3933f5f4d1
* migration from organization to workspace on code level * updated a few more files * fixed runtime errors * update org settings URL * Renamed organizationId in domain objects * changed field named from organization to workspace * Reverted AppsmithRole changes * fixed migrations * recreating indexes * migration update * seed data runs before migration, undo changes * mock commit * seedmongo to populate upgraded data, datasource upgrade * fixed two test cases * updated migrations * updated prop name * Upgraded AclPermission * comment * migrated AppsmithRole * more changes * final set of changes * variable name changes * update cypress variable name * Update app/server/appsmith-server/src/main/java/com/appsmith/server/controllers/ce/ApplicationControllerCE.java * Update app/server/appsmith-interfaces/src/main/java/com/appsmith/external/models/Datasource.java Co-authored-by: Trisha Anand <trisha@appsmith.com> * reverting encryption handler change * refactor code to migrate from org to workspace * migrated a few missed out org to workspace * updated a few more * migrated a few missed out org to workspace * migration changes * Removed Permission import * reverted code change * few more changes * fixed failing cypress test * fixed failing cypress test Co-authored-by: Sidhant Goel <sidhant@appsmith.com> Co-authored-by: Trisha Anand <trisha@appsmith.com> Co-authored-by: Sidhant Goel <sidhant@hexcod.in>
50 lines
1.4 KiB
Markdown
50 lines
1.4 KiB
Markdown
# ACL Migration Steps
|
|
|
|
1. Create a super user (with email <superuser_acl@appsmith.com>), using the sign-up API.
|
|
|
|
2. Add `manage` and `read` permissions for `workspaces`, `applications`, `pages` and `actions` for this super user,
|
|
on ALL existing documents (in corresponding collections). Once this is done, the policies field of workspaces,
|
|
for example, should look something like:
|
|
|
|
```json
|
|
{
|
|
"policies": [
|
|
{
|
|
"permission" : "manage:workspaces",
|
|
"users" : [
|
|
"superuser_acl@appsmith.com"
|
|
],
|
|
"groups" : []
|
|
},
|
|
{
|
|
"permission" : "read:workspaces",
|
|
"users" : [
|
|
"superuser_acl@appsmith.com"
|
|
],
|
|
"groups" : []
|
|
}
|
|
]
|
|
}
|
|
```
|
|
|
|
3. Disable emails for invite API actions.
|
|
|
|
4. For each user, for each workspace in the user's `workspaceIds` list, hit the invite user API for that
|
|
workspace, using session of the super user.
|
|
|
|
5. Remove super user from the workspace policies, without disturbing other permission values.
|
|
|
|
6. Remove super user from users collection.
|
|
|
|
# Running
|
|
|
|
Assuming you have node (>=v12), use the following command to run the migration:
|
|
|
|
```sh
|
|
npm install
|
|
node acl-migration.js 'https://localhost/api/v1/' 'mongodb://localhost:27017/mobtools'
|
|
```
|
|
|
|
The first argument should be a running API endpoint, and the second argument should be a URI to the database that this
|
|
API endpoint is running on.
|