CHAI
/
chtech-anythingllm
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22 Commits
1 Branch
0 Tags
235 MiB
Tree: cbbf5e2877
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'cbbf5e2877'
${ noResults }
chtech-anythingllm/server/utils/helpers/admin/index.js

56 lines
2.4 KiB
Raw Normal View History

first commit
11 months ago
  1. const { User } = require("../../../models/user");
  2. const { ROLES } = require("../../middleware/multiUserProtected");
  4. // When a user is updating or creating a user in multi-user, we need to check if they
  5. // are allowed to do this and that the new or existing user will be at or below their permission level.
  6. // the user executing this function should be an admin or manager.
  7. function validRoleSelection(currentUser = {}, newUserParams = {}) {
  8. if (!newUserParams.hasOwnProperty("role"))
  9. return { valid: true, error: null }; // not updating role, so skip.
  10. if (currentUser.role === ROLES.admin) return { valid: true, error: null };
  11. if (currentUser.role === ROLES.manager) {
  12. const validRoles = [ROLES.manager, ROLES.default];
  13. if (!validRoles.includes(newUserParams.role))
  14. return { valid: false, error: "Invalid role selection for user." };
  15. return { valid: true, error: null };
  16. }
  17. return { valid: false, error: "Invalid condition for caller." };
  18. }
  20. // Check to make sure with this update that includes a role change to an existing admin to a non-admin
  21. // that we still have at least one admin left or else they will lock themselves out.
  22. async function canModifyAdmin(userToModify, updates) {
  23. // if updates don't include role property
  24. // or the user being modified isn't an admin currently
  25. // or the updates role is equal to the users current role.
  26. // skip validation.
  27. if (!updates.hasOwnProperty("role")) return { valid: true, error: null };
  28. if (userToModify.role !== ROLES.admin) return { valid: true, error: null };
  29. if (updates.role === userToModify.role) return { valid: true, error: null };
  31. const adminCount = await User.count({ role: ROLES.admin });
  32. if (adminCount - 1 <= 0)
  33. return {
  34. valid: false,
  35. error: "No system admins will remain if you do this. Update failed.",
  36. };
  37. return { valid: true, error: null };
  38. }
  40. function validCanModify(currentUser, existingUser) {
  41. if (currentUser.role === ROLES.admin) return { valid: true, error: null };
  42. if (currentUser.role === ROLES.manager) {
  43. const validRoles = [ROLES.manager, ROLES.default];
  44. if (!validRoles.includes(existingUser.role))
  45. return { valid: false, error: "Cannot perform that action on user." };
  46. return { valid: true, error: null };
  47. }
  49. return { valid: false, error: "Invalid condition for caller." };
  50. }
  52. module.exports = {
  53. validCanModify,
  54. validRoleSelection,
  55. canModifyAdmin,
  56. };