e64f6f8569
enforces user admin role requirement for - creating / deleting / setting role for organization users - creating / deleting / setting role for project users - updating project name - deleting project hides action elements based on role for - admin console - team settings if team is only visible through project membership - add project tile if not team admin - project name text editor if not team / project admin - add redirect from team page if settings only visible through project membership - add redirect from admin console if not org admin role enforcement is handled on the api side through a custom GraphQL directive `hasRole`. on the client side, role information is fetched in the TopNavbar's `me` query and stored in the `UserContext`. there is a custom hook, `useCurrentUser`, that provides a user object with two functions, `isVisibile` & `isAdmin` which is used to check roles in order to render/hide relevant UI elements.
41 lines
914 B
GraphQL
41 lines
914 B
GraphQL
extend type Mutation {
|
|
createProjectMember(input: CreateProjectMember!):
|
|
CreateProjectMemberPayload! @hasRole(roles: [ADMIN], level: PROJECT, type: PROJECT)
|
|
deleteProjectMember(input: DeleteProjectMember!):
|
|
DeleteProjectMemberPayload! @hasRole(roles: [ADMIN], level: PROJECT, type: PROJECT)
|
|
updateProjectMemberRole(input: UpdateProjectMemberRole!):
|
|
UpdateProjectMemberRolePayload! @hasRole(roles: [ADMIN], level: PROJECT, type: PROJECT)
|
|
}
|
|
|
|
input CreateProjectMember {
|
|
projectID: UUID!
|
|
userID: UUID!
|
|
}
|
|
|
|
type CreateProjectMemberPayload {
|
|
ok: Boolean!
|
|
member: Member!
|
|
}
|
|
|
|
input DeleteProjectMember {
|
|
projectID: UUID!
|
|
userID: UUID!
|
|
}
|
|
|
|
type DeleteProjectMemberPayload {
|
|
ok: Boolean!
|
|
member: Member!
|
|
projectID: UUID!
|
|
}
|
|
|
|
input UpdateProjectMemberRole {
|
|
projectID: UUID!
|
|
userID: UUID!
|
|
roleCode: RoleCode!
|
|
}
|
|
|
|
type UpdateProjectMemberRolePayload {
|
|
ok: Boolean!
|
|
member: Member!
|
|
}
|