From 149592394d7f43769c2fc06c81c6799516e0e9ef Mon Sep 17 00:00:00 2001 From: Emily Date: Wed, 19 Jun 2024 23:38:22 +0200 Subject: [PATCH] fix guest actions --- dashboard/composables/Projects.ts | 8 +++++++- dashboard/pages/analyst.vue | 9 ++++++--- dashboard/pages/members.vue | 2 +- dashboard/pages/plans.vue | 4 ++-- dashboard/server/LIVE_DEMO_DATA.ts | 5 +++-- .../server/api/ai/[project_id]/send_message.post.ts | 2 +- dashboard/server/api/metrics/[project_id]/query.ts | 6 +++++- dashboard/server/api/pay/[project_id]/invoices.ts | 2 +- dashboard/server/api/user/set_active_project.ts | 2 +- 9 files changed, 27 insertions(+), 13 deletions(-) diff --git a/dashboard/composables/Projects.ts b/dashboard/composables/Projects.ts index 152c606..1f7ee44 100644 --- a/dashboard/composables/Projects.ts +++ b/dashboard/composables/Projects.ts @@ -16,11 +16,17 @@ export function useGuestProjectsList() { return { ...guestProjects, guestProjects: guestProjects.data } } - const activeProjectId = useFetch(`/api/user/active_project`, { key: 'activeProjectId', ...signHeaders(), }); +export const isGuest = computed(() => { + if (!guestProjects.data.value) return false; + const guestTarget = guestProjects.data.value.find(e => e._id.toString() == activeProjectId.data.value); + if (guestTarget) return true; + return false; +}); + export function useActiveProjectId() { return { ...activeProjectId, pid: activeProjectId.data } } diff --git a/dashboard/pages/analyst.vue b/dashboard/pages/analyst.vue index 1b94f5e..91a5fed 100644 --- a/dashboard/pages/analyst.vue +++ b/dashboard/pages/analyst.vue @@ -130,10 +130,13 @@ async function deleteChat(chat_id: string) {
-
+
How can i help you today?
-
+
+ Im not allowed to help guests :c +
+
{{ prompt }} @@ -172,7 +175,7 @@ async function deleteChat(chat_id: string) { -
+
-
Add member
diff --git a/dashboard/pages/plans.vue b/dashboard/pages/plans.vue index d937a56..0b93cfa 100644 --- a/dashboard/pages/plans.vue +++ b/dashboard/pages/plans.vue @@ -130,7 +130,7 @@ function getPremiumName(type: number) {
Expire date:
{{ prettyExpireDate }}
-
Upgrade plan
@@ -168,7 +168,7 @@ function getPremiumName(type: number) {
-
diff --git a/dashboard/server/LIVE_DEMO_DATA.ts b/dashboard/server/LIVE_DEMO_DATA.ts index 507f577..e3d11ac 100644 --- a/dashboard/server/LIVE_DEMO_DATA.ts +++ b/dashboard/server/LIVE_DEMO_DATA.ts @@ -3,7 +3,7 @@ import { ProjectModel } from "~/../shared/schema/ProjectSchema"; import { LITLYX_PROJECT_ID } from '@data/LITLYX' import { hasAccessToProject } from "./utils/hasAccessToProject"; -export async function getUserProjectFromId(project_id: string, user: AuthContext | undefined) { +export async function getUserProjectFromId(project_id: string, user: AuthContext | undefined, allowGuest: boolean = true) { if (project_id == LITLYX_PROJECT_ID) { const project = await ProjectModel.findOne({ _id: project_id }); return project; @@ -11,8 +11,9 @@ export async function getUserProjectFromId(project_id: string, user: AuthContext if (!user?.logged) return; const project = await ProjectModel.findById(project_id); if (!project) return; - const hasAccess = await hasAccessToProject(user.id, project_id, project); + const [hasAccess, role] = await hasAccessToProject(user.id, project_id, project); if (!hasAccess) return; + if (role === 'GUEST' && !allowGuest) return false; return project; } diff --git a/dashboard/server/api/ai/[project_id]/send_message.post.ts b/dashboard/server/api/ai/[project_id]/send_message.post.ts index dcb99eb..0ffb4b3 100644 --- a/dashboard/server/api/ai/[project_id]/send_message.post.ts +++ b/dashboard/server/api/ai/[project_id]/send_message.post.ts @@ -10,7 +10,7 @@ export default defineEventHandler(async event => { if (!project_id) return; const user = getRequestUser(event); - const project = await getUserProjectFromId(project_id, user); + const project = await getUserProjectFromId(project_id, user, false); if (!project) return; // if (!user?.logged) return; diff --git a/dashboard/server/api/metrics/[project_id]/query.ts b/dashboard/server/api/metrics/[project_id]/query.ts index cb84477..597d3a8 100644 --- a/dashboard/server/api/metrics/[project_id]/query.ts +++ b/dashboard/server/api/metrics/[project_id]/query.ts @@ -8,8 +8,12 @@ export default defineEventHandler(async event => { if (!user?.logged) return; const project_id = getRequestProjectId(event); if (!project_id) return; - const project = await ProjectModel.findOne({ _id: project_id, owner: user.id }); + const project = await ProjectModel.findOne({ _id: project_id }); if (!project) return; + + const [hasAccess] = await hasAccessToProject(user.id, project_id, project) + if (!hasAccess) return; + const query = getQuery(event); const { orderBy, order, page, limit, type } = query; diff --git a/dashboard/server/api/pay/[project_id]/invoices.ts b/dashboard/server/api/pay/[project_id]/invoices.ts index b355835..55fa347 100644 --- a/dashboard/server/api/pay/[project_id]/invoices.ts +++ b/dashboard/server/api/pay/[project_id]/invoices.ts @@ -17,7 +17,7 @@ export default defineEventHandler(async event => { if (!project_id) return; const user = getRequestUser(event); - const project = await getUserProjectFromId(project_id, user); + const project = await getUserProjectFromId(project_id, user, false); if (!project) return; if (!project.customer_id) return []; diff --git a/dashboard/server/api/user/set_active_project.ts b/dashboard/server/api/user/set_active_project.ts index cea5b7d..6d6e9ae 100644 --- a/dashboard/server/api/user/set_active_project.ts +++ b/dashboard/server/api/user/set_active_project.ts @@ -13,7 +13,7 @@ export default defineEventHandler(async event => { const { project_id } = getQuery(event); - const hasAccess = await hasAccessToProject(userData.id, project_id as string); + const [hasAccess] = await hasAccessToProject(userData.id, project_id as string); if (!hasAccess) return setResponseStatus(event, 400, 'No access to project');