From 025ee63f0b0fea2abb2de67b8d3725a9a5f94972 Mon Sep 17 00:00:00 2001 From: Tom Moor Date: Wed, 5 Jun 2024 08:30:30 -0400 Subject: [PATCH] Add MembersCanCreateApiKey team preference --- server/policies/apiKey.ts | 5 ++++- server/routes/api/teams/schema.ts | 2 ++ shared/constants.ts | 1 + shared/i18n/locales/en_US/translation.json | 2 ++ shared/types.ts | 3 +++ 5 files changed, 12 insertions(+), 1 deletion(-) diff --git a/server/policies/apiKey.ts b/server/policies/apiKey.ts index 14f642672..7ea229ffd 100644 --- a/server/policies/apiKey.ts +++ b/server/policies/apiKey.ts @@ -1,3 +1,4 @@ +import { TeamPreference } from "@shared/types"; import { ApiKey, User, Team } from "@server/models"; import { allow } from "./cancan"; import { and, isOwner, isTeamModel, isTeamMutable } from "./utils"; @@ -9,7 +10,9 @@ allow(User, "createApiKey", Team, (actor, team) => isTeamMutable(actor), !actor.isViewer, !actor.isGuest, - !actor.isSuspended + !actor.isSuspended, + actor.isAdmin || + !!team?.getPreference(TeamPreference.MembersCanCreateApiKey) ) ); diff --git a/server/routes/api/teams/schema.ts b/server/routes/api/teams/schema.ts index cdc7ebef0..3d2e26956 100644 --- a/server/routes/api/teams/schema.ts +++ b/server/routes/api/teams/schema.ts @@ -39,6 +39,8 @@ export const TeamsUpdateSchema = BaseSchema.extend({ viewersCanExport: z.boolean().optional(), /** Whether members can invite new people to the team. */ membersCanInvite: z.boolean().optional(), + /** Whether members can create API keys. */ + membersCanCreateApiKey: z.boolean().optional(), /** Whether commenting is enabled */ commenting: z.boolean().optional(), /** The custom theme for the team. */ diff --git a/shared/constants.ts b/shared/constants.ts index bd4321e8f..416157f1e 100644 --- a/shared/constants.ts +++ b/shared/constants.ts @@ -18,6 +18,7 @@ export const TeamPreferenceDefaults: TeamPreferences = { [TeamPreference.SeamlessEdit]: true, [TeamPreference.ViewersCanExport]: true, [TeamPreference.MembersCanInvite]: false, + [TeamPreference.MembersCanCreateApiKey]: true, [TeamPreference.PublicBranding]: false, [TeamPreference.Commenting]: true, [TeamPreference.CustomTheme]: undefined, diff --git a/shared/i18n/locales/en_US/translation.json b/shared/i18n/locales/en_US/translation.json index 389c7c137..9e696fba9 100644 --- a/shared/i18n/locales/en_US/translation.json +++ b/shared/i18n/locales/en_US/translation.json @@ -918,6 +918,8 @@ "Allow editors to invite other people to the workspace": "Allow editors to invite other people to the workspace", "Require invites": "Require invites", "Require members to be invited to the workspace before they can create an account using SSO.": "Require members to be invited to the workspace before they can create an account using SSO.", + "API access": "API access", + "Allow members to create API keys for programmatic access": "Allow members to create API keys for programmatic access", "Default role": "Default role", "The default user role for new accounts. Changing this setting does not affect existing user accounts.": "The default user role for new accounts. Changing this setting does not affect existing user accounts.", "When enabled, documents can be shared publicly on the internet by any member of the workspace": "When enabled, documents can be shared publicly on the internet by any member of the workspace", diff --git a/shared/types.ts b/shared/types.ts index edf9e5002..949043d6b 100644 --- a/shared/types.ts +++ b/shared/types.ts @@ -189,6 +189,8 @@ export enum TeamPreference { ViewersCanExport = "viewersCanExport", /** Whether members can invite new users. */ MembersCanInvite = "membersCanInvite", + /** Whether members can create API keys. */ + MembersCanCreateApiKey = "membersCanCreateApiKey", /** Whether users can comment on documents. */ Commenting = "commenting", /** The custom theme for the team. */ @@ -200,6 +202,7 @@ export type TeamPreferences = { [TeamPreference.PublicBranding]?: boolean; [TeamPreference.ViewersCanExport]?: boolean; [TeamPreference.MembersCanInvite]?: boolean; + [TeamPreference.MembersCanCreateApiKey]?: boolean; [TeamPreference.Commenting]?: boolean; [TeamPreference.CustomTheme]?: Partial; };