core/admin/email/settings/test/test.resolver.ts @@ -1,5 +1,5 @@ import { CurrentUser, User } from '@/decorators'; -import { AdminAuthGuards } from '@/utils'; +import { AdminAuthGuards, AdminPermission } from '@/utils'; import { UseGuards } from '@nestjs/common'; import { Args, Mutation, Resolver } from '@nestjs/graphql'; @@ -12,6 +12,11 @@ export class TestAdminEmailSettingsResolver { @Mutation(() => String) @UseGuards(AdminAuthGuards) + @AdminPermission({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_email', + }) async admin__core_email_settings__test( @Args() args: TestAdminEmailSettingsServiceArgs, @CurrentUser() user: User, diff --git a/packages/backend/src/core/admin/metadata/manifest/edit/edit.resolver.ts b/packages/backend/src/core/admin/metadata/manifest/edit/edit.resolver.ts index 7d252ab7a..531642bc6 100644 --- a/packages/backend/src/core/admin/metadata/manifest/edit/edit.resolver.ts +++ b/packages/backend/src/core/admin/metadata/manifest/edit/edit.resolver.ts @@ -1,4 +1,4 @@ -import { AdminAuthGuards } from '@/utils'; +import { AdminAuthGuards, AdminPermission } from '@/utils'; import { UseGuards } from '@nestjs/common'; import { Args, Mutation, Resolver } from '@nestjs/graphql'; @@ -12,6 +12,11 @@ export class EditAdminManifestMetadataResolver { @Mutation(() => ShowAdminManifestMetadataObj) @UseGuards(AdminAuthGuards) + @AdminPermission({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_metadata', + }) async admin__core_manifest_metadata__edit( @Args() args: EditAdminManifestMetadataObj, ): Promise { diff --git a/packages/backend/src/core/admin/metadata/manifest/show/show.resolver.ts b/packages/backend/src/core/admin/metadata/manifest/show/show.resolver.ts index dbef0a212..616f30787 100644 --- a/packages/backend/src/core/admin/metadata/manifest/show/show.resolver.ts +++ b/packages/backend/src/core/admin/metadata/manifest/show/show.resolver.ts @@ -1,4 +1,4 @@ -import { AdminAuthGuards } from '@/utils'; +import { AdminAuthGuards, AdminPermission } from '@/utils'; import { UseGuards } from '@nestjs/common'; import { Query, Resolver } from '@nestjs/graphql'; @@ -11,6 +11,11 @@ export class ShowAdminManifestMetadataResolver { @Query(() => ShowAdminManifestMetadataObj) @UseGuards(AdminAuthGuards) + @AdminPermission({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_metadata', + }) admin__core_manifest_metadata__show(): ShowAdminManifestMetadataObj { return this.service.show(); } diff --git a/packages/backend/src/core/admin/security/captcha/edit/edit.resolver.ts b/packages/backend/src/core/admin/security/captcha/edit/edit.resolver.ts index 96074d75a..6b5cf8dad 100644 --- a/packages/backend/src/core/admin/security/captcha/edit/edit.resolver.ts +++ b/packages/backend/src/core/admin/security/captcha/edit/edit.resolver.ts @@ -1,4 +1,4 @@ -import { AdminAuthGuards } from '@/utils'; +import { AdminAuthGuards, AdminPermission } from '@/utils'; import { UseGuards } from '@nestjs/common'; import { Args, Mutation, Resolver } from '@nestjs/graphql'; @@ -12,6 +12,11 @@ export class EditAdminCaptchaSecurityResolver { @Mutation(() => ShowAdminCaptchaSecurityObj) @UseGuards(AdminAuthGuards) + @AdminPermission({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_security', + }) admin__core_security__captcha__edit( @Args() args: EditAdminCaptchaSecurityArgs, ): ShowAdminCaptchaSecurityObj { diff --git a/packages/backend/src/core/admin/security/captcha/show/show.resolver.ts b/packages/backend/src/core/admin/security/captcha/show/show.resolver.ts index adc8c9187..bcd2333de 100644 --- a/packages/backend/src/core/admin/security/captcha/show/show.resolver.ts +++ b/packages/backend/src/core/admin/security/captcha/show/show.resolver.ts @@ -1,4 +1,7 @@ -import { AdminAuthGuards } from '@/utils/guards/admin-auth.guard'; +import { + AdminAuthGuards, + AdminPermission, +} from '@/utils/guards/admin-auth.guard'; import { UseGuards } from '@nestjs/common'; import { Query, Resolver } from '@nestjs/graphql'; @@ -11,6 +14,11 @@ export class ShowAdminCaptchaSecurityResolver { @Query(() => ShowAdminCaptchaSecurityObj) @UseGuards(AdminAuthGuards) + @AdminPermission({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_security', + }) admin__core_security__captcha__show(): ShowAdminCaptchaSecurityObj { return this.service.show(); } diff --git a/packages/backend/src/core/admin/settings/authorization/edit/edit.resolver.ts b/packages/backend/src/core/admin/settings/authorization/edit/edit.resolver.ts index ee2f0257b..73bcc7fb7 100644 --- a/packages/backend/src/core/admin/settings/authorization/edit/edit.resolver.ts +++ b/packages/backend/src/core/admin/settings/authorization/edit/edit.resolver.ts @@ -1,4 +1,4 @@ -import { AdminAuthGuards } from '@/utils'; +import { AdminAuthGuards, AdminPermission } from '@/utils'; import { UseGuards } from '@nestjs/common'; import { Args, Mutation, Resolver } from '@nestjs/graphql'; @@ -14,6 +14,11 @@ export class EditAdminAuthorizationSettingsResolver { @Mutation(() => ShowAdminAuthorizationSettingsObj) @UseGuards(AdminAuthGuards) + @AdminPermission({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_authorization', + }) admin__core_authorization_settings__edit( @Args() args: EditAdminAuthorizationSettingsArgs, ): ShowAdminAuthorizationSettingsObj { diff --git a/packages/backend/src/core/admin/settings/main/edit/edit.resolver.ts b/packages/backend/src/core/admin/settings/main/edit/edit.resolver.ts index ccef676c6..d6bf8892d 100644 --- a/packages/backend/src/core/admin/settings/main/edit/edit.resolver.ts +++ b/packages/backend/src/core/admin/settings/main/edit/edit.resolver.ts @@ -1,4 +1,4 @@ -import { AdminAuthGuards } from '@/utils'; +import { AdminAuthGuards, AdminPermission } from '@/utils'; import { UseGuards } from '@nestjs/common'; import { Args, Mutation, Resolver } from '@nestjs/graphql'; @@ -11,6 +11,11 @@ export class EditAdminMainSettingsResolver { @Mutation(() => EditAdminSettingsObj) @UseGuards(AdminAuthGuards) + @AdminPermission({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_main', + }) async admin__core_main_settings__edit( @Args() args: EditAdminMainSettingsArgs, ): Promise { diff --git a/packages/backend/src/core/admin/settings/terms/create/create.resolver.ts b/packages/backend/src/core/admin/settings/terms/create/create.resolver.ts index 8ef027e19..8fc9c628a 100644 --- a/packages/backend/src/core/admin/settings/terms/create/create.resolver.ts +++ b/packages/backend/src/core/admin/settings/terms/create/create.resolver.ts @@ -1,5 +1,5 @@ import { ShowCoreTerms } from '@/core/terms/show/show.dto'; -import { AdminAuthGuards } from '@/utils'; +import { AdminAuthGuards, AdminPermission } from '@/utils'; import { UseGuards } from '@nestjs/common'; import { Args, Mutation, Resolver } from '@nestjs/graphql'; @@ -12,6 +12,11 @@ export class CreateAdminTermsSettingsResolver { @Mutation(() => ShowCoreTerms) @UseGuards(AdminAuthGuards) + @AdminPermission({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_terms', + }) async admin__core_terms_settings__create( @Args() args: CreateAdminTermsSettingsArgs, ): Promise { diff --git a/packages/backend/src/core/admin/settings/terms/delete/delete.resolver.ts b/packages/backend/src/core/admin/settings/terms/delete/delete.resolver.ts index 537389397..faf086cff 100644 --- a/packages/backend/src/core/admin/settings/terms/delete/delete.resolver.ts +++ b/packages/backend/src/core/admin/settings/terms/delete/delete.resolver.ts @@ -1,4 +1,4 @@ -import { AdminAuthGuards } from '@/utils'; +import { AdminAuthGuards, AdminPermission } from '@/utils'; import { UseGuards } from '@nestjs/common'; import { Args, Mutation, Resolver } from '@nestjs/graphql'; @@ -10,6 +10,11 @@ export class DeleteAdminTermsSettingsResolver { @Mutation(() => String) @UseGuards(AdminAuthGuards) + @AdminPermission({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_terms', + }) async admin__core_terms_settings__delete( @Args({ name: 'code', type: () => String }) code: string, ): Promise { diff --git a/packages/backend/src/core/admin/settings/terms/edit/edit.resolver.ts b/packages/backend/src/core/admin/settings/terms/edit/edit.resolver.ts index 98ba9051f..7c531c9f2 100644 --- a/packages/backend/src/core/admin/settings/terms/edit/edit.resolver.ts +++ b/packages/backend/src/core/admin/settings/terms/edit/edit.resolver.ts @@ -1,5 +1,5 @@ import { ShowCoreTerms } from '@/core/terms/show/show.dto'; -import { AdminAuthGuards } from '@/utils'; +import { AdminAuthGuards, AdminPermission } from '@/utils'; import { UseGuards } from '@nestjs/common'; import { Args, Mutation, Resolver } from '@nestjs/graphql'; @@ -12,6 +12,11 @@ export class EditAdminTermsSettingsResolver { @Mutation(() => ShowCoreTerms) @UseGuards(AdminAuthGuards) + @AdminPermission({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_terms', + }) async admin__core_terms_settings__edit( @Args() args: EditAdminTermsSettingsArgs, ): Promise { diff --git a/packages/frontend/src/graphql/get-session-admin-data.ts b/packages/frontend/src/graphql/get-session-admin-data.tsx similarity index 51% rename from packages/frontend/src/graphql/get-session-admin-data.ts rename to packages/frontend/src/graphql/get-session-admin-data.tsx index fc27e3958..5c15a9dea 100644 --- a/packages/frontend/src/graphql/get-session-admin-data.ts +++ b/packages/frontend/src/graphql/get-session-admin-data.tsx @@ -1,5 +1,6 @@ +import { ErrorView } from '@/views/theme/views/error/error-view'; import { fetcher } from './fetcher'; -import { getAdminIdCookie, getUserIdCookie } from './get-user-id-cookie'; +import { getAdminIdCookie } from './get-user-id-cookie'; import { Admin__Sessions__Authorization, Admin__Sessions__AuthorizationQuery, @@ -27,3 +28,26 @@ export const getSessionAdminData = async () => { return data; }; + +export const checkPermissionSessionAdmin = async ({ + plugin_code, + group, + permission, +}: { + plugin_code: string; + group: string; + permission: string; +}) => { + const { + admin__sessions__authorization: { permissions }, + } = await getSessionAdminData(); + const findPlugin = permissions.find(item => item.plugin_code === plugin_code); + const findGroup = findPlugin?.groups.find(item => item.id === group); + if (findGroup?.permissions.length === 0) return; + const findPermission = findGroup?.permissions.find( + item => item === permission, + ); + if (!findPermission) return ; + + return; +}; diff --git a/packages/frontend/src/graphql/get-session-data.ts b/packages/frontend/src/graphql/get-session-data.tsx similarity index 100% rename from packages/frontend/src/graphql/get-session-data.ts rename to packages/frontend/src/graphql/get-session-data.tsx diff --git a/packages/frontend/src/graphql/queries/admin/admin__sessions__authorization.generated.ts b/packages/frontend/src/graphql/queries/admin/admin__sessions__authorization.generated.ts index 7f9808a66..474a142b0 100644 --- a/packages/frontend/src/graphql/queries/admin/admin__sessions__authorization.generated.ts +++ b/packages/frontend/src/graphql/queries/admin/admin__sessions__authorization.generated.ts @@ -4,7 +4,7 @@ import gql from 'graphql-tag'; export type Admin__Sessions__AuthorizationQueryVariables = Types.Exact<{ [key: string]: never; }>; -export type Admin__Sessions__AuthorizationQuery = { __typename?: 'Query', admin__sessions__authorization: { __typename?: 'AuthorizationAdminSessionsObj', version: string, restart_server: boolean, user: { __typename?: 'UserWithDangerousInfo', email: string, id: number, name_seo: string, name: string, avatar_color: string, language: string, avatar?: { __typename?: 'AvatarUser', id: number, dir_folder: string, file_name: string }, group: { __typename?: 'GroupUser', color?: string, id: number, name: Array<{ __typename?: 'StringLanguage', language_code: string, value: string }> }, files_permissions: { __typename?: 'FilesPermissionsCoreSessions', allow_upload: boolean, max_storage_for_submit: number, space_used: number, total_max_storage: number } } }, admin__nav__show: Array<{ __typename?: 'ShowAdminNavObj', code: string, nav: Array<{ __typename?: 'ShowAdminNavPluginsObj', code: string, icon?: string, children?: Array<{ __typename?: 'ShowAdminNavPlugins', icon?: string, code: string }> }> }> }; +export type Admin__Sessions__AuthorizationQuery = { __typename?: 'Query', admin__sessions__authorization: { __typename?: 'AuthorizationAdminSessionsObj', version: string, restart_server: boolean, user: { __typename?: 'UserWithDangerousInfo', email: string, id: number, name_seo: string, name: string, avatar_color: string, language: string, avatar?: { __typename?: 'AvatarUser', id: number, dir_folder: string, file_name: string }, group: { __typename?: 'GroupUser', color?: string, id: number, name: Array<{ __typename?: 'StringLanguage', language_code: string, value: string }> }, files_permissions: { __typename?: 'FilesPermissionsCoreSessions', allow_upload: boolean, max_storage_for_submit: number, space_used: number, total_max_storage: number } }, permissions: Array<{ __typename?: 'PermissionsStaffObjWithoutPluginName', plugin_code: string, groups: Array<{ __typename?: 'PermissionsStaff', id: string, permissions: Array }> }> }, admin__nav__show: Array<{ __typename?: 'ShowAdminNavObj', code: string, nav: Array<{ __typename?: 'ShowAdminNavPluginsObj', code: string, icon?: string, children?: Array<{ __typename?: 'ShowAdminNavPlugins', icon?: string, code: string }> }> }> }; export const Admin__Sessions__Authorization = gql` @@ -39,6 +39,13 @@ export const Admin__Sessions__Authorization = gql` } version restart_server + permissions { + groups { + id + permissions + } + plugin_code + } } admin__nav__show { code diff --git a/packages/frontend/src/graphql/queries/admin/admin__sessions__authorization.gql b/packages/frontend/src/graphql/queries/admin/admin__sessions__authorization.gql index 2f1190faa..0c3824f9c 100644 --- a/packages/frontend/src/graphql/queries/admin/admin__sessions__authorization.gql +++ b/packages/frontend/src/graphql/queries/admin/admin__sessions__authorization.gql @@ -29,6 +29,13 @@ query Admin__sessions__authorization { } version restart_server + permissions { + groups { + id + permissions + } + plugin_code + } } admin__nav__show { code diff --git a/packages/frontend/src/views/admin/views/core/settings/ai/ai-settings-core-admin-view.tsx b/packages/frontend/src/views/admin/views/core/settings/ai/ai-settings-core-admin-view.tsx index fd8094d91..4672999a5 100644 --- a/packages/frontend/src/views/admin/views/core/settings/ai/ai-settings-core-admin-view.tsx +++ b/packages/frontend/src/views/admin/views/core/settings/ai/ai-settings-core-admin-view.tsx @@ -2,6 +2,7 @@ import { TranslationsProvider } from '@/components/translations-provider'; import { Card } from '@/components/ui/card'; import { HeaderContent } from '@/components/ui/header-content'; import { getGlobalData } from '@/graphql/get-global-data'; +import { checkPermissionSessionAdmin } from '@/graphql/get-session-admin-data'; import { Metadata } from 'next'; import { getTranslations } from 'next-intl/server'; @@ -16,6 +17,12 @@ export const generateMetadataAiSettingsAdmin = async (): Promise => { }; export const AiSettingsCoreAdminView = async () => { + const perm = await checkPermissionSessionAdmin({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_ai', + }); + if (perm) return perm; const [ t, { diff --git a/packages/frontend/src/views/admin/views/core/settings/authorization/authorization-settings-core-admin-view.tsx b/packages/frontend/src/views/admin/views/core/settings/authorization/authorization-settings-core-admin-view.tsx index d51ca51de..ad275dc63 100644 --- a/packages/frontend/src/views/admin/views/core/settings/authorization/authorization-settings-core-admin-view.tsx +++ b/packages/frontend/src/views/admin/views/core/settings/authorization/authorization-settings-core-admin-view.tsx @@ -3,6 +3,7 @@ import { Card } from '@/components/ui/card'; import { HeaderContent } from '@/components/ui/header-content'; import { fetcher } from '@/graphql/fetcher'; import { getGlobalData } from '@/graphql/get-global-data'; +import { checkPermissionSessionAdmin } from '@/graphql/get-session-admin-data'; import { Admin__Core_Authorization_Settings__Show, Admin__Core_Authorization_Settings__ShowQuery, @@ -31,6 +32,12 @@ export const generateMetadataAuthorizationSettingsAdmin = }; export const AuthorizationSettingsCoreAdminView = async () => { + const perm = await checkPermissionSessionAdmin({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_authorization', + }); + if (perm) return perm; const [ t, data, diff --git a/packages/frontend/src/views/admin/views/core/settings/email/email-settings-admin-view.tsx b/packages/frontend/src/views/admin/views/core/settings/email/email-settings-admin-view.tsx index 7ea2661c8..b339edb52 100644 --- a/packages/frontend/src/views/admin/views/core/settings/email/email-settings-admin-view.tsx +++ b/packages/frontend/src/views/admin/views/core/settings/email/email-settings-admin-view.tsx @@ -1,6 +1,7 @@ import { Card } from '@/components/ui/card'; import { HeaderContent } from '@/components/ui/header-content'; import { fetcher } from '@/graphql/fetcher'; +import { checkPermissionSessionAdmin } from '@/graphql/get-session-admin-data'; import { Admin__Core_Email_Settings__Show, Admin__Core_Email_Settings__ShowQuery, @@ -33,6 +34,12 @@ export const generateMetadataEmailSettingsAdmin = }; export const EmailSettingsAdminView = async () => { + const perm = await checkPermissionSessionAdmin({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_email', + }); + if (perm) return perm; const [t, data] = await Promise.all([ getTranslations('admin.core.settings.email'), getData(), diff --git a/packages/frontend/src/views/admin/views/core/settings/email/logs/logs-email-settings-admin-view.tsx b/packages/frontend/src/views/admin/views/core/settings/email/logs/logs-email-settings-admin-view.tsx index e4f295ffd..a5389f1f2 100644 --- a/packages/frontend/src/views/admin/views/core/settings/email/logs/logs-email-settings-admin-view.tsx +++ b/packages/frontend/src/views/admin/views/core/settings/email/logs/logs-email-settings-admin-view.tsx @@ -4,6 +4,7 @@ import { getPaginationTool, SearchParamsPagination, } from '@/graphql/get-pagination-tool'; +import { checkPermissionSessionAdmin } from '@/graphql/get-session-admin-data'; import { Admin__Core_Email__Logs, Admin__Core_Email__LogsQuery, @@ -40,6 +41,12 @@ export const LogsEmailSettingsAdminView = async ({ }: { searchParams: Promise; }) => { + const perm = await checkPermissionSessionAdmin({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_email', + }); + if (perm) return perm; const variables = await getPaginationTool({ searchParams, defaultPageSize: 10, diff --git a/packages/frontend/src/views/admin/views/core/settings/legal/legal-core-admin-view.tsx b/packages/frontend/src/views/admin/views/core/settings/legal/legal-core-admin-view.tsx index 62fd33495..935d89589 100644 --- a/packages/frontend/src/views/admin/views/core/settings/legal/legal-core-admin-view.tsx +++ b/packages/frontend/src/views/admin/views/core/settings/legal/legal-core-admin-view.tsx @@ -6,6 +6,7 @@ import { getPaginationTool, SearchParamsPagination, } from '@/graphql/get-pagination-tool'; +import { checkPermissionSessionAdmin } from '@/graphql/get-session-admin-data'; import { Admin_Core_Terms__Show, Admin_Core_Terms__ShowQuery, @@ -46,11 +47,16 @@ export const LegalSettingsAdminView = async ({ }: { searchParams: Promise; }) => { + const perm = await checkPermissionSessionAdmin({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_legal', + }); + if (perm) return perm; const variables = await getPaginationTool({ searchParams, defaultPageSize: 10, }); - const [t, data] = await Promise.all([ getTranslations('admin.core.settings.legal'), getData(variables), diff --git a/packages/frontend/src/views/admin/views/core/settings/main/main-settings-core-admin-view.tsx b/packages/frontend/src/views/admin/views/core/settings/main/main-settings-core-admin-view.tsx index a86edefd0..5c3b64b9d 100644 --- a/packages/frontend/src/views/admin/views/core/settings/main/main-settings-core-admin-view.tsx +++ b/packages/frontend/src/views/admin/views/core/settings/main/main-settings-core-admin-view.tsx @@ -2,6 +2,7 @@ import { TranslationsProvider } from '@/components/translations-provider'; import { Card } from '@/components/ui/card'; import { HeaderContent } from '@/components/ui/header-content'; import { fetcher } from '@/graphql/fetcher'; +import { checkPermissionSessionAdmin } from '@/graphql/get-session-admin-data'; import { Core_Main_Settings__Show, Core_Main_Settings__ShowQuery, @@ -34,6 +35,12 @@ export const generateMetadataMainSettingsCoreAdmin = }; export const MainSettingsCoreAdminView = async () => { + const perm = await checkPermissionSessionAdmin({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_main', + }); + if (perm) return perm; const [t, data] = await Promise.all([ getTranslations('admin.core.settings.main'), getData(), diff --git a/packages/frontend/src/views/admin/views/core/settings/metadata/manifest/manifest-metadata-core-view.tsx b/packages/frontend/src/views/admin/views/core/settings/metadata/manifest/manifest-metadata-core-view.tsx index 25a332b4f..fe0a4b962 100644 --- a/packages/frontend/src/views/admin/views/core/settings/metadata/manifest/manifest-metadata-core-view.tsx +++ b/packages/frontend/src/views/admin/views/core/settings/metadata/manifest/manifest-metadata-core-view.tsx @@ -2,6 +2,7 @@ import { TranslationsProvider } from '@/components/translations-provider'; import { Card } from '@/components/ui/card'; import { HeaderContent } from '@/components/ui/header-content'; import { fetcher } from '@/graphql/fetcher'; +import { checkPermissionSessionAdmin } from '@/graphql/get-session-admin-data'; import { Admin__Core_Manifest_Metadata__Show, Admin__Core_Manifest_Metadata__ShowQuery, @@ -34,6 +35,12 @@ export const generateMetadataManifestMetadataCoreAdmin = }; export const ManifestMetadataCoreAdminView = async () => { + const perm = await checkPermissionSessionAdmin({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_metadata', + }); + if (perm) return perm; const [t, data] = await Promise.all([ getTranslations('admin.core.metadata.manifest'), getData(), diff --git a/packages/frontend/src/views/admin/views/core/settings/security/captcha/captcha-security-admin-view.tsx b/packages/frontend/src/views/admin/views/core/settings/security/captcha/captcha-security-admin-view.tsx index 392eee9dc..d7f79d863 100644 --- a/packages/frontend/src/views/admin/views/core/settings/security/captcha/captcha-security-admin-view.tsx +++ b/packages/frontend/src/views/admin/views/core/settings/security/captcha/captcha-security-admin-view.tsx @@ -2,6 +2,7 @@ import { TranslationsProvider } from '@/components/translations-provider'; import { Card } from '@/components/ui/card'; import { HeaderContent } from '@/components/ui/header-content'; import { fetcher } from '@/graphql/fetcher'; +import { checkPermissionSessionAdmin } from '@/graphql/get-session-admin-data'; import { Admin__Core_Security__Captcha__Show, Admin__Core_Security__Captcha__ShowQuery, @@ -30,6 +31,12 @@ export const generateMetadataCaptchaSecurityAdmin = }; export const CaptchaSecurityAdminView = async () => { + const perm = await checkPermissionSessionAdmin({ + plugin_code: 'core', + group: 'settings', + permission: 'can_manage_settings_security', + }); + if (perm) return perm; const [t, data] = await Promise.all([ getTranslations('admin.core.settings.security.captcha'), getData(),