mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-21 20:47:08 -05:00
94 lines
2.2 KiB
JavaScript
94 lines
2.2 KiB
JavaScript
|
const { db, waitForDb } = require('../app/src/infrastructure/mongodb')
|
||
|
const { ReadPreference } = require('mongodb')
|
||
|
const UserSessionsManager = require('../app/src/Features/User/UserSessionsManager')
|
||
|
|
||
|
const COMMIT = process.argv.includes('--commit')
|
||
|
const KEEP_SESSIONS = process.argv.includes('--keep-sessions')
|
||
|
|
||
|
const FULL_STAFF_ACCESS = {
|
||
|
publisherMetrics: true,
|
||
|
publisherManagement: true,
|
||
|
institutionMetrics: true,
|
||
|
institutionManagement: true,
|
||
|
groupMetrics: true,
|
||
|
groupManagement: true,
|
||
|
adminMetrics: true,
|
||
|
splitTestMetrics: true,
|
||
|
splitTestManagement: true,
|
||
|
}
|
||
|
|
||
|
function doesNotHaveFullStaffAccess(user) {
|
||
|
if (!user.staffAccess) {
|
||
|
return true
|
||
|
}
|
||
|
for (const field of Object.keys(FULL_STAFF_ACCESS)) {
|
||
|
if (!user.staffAccess[field]) {
|
||
|
return true
|
||
|
}
|
||
|
}
|
||
|
return false
|
||
|
}
|
||
|
|
||
|
function formatUser(user) {
|
||
|
user = Object.assign({}, user, user.staffAccess)
|
||
|
delete user.staffAccess
|
||
|
return user
|
||
|
}
|
||
|
|
||
|
async function main() {
|
||
|
await waitForDb()
|
||
|
const adminUsers = await db.users
|
||
|
.find(
|
||
|
{ isAdmin: true },
|
||
|
{
|
||
|
projection: {
|
||
|
_id: 1,
|
||
|
email: 1,
|
||
|
staffAccess: 1,
|
||
|
},
|
||
|
readPreference: ReadPreference.SECONDARY,
|
||
|
}
|
||
|
)
|
||
|
.toArray()
|
||
|
|
||
|
console.log('All Admin users:')
|
||
|
console.table(adminUsers.map(formatUser))
|
||
|
|
||
|
const incompleteUsers = adminUsers.filter(doesNotHaveFullStaffAccess)
|
||
|
if (incompleteUsers.length === 0) {
|
||
|
console.warn('All Admin users have full staff access.')
|
||
|
return
|
||
|
}
|
||
|
|
||
|
console.log()
|
||
|
console.log('Incomplete staff access:')
|
||
|
console.table(incompleteUsers.map(formatUser))
|
||
|
|
||
|
if (COMMIT) {
|
||
|
for (const user of incompleteUsers) {
|
||
|
console.error(
|
||
|
`Granting ${user.email} (${user._id.toString()}) full staff access`
|
||
|
)
|
||
|
await db.users.updateOne(
|
||
|
{ _id: user._id, isAdmin: true },
|
||
|
{ $set: { staffAccess: FULL_STAFF_ACCESS } }
|
||
|
)
|
||
|
if (!KEEP_SESSIONS) {
|
||
|
await UserSessionsManager.promises.revokeAllUserSessions(user, [])
|
||
|
}
|
||
|
}
|
||
|
} else {
|
||
|
console.warn('Use --commit to grant missing staff access.')
|
||
|
}
|
||
|
}
|
||
|
|
||
|
main()
|
||
|
.then(() => {
|
||
|
console.error('Done.')
|
||
|
process.exit(0)
|
||
|
})
|
||
|
.catch(error => {
|
||
|
console.error({ error })
|
||
|
process.exit(1)
|
||
|
})
|