e64f6f8569
enforces user admin role requirement for - creating / deleting / setting role for organization users - creating / deleting / setting role for project users - updating project name - deleting project hides action elements based on role for - admin console - team settings if team is only visible through project membership - add project tile if not team admin - project name text editor if not team / project admin - add redirect from team page if settings only visible through project membership - add redirect from admin console if not org admin role enforcement is handled on the api side through a custom GraphQL directive `hasRole`. on the client side, role information is fetched in the TopNavbar's `me` query and stored in the `UserContext`. there is a custom hook, `useCurrentUser`, that provides a user object with two functions, `isVisibile` & `isAdmin` which is used to check roles in order to render/hide relevant UI elements.
44 lines
893 B
GraphQL
44 lines
893 B
GraphQL
extend type Mutation {
|
|
createTeamMember(input: CreateTeamMember!):
|
|
CreateTeamMemberPayload! @hasRole(roles: [ADMIN], level: TEAM, type: TEAM)
|
|
updateTeamMemberRole(input: UpdateTeamMemberRole!):
|
|
UpdateTeamMemberRolePayload! @hasRole(roles: [ADMIN], level: TEAM, type: TEAM)
|
|
deleteTeamMember(input: DeleteTeamMember!):
|
|
DeleteTeamMemberPayload! @hasRole(roles: [ADMIN], level: TEAM, type: TEAM)
|
|
|
|
}
|
|
|
|
input DeleteTeamMember {
|
|
teamID: UUID!
|
|
userID: UUID!
|
|
newOwnerID: UUID
|
|
}
|
|
|
|
type DeleteTeamMemberPayload {
|
|
teamID: UUID!
|
|
userID: UUID!
|
|
affectedProjects: [Project!]!
|
|
}
|
|
|
|
input CreateTeamMember {
|
|
userID: UUID!
|
|
teamID: UUID!
|
|
}
|
|
|
|
type CreateTeamMemberPayload {
|
|
team: Team!
|
|
teamMember: Member!
|
|
}
|
|
|
|
input UpdateTeamMemberRole {
|
|
teamID: UUID!
|
|
userID: UUID!
|
|
roleCode: RoleCode!
|
|
}
|
|
|
|
type UpdateTeamMemberRolePayload {
|
|
ok: Boolean!
|
|
teamID: UUID!
|
|
member: Member!
|
|
}
|