vrr/ruvector
2
0
Fork 0
mirror of https://github.com/ruvnet/RuVector.git synced 2026-05-26 07:44:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
ruvector/studio/hooks/misc/useCheckPermissions.ts
rUv 814f595995 feat(studio): Add complete RuVector Studio application 
Major additions:
- Complete Next.js studio application with 1600+ components
- Docker support (Dockerfile.combined, docker-compose.yml)
- GCP deployment documentation and benchmarks
- SQL benchmark scripts for performance testing
- Sentry integration for monitoring
- Comprehensive test suite and mocks

Studio features:
- Dashboard and admin interfaces
- Data visualization components
- Authentication and user management
- API integration with RuVector backend
- Static data and public assets

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-06 23:04:48 +00:00

190 lines
6 KiB
TypeScript
Raw Permalink Blame History

import jsonLogic from 'json-logic-js'
import { useMemo } from 'react'
import { useIsLoggedIn, useParams } from 'common'
import { usePermissionsQuery } from 'data/permissions/permissions-query'
import { IS_PLATFORM } from 'lib/constants'
import type { Permission } from 'types'
import { useSelectedOrganizationQuery } from './useSelectedOrganization'
import { useSelectedProjectQuery } from './useSelectedProject'
const toRegexpString = (actionOrResource: string) =>
`^${actionOrResource.replace('.', '\\.').replace('%', '.*')}$`
function doPermissionConditionCheck(permissions: Permission[], data?: object) {
const isRestricted = permissions
.filter((permission) => permission.restrictive)
.some(
({ condition }: { condition: jsonLogic.RulesLogic }) =>
condition === null || jsonLogic.apply(condition, data)
)
if (isRestricted) return false
return permissions
.filter((permission) => !permission.restrictive)
.some(
({ condition }: { condition: jsonLogic.RulesLogic }) =>
condition === null || jsonLogic.apply(condition, data)
)
}
export function doPermissionsCheck(
permissions: Permission[] | undefined,
action: string,
resource: string,
data?: object,
organizationSlug?: string,
projectRef?: string
) {
if (!permissions || !Array.isArray(permissions)) {
return false
}
if (projectRef) {
const projectPermissions = permissions.filter(
(permission) =>
permission.organization_slug === organizationSlug &&
permission.actions.some((act) => (action ? action.match(toRegexpString(act)) : null)) &&
permission.resources.some((res) => resource.match(toRegexpString(res))) &&
permission.project_refs?.includes(projectRef)
)
if (projectPermissions.length > 0) {
return doPermissionConditionCheck(projectPermissions, { resource_name: resource, ...data })
}
}
const orgPermissions = permissions
// filter out org-level permission
.filter((permission) => !permission.project_refs || permission.project_refs.length === 0)
.filter(
(permission) =>
permission.organization_slug === organizationSlug &&
permission.actions.some((act) => (action ? action.match(toRegexpString(act)) : null)) &&
permission.resources.some((res) => resource.match(toRegexpString(res)))
)
return doPermissionConditionCheck(orgPermissions, { resource_name: resource, ...data })
}
export function useGetPermissions(
permissionsOverride?: Permission[],
organizationSlugOverride?: string,
enabled = true
) {
return useGetProjectPermissions(permissionsOverride, organizationSlugOverride, undefined, enabled)
}
function useGetProjectPermissions(
permissionsOverride?: Permission[],
organizationSlugOverride?: string,
projectRefOverride?: string,
enabled = true
) {
const {
data,
isLoading: isLoadingPermissions,
isSuccess: isSuccessPermissions,
} = usePermissionsQuery({
enabled: permissionsOverride === undefined && enabled,
})
const permissions = permissionsOverride === undefined ? data : permissionsOverride
const getOrganizationDataFromParamsSlug = organizationSlugOverride === undefined && enabled
const {
data: organizationData,
isLoading: isLoadingOrganization,
isSuccess: isSuccessOrganization,
} = useSelectedOrganizationQuery({
enabled: getOrganizationDataFromParamsSlug,
})
const organization =
organizationSlugOverride === undefined ? organizationData : { slug: organizationSlugOverride }
const organizationSlug = organization?.slug
const { ref: urlProjectRef } = useParams()
const getProjectDataFromParamsRef = !!urlProjectRef && projectRefOverride === undefined && enabled
const {
data: projectData,
isLoading: isLoadingProject,
isSuccess: isSuccessProject,
} = useSelectedProjectQuery({
enabled: getProjectDataFromParamsRef,
})
const project =
projectRefOverride === undefined || projectData?.parent_project_ref
? projectData
: { ref: projectRefOverride, parent_project_ref: undefined }
const projectRef = project?.parent_project_ref ? project.parent_project_ref : project?.ref
const isLoading =
isLoadingPermissions ||
(getOrganizationDataFromParamsSlug && isLoadingOrganization) ||
(getProjectDataFromParamsRef && isLoadingProject)
const isSuccess =
isSuccessPermissions &&
(!getOrganizationDataFromParamsSlug || isSuccessOrganization) &&
(!getProjectDataFromParamsRef || isSuccessProject)
return {
permissions,
organizationSlug,
projectRef,
isLoading,
isSuccess,
}
}
/** [Joshen] To be renamed to be useAsyncCheckPermissions, more generic as it covers both org and project perms */
// Useful when you want to avoid layout changes while waiting for permissions to load
export function useAsyncCheckPermissions(
action: string,
resource: string,
data?: object,
overrides?: {
organizationSlug?: string
projectRef?: string
permissions?: Permission[]
}
) {
const isLoggedIn = useIsLoggedIn()
const { organizationSlug, projectRef, permissions } = overrides ?? {}
const {
permissions: allPermissions,
organizationSlug: _organizationSlug,
projectRef: _projectRef,
isLoading: isPermissionsLoading,
isSuccess: isPermissionsSuccess,
} = useGetProjectPermissions(permissions, organizationSlug, projectRef, isLoggedIn)
const can = useMemo(() => {
if (!IS_PLATFORM) return true
if (!isLoggedIn) return false
if (!isPermissionsSuccess || !allPermissions) return false
return doPermissionsCheck(
allPermissions,
action,
resource,
data,
_organizationSlug,
_projectRef
)
}, [
isLoggedIn,
isPermissionsSuccess,
allPermissions,
action,
resource,
data,
_organizationSlug,
_projectRef,
])
// Derive loading/success consistently from the same branches
const isLoading = !IS_PLATFORM ? false : !isLoggedIn ? true : isPermissionsLoading
const isSuccess = !IS_PLATFORM ? true : !isLoggedIn ? false : isPermissionsSuccess
return { isLoading, isSuccess, can }
}
Reference in a new issue View git blame Copy permalink