Fix org permissions for org tabs #7242
Conversation
| * Checks if a user has admin permissions for an organization | ||
| */ | ||
| export function isOrgAdmin(permissions?: V1OrganizationPermissions): boolean { | ||
| return !!permissions?.admin; |
There was a problem hiding this comment.
Just curious - any reason why we have a separate admin and guest prop but not for editor and viewer? @begelundmuller cc: @ericpgreen2
There was a problem hiding this comment.
Yeah, I understand it seems a bit weird, but the idea is that admin and guest in this case are flags with a special internal meaning.
You can imagine in the future, we might introduce more roles, like "owner" and "billing admin", which would also have the admin=true despite having different names.
Similarly for guests, there's been discussion about having "guest viewers" and "guest admins" (guests who can invite other guests). They'd both be identified just by guest=true.
There was a problem hiding this comment.
Any chance that we can have roles editor and viewer in the props? This is so we can have a reliable role source and don't need to maintain a separate org role with the granular permissions for the UI.
There was a problem hiding this comment.
maybe expose role as a separate field that the UI can use and not rely on these flags ?
This pull request ensures the correctness of org roles' permissions to the organization tabs. Closes https://github.com/rilldata/rill-private-issues/issues/1651
/userscan be accessed by org admin + editor/settingscan be accessed by org adminChecklist: