mirror of
https://github.com/documenso/documenso.git
synced 2025-11-19 03:01:59 +10:00
fix: wip
This commit is contained in:
David Nguyen
@ -1,6 +1,6 @@
|
||||
export enum STRIPE_CUSTOMER_TYPE {
|
||||
INDIVIDUAL = 'individual',
|
||||
TEAM = 'team',
|
||||
ORGANISATION = 'organisation',
|
||||
}
|
||||
|
||||
export enum STRIPE_PLAN_TYPE {
|
||||
|
||||
159
packages/lib/constants/organisations.ts
Normal file
159
packages/lib/constants/organisations.ts
Normal file
@ -0,0 +1,159 @@
|
||||
import type { MessageDescriptor } from '@lingui/core';
|
||||
import { msg } from '@lingui/core/macro';
|
||||
import { OrganisationGroupType, OrganisationMemberRole } from '@prisma/client';
|
||||
|
||||
export const ORGANISATION_URL_ROOT_REGEX = new RegExp('^/t/[^/]+/?$');
|
||||
export const ORGANISATION_URL_REGEX = new RegExp('^/t/[^/]+');
|
||||
|
||||
export const ORGANISATION_INTERNAL_GROUPS: {
|
||||
organisationRole: OrganisationMemberRole;
|
||||
type: OrganisationGroupType;
|
||||
}[] = [
|
||||
{
|
||||
organisationRole: OrganisationMemberRole.ADMIN,
|
||||
type: OrganisationGroupType.INTERNAL_ORGANISATION,
|
||||
},
|
||||
{
|
||||
organisationRole: OrganisationMemberRole.MANAGER,
|
||||
type: OrganisationGroupType.INTERNAL_ORGANISATION,
|
||||
},
|
||||
{
|
||||
organisationRole: OrganisationMemberRole.MEMBER,
|
||||
type: OrganisationGroupType.INTERNAL_ORGANISATION,
|
||||
},
|
||||
] as const;
|
||||
|
||||
export const ORGANISATION_MEMBER_ROLE_MAP: Record<
|
||||
keyof typeof OrganisationMemberRole,
|
||||
MessageDescriptor
|
||||
> = {
|
||||
ADMIN: msg`Admin`,
|
||||
MANAGER: msg`Manager`,
|
||||
MEMBER: msg`Member`,
|
||||
};
|
||||
|
||||
export const EXTENDED_ORGANISATION_MEMBER_ROLE_MAP: Record<
|
||||
keyof typeof OrganisationMemberRole,
|
||||
MessageDescriptor
|
||||
> = {
|
||||
ADMIN: msg`Organisation Admin`,
|
||||
MANAGER: msg`Organisation Manager`,
|
||||
MEMBER: msg`Organisation Member`,
|
||||
};
|
||||
|
||||
export const ORGANISATION_MEMBER_ROLE_PERMISSIONS_MAP = {
|
||||
/**
|
||||
* Includes permissions to:
|
||||
* - Manage organisation members
|
||||
* - Manage organisation settings, changing name, url, etc.
|
||||
*/
|
||||
DELETE_ORGANISATION: [OrganisationMemberRole.ADMIN],
|
||||
MANAGE_BILLING: [OrganisationMemberRole.ADMIN],
|
||||
DELETE_ORGANISATION_TRANSFER_REQUEST: [OrganisationMemberRole.ADMIN],
|
||||
MANAGE_ORGANISATION: [OrganisationMemberRole.ADMIN, OrganisationMemberRole.MANAGER],
|
||||
} satisfies Record<string, OrganisationMemberRole[]>;
|
||||
|
||||
/**
|
||||
* A hierarchy of organisation member roles to determine which role has higher permission than another.
|
||||
*
|
||||
* Warning: The length of the array is used to determine the priority of the role.
|
||||
* See `getHighestOrganisationRoleInGroup`
|
||||
*/
|
||||
export const ORGANISATION_MEMBER_ROLE_HIERARCHY = {
|
||||
[OrganisationMemberRole.ADMIN]: [
|
||||
OrganisationMemberRole.ADMIN,
|
||||
OrganisationMemberRole.MANAGER,
|
||||
OrganisationMemberRole.MEMBER,
|
||||
],
|
||||
[OrganisationMemberRole.MANAGER]: [OrganisationMemberRole.MANAGER, OrganisationMemberRole.MEMBER],
|
||||
[OrganisationMemberRole.MEMBER]: [OrganisationMemberRole.MEMBER],
|
||||
} satisfies Record<OrganisationMemberRole, OrganisationMemberRole[]>;
|
||||
|
||||
/**
|
||||
* A hierarchy of organisation member roles to determine which role has higher permission than another.
|
||||
*
|
||||
* This is used to determine the highest role in a group.
|
||||
*/
|
||||
export const ORGANISATION_MEMBER_ROLE_HIERARCHY_ORDER = {
|
||||
[OrganisationMemberRole.ADMIN]: 0,
|
||||
[OrganisationMemberRole.MANAGER]: 1,
|
||||
[OrganisationMemberRole.MEMBER]: 2,
|
||||
} satisfies Record<OrganisationMemberRole, number>;
|
||||
|
||||
export const LOWEST_ORGANISATION_ROLE = OrganisationMemberRole.MEMBER;
|
||||
|
||||
export const PROTECTED_ORGANISATION_URLS = [
|
||||
'403',
|
||||
'404',
|
||||
'500',
|
||||
'502',
|
||||
'503',
|
||||
'504',
|
||||
'about',
|
||||
'account',
|
||||
'admin',
|
||||
'administrator',
|
||||
'api',
|
||||
'app',
|
||||
'archive',
|
||||
'auth',
|
||||
'backup',
|
||||
'config',
|
||||
'configure',
|
||||
'contact',
|
||||
'contact-us',
|
||||
'copyright',
|
||||
'crime',
|
||||
'criminal',
|
||||
'dashboard',
|
||||
'docs',
|
||||
'documentation',
|
||||
'document',
|
||||
'documents',
|
||||
'error',
|
||||
'exploit',
|
||||
'exploitation',
|
||||
'exploiter',
|
||||
'feedback',
|
||||
'finance',
|
||||
'forgot-password',
|
||||
'fraud',
|
||||
'fraudulent',
|
||||
'hack',
|
||||
'hacker',
|
||||
'harassment',
|
||||
'help',
|
||||
'helpdesk',
|
||||
'illegal',
|
||||
'internal',
|
||||
'legal',
|
||||
'login',
|
||||
'logout',
|
||||
'maintenance',
|
||||
'malware',
|
||||
'newsletter',
|
||||
'policy',
|
||||
'privacy',
|
||||
'profile',
|
||||
'public',
|
||||
'reset-password',
|
||||
'scam',
|
||||
'scammer',
|
||||
'settings',
|
||||
'setup',
|
||||
'sign',
|
||||
'signin',
|
||||
'signout',
|
||||
'signup',
|
||||
'spam',
|
||||
'support',
|
||||
'system',
|
||||
'organisation',
|
||||
'terms',
|
||||
'virus',
|
||||
'webhook',
|
||||
];
|
||||
|
||||
export const isOrganisationUrlProtected = (url: string) => {
|
||||
return PROTECTED_ORGANISATION_URLS.some((protectedUrl) => url.startsWith(`/${protectedUrl}`));
|
||||
};
|
||||
@ -1,29 +1,58 @@
|
||||
import type { MessageDescriptor } from '@lingui/core';
|
||||
import { msg } from '@lingui/core/macro';
|
||||
import { TeamMemberRole } from '@prisma/client';
|
||||
import { OrganisationGroupType, TeamMemberRole } from '@prisma/client';
|
||||
|
||||
export const TEAM_URL_ROOT_REGEX = new RegExp('^/t/[^/]+/?$');
|
||||
export const TEAM_URL_REGEX = new RegExp('^/t/[^/]+');
|
||||
|
||||
export const LOWEST_TEAM_ROLE = TeamMemberRole.MEMBER;
|
||||
|
||||
export const ALLOWED_TEAM_GROUP_TYPES: OrganisationGroupType[] = [
|
||||
OrganisationGroupType.CUSTOM,
|
||||
OrganisationGroupType.INTERNAL_ORGANISATION,
|
||||
];
|
||||
|
||||
export const TEAM_INTERNAL_GROUPS: {
|
||||
teamRole: TeamMemberRole;
|
||||
type: OrganisationGroupType;
|
||||
}[] = [
|
||||
{
|
||||
teamRole: TeamMemberRole.ADMIN,
|
||||
type: OrganisationGroupType.INTERNAL_TEAM,
|
||||
},
|
||||
{
|
||||
teamRole: TeamMemberRole.MANAGER,
|
||||
type: OrganisationGroupType.INTERNAL_TEAM,
|
||||
},
|
||||
{
|
||||
teamRole: TeamMemberRole.MEMBER,
|
||||
type: OrganisationGroupType.INTERNAL_TEAM,
|
||||
},
|
||||
] as const;
|
||||
|
||||
export const TEAM_MEMBER_ROLE_MAP: Record<keyof typeof TeamMemberRole, MessageDescriptor> = {
|
||||
ADMIN: msg`Admin`,
|
||||
MANAGER: msg`Manager`,
|
||||
MEMBER: msg`Member`,
|
||||
};
|
||||
|
||||
export const EXTENDED_TEAM_MEMBER_ROLE_MAP: Record<keyof typeof TeamMemberRole, MessageDescriptor> =
|
||||
{
|
||||
ADMIN: msg`Team Admin`,
|
||||
MANAGER: msg`Team Manager`,
|
||||
MEMBER: msg`Team Member`,
|
||||
};
|
||||
|
||||
export const TEAM_MEMBER_ROLE_PERMISSIONS_MAP = {
|
||||
/**
|
||||
* Includes permissions to:
|
||||
* - Manage team members
|
||||
* - Manage team settings, changing name, url, etc.
|
||||
*/
|
||||
DELETE_TEAM: [TeamMemberRole.ADMIN],
|
||||
MANAGE_TEAM: [TeamMemberRole.ADMIN, TeamMemberRole.MANAGER],
|
||||
MANAGE_BILLING: [TeamMemberRole.ADMIN],
|
||||
DELETE_TEAM_TRANSFER_REQUEST: [TeamMemberRole.ADMIN],
|
||||
} satisfies Record<string, TeamMemberRole[]>;
|
||||
|
||||
/**
|
||||
* A hierarchy of team member roles to determine which role has higher permission than another.
|
||||
*
|
||||
* Warning: The length of the array is used to determine the priority of the role.
|
||||
* See `getHighestTeamRoleInGroup`
|
||||
*/
|
||||
export const TEAM_MEMBER_ROLE_HIERARCHY = {
|
||||
[TeamMemberRole.ADMIN]: [TeamMemberRole.ADMIN, TeamMemberRole.MANAGER, TeamMemberRole.MEMBER],
|
||||
|
||||
Reference in New Issue
Block a user