Let platform admins view and edit all assets#11
Merged
Conversation
Admins can now see every metamodel, model, diagram, viewpoint, transformation rule, codegen project, and test case on the platform, not just the ones they own or that are shared with them. - sharingService.checkAccess grants read-only (VIEWER) access to admins for any resource, covering every getById and the model-import metamodel reference check. Edit/delete/share stay owner-restricted. - Each resource getAll returns all rows for admins, tagged with the owner email. Fixes "Referenced metamodel (conformsTo) not found" on import when the referenced metamodel is owned by another user, since example data uses fixed IDs that only the first persisting account can own.
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates the backend authorization/listing logic so platform ADMIN users can read all modeling assets across the platform (to fix prod imports failing on fixed-ID example data), while keeping edit/delete/share owner/permission-restricted.
Changes:
- Added an admin read-only bypass in
sharingService.checkAccess, plusisAdmin()and centralized owner resolution viagetResourceOwnerId. - Updated multiple
getAll*service methods to return platform-wide listings for admins, tagging non-owned rows withpermission: VIEWERandownerEmail. - Updated/added tests to cover the new admin behavior (notably
SharingService.checkAccessandMetamodelService.getAll).
Reviewed changes
Copilot reviewed 16 out of 16 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| backend/src/services/sharing.service.ts | Adds admin read-only access in checkAccess, plus isAdmin() and getResourceOwnerId() refactor. |
| backend/src/services/metamodel.service.ts | Admins can list all metamodels with owner email tagging. |
| backend/src/services/model.service.ts | Admins can list all models with owner email tagging. |
| backend/src/services/diagram.service.ts | Admins can list all diagrams with owner email tagging. |
| backend/src/services/viewpoint.service.ts | Admins can list all viewpoints platform-wide. |
| backend/src/services/transformation.service.ts | Admins can list all transformation rules with owner email tagging. |
| backend/src/services/codegeneration.service.ts | Admins can list all codegen projects with owner email tagging. |
| backend/src/services/test.service.ts | Admins can list all test cases with owner email tagging. |
| backend/src/tests/services/sharing.service.test.ts | Adds tests for admin read-only bypass and missing-resource denial. |
| backend/src/tests/services/metamodel.service.test.ts | Adds test for admin platform-wide listing behavior. |
| backend/src/tests/services/model.service.test.ts | Updates sharing service mock to include isAdmin. |
| backend/src/tests/services/diagram.service.test.ts | Updates sharing service mock to include isAdmin. |
| backend/src/tests/services/viewpoint.service.test.ts | Updates sharing service mock to include isAdmin. |
| backend/src/tests/services/transformation.service.test.ts | Updates sharing service mock to include isAdmin. |
| backend/src/tests/services/codegeneration.service.test.ts | Updates sharing service mock to include isAdmin. |
| backend/src/tests/services/test.service.test.ts | Updates sharing service mock to include isAdmin. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+23
to
+27
| // Platform admins see every model on the platform (read-only for those they | ||
| // don't own). | ||
| if (await sharingService.isAdmin(userId)) { | ||
| const all = await prisma.model.findMany({ | ||
| orderBy: { name: 'asc' }, |
Comment on lines
+46
to
+50
| // Platform admins see every rule on the platform (read-only for those they | ||
| // don't own). | ||
| if (await sharingService.isAdmin(userId)) { | ||
| const all = await prisma.transformationRule.findMany({ | ||
| orderBy: [{ priority: 'desc' }, { name: 'asc' }], |
Comment on lines
+50
to
+55
| // Platform admins see every test case on the platform (read-only for those | ||
| // they don't own). | ||
| if (await sharingService.isAdmin(userId)) { | ||
| const all = await prisma.testCase.findMany({ | ||
| orderBy: { name: 'asc' }, | ||
| include: { user: { select: { email: true } } }, |
Comment on lines
+21
to
+27
| // Platform admins see every project on the platform (read-only for those | ||
| // they don't own). | ||
| if (await sharingService.isAdmin(userId)) { | ||
| const all = await prisma.codeGenerationProject.findMany({ | ||
| orderBy: { name: 'asc' }, | ||
| include: { user: { select: { email: true } } }, | ||
| }); |
Comment on lines
+448
to
+454
| // Platform admins see every diagram on the platform (read-only for those | ||
| // they don't own). | ||
| if (await sharingService.isAdmin(userId)) { | ||
| const all = await prisma.diagram.findMany({ | ||
| orderBy: { name: 'asc' }, | ||
| include: { user: { select: { email: true } } }, | ||
| }); |
Comment on lines
+346
to
+352
| // Platform admins see every viewpoint on the platform. | ||
| if (await sharingService.isAdmin(userId)) { | ||
| const allViewpoints = await prisma.viewpoint.findMany({ | ||
| where: metamodelId ? { metamodelId } : {}, | ||
| orderBy: [{ metamodelId: 'asc' }, { isDefault: 'desc' }, { name: 'asc' }], | ||
| }); | ||
| return allViewpoints.map(row => this.mapToViewpoint(row)); |
Comment on lines
+508
to
+512
| // Platform admins can view every resource, even ones not owned by or shared | ||
| // with them. Access is read-only — edit/delete/share stay owner-restricted. | ||
| if (await this.isAdmin(userId)) { | ||
| const ownerId = await this.getResourceOwnerId(resourceType, resourceId); | ||
| if (ownerId) { |
Switch the platform-admin bypass from VIEWER to EDITOR so admins can update other users' metamodels, models, diagrams, viewpoints, transformation rules, codegen projects, and test cases. Delete and share remain owner-only (those paths gate on ownership directly).
…tests - checkAccess resolves the resource owner once (via getResourceOwnerId) and short-circuits when the resource is missing, removing the duplicate ownership lookup in the admin branch. - Add admin platform-wide getAll tests for model, diagram, transformation, codegen, test, and viewpoint services.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
On prod, importing the Smart Warehouse example model failed with
Referenced metamodel (conformsTo) not found, while it worked in local dev.Root cause: example data uses fixed IDs. The Smart Warehouse model (
20000000-…0100) conforms to metamodel10000000-…0100, which on prod is owned by one account (the first to persist it).sharingService.checkAccessgrants access only to the owner or users it's explicitly shared with — there is no admin bypass and no public/visibility flag. So every other user (even admins) is rejected when referencing it, and the fixed ID can't be re-created either (primary-key collision).Change (backend only)
Give the
ADMINrole platform-wide view + edit access to all assets:sharingService.checkAccessgrantsEDITOR-equivalent access to admins for any resource they don't own or have shared. As the central access authority, this covers everygetById, the model-import metamodel reference check (fixing the import error), and every update/edit path (which gate onisOwner || permission === 'EDITOR').getAll(metamodel, model, diagram, viewpoint, transformation rule, codegen project, test case) returns all rows for admins, tagged with the owner's email andEDITORpermission.sharingService.isAdmin(userId)helper and refactored ownership resolution intogetResourceOwnerId.Delete and share stay owner-only: delete queries are owner-scoped (
{ id, userId }) andshareResourcerequires ownership, so neither is affected by the bypass. (Can extend if you want admins to delete others' assets too.)Out of scope
EPackages (Ecore roots) and uploadedStoredFiles remain owner-scoped — infrastructural rather than modeling assets. Can be added if desired.Tests
tsc --noEmitclean.EDITORbypass incheckAccess(+ denial when the resource doesn't exist) and admin platform-widegetAlllisting.