Skip to content

Let platform admins view and edit all assets#11

Merged
haphantran merged 3 commits into
mainfrom
feature/admin-view-all-assets
Jun 15, 2026
Merged

Let platform admins view and edit all assets#11
haphantran merged 3 commits into
mainfrom
feature/admin-view-all-assets

Conversation

@haphantran

@haphantran haphantran commented Jun 15, 2026

Copy link
Copy Markdown
Collaborator

Problem

On prod, importing the Smart Warehouse example model failed with Referenced metamodel (conformsTo) not found, while it worked in local dev.

Root cause: example data uses fixed IDs. The Smart Warehouse model (20000000-…0100) conforms to metamodel 10000000-…0100, which on prod is owned by one account (the first to persist it). sharingService.checkAccess grants access only to the owner or users it's explicitly shared with — there is no admin bypass and no public/visibility flag. So every other user (even admins) is rejected when referencing it, and the fixed ID can't be re-created either (primary-key collision).

Change (backend only)

Give the ADMIN role platform-wide view + edit access to all assets:

  • sharingService.checkAccess grants EDITOR-equivalent access to admins for any resource they don't own or have shared. As the central access authority, this covers every getById, the model-import metamodel reference check (fixing the import error), and every update/edit path (which gate on isOwner || permission === 'EDITOR').
  • Each getAll (metamodel, model, diagram, viewpoint, transformation rule, codegen project, test case) returns all rows for admins, tagged with the owner's email and EDITOR permission.
  • Added sharingService.isAdmin(userId) helper and refactored ownership resolution into getResourceOwnerId.

Delete and share stay owner-only: delete queries are owner-scoped ({ id, userId }) and shareResource requires ownership, so neither is affected by the bypass. (Can extend if you want admins to delete others' assets too.)

Out of scope

EPackages (Ecore roots) and uploaded StoredFiles remain owner-scoped — infrastructural rather than modeling assets. Can be added if desired.

Tests

  • Full backend suite: 547 passed / 29 suites.
  • Lint clean, tsc --noEmit clean.
  • New tests: admin EDITOR bypass in checkAccess (+ denial when the resource doesn't exist) and admin platform-wide getAll listing.

Admins can now see every metamodel, model, diagram, viewpoint,
transformation rule, codegen project, and test case on the platform,
not just the ones they own or that are shared with them.

- sharingService.checkAccess grants read-only (VIEWER) access to admins
  for any resource, covering every getById and the model-import
  metamodel reference check. Edit/delete/share stay owner-restricted.
- Each resource getAll returns all rows for admins, tagged with the
  owner email.

Fixes "Referenced metamodel (conformsTo) not found" on import when the
referenced metamodel is owned by another user, since example data uses
fixed IDs that only the first persisting account can own.
Copilot AI review requested due to automatic review settings June 15, 2026 17:24

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the backend authorization/listing logic so platform ADMIN users can read all modeling assets across the platform (to fix prod imports failing on fixed-ID example data), while keeping edit/delete/share owner/permission-restricted.

Changes:

  • Added an admin read-only bypass in sharingService.checkAccess, plus isAdmin() and centralized owner resolution via getResourceOwnerId.
  • Updated multiple getAll* service methods to return platform-wide listings for admins, tagging non-owned rows with permission: VIEWER and ownerEmail.
  • Updated/added tests to cover the new admin behavior (notably SharingService.checkAccess and MetamodelService.getAll).

Reviewed changes

Copilot reviewed 16 out of 16 changed files in this pull request and generated 7 comments.

Show a summary per file
File Description
backend/src/services/sharing.service.ts Adds admin read-only access in checkAccess, plus isAdmin() and getResourceOwnerId() refactor.
backend/src/services/metamodel.service.ts Admins can list all metamodels with owner email tagging.
backend/src/services/model.service.ts Admins can list all models with owner email tagging.
backend/src/services/diagram.service.ts Admins can list all diagrams with owner email tagging.
backend/src/services/viewpoint.service.ts Admins can list all viewpoints platform-wide.
backend/src/services/transformation.service.ts Admins can list all transformation rules with owner email tagging.
backend/src/services/codegeneration.service.ts Admins can list all codegen projects with owner email tagging.
backend/src/services/test.service.ts Admins can list all test cases with owner email tagging.
backend/src/tests/services/sharing.service.test.ts Adds tests for admin read-only bypass and missing-resource denial.
backend/src/tests/services/metamodel.service.test.ts Adds test for admin platform-wide listing behavior.
backend/src/tests/services/model.service.test.ts Updates sharing service mock to include isAdmin.
backend/src/tests/services/diagram.service.test.ts Updates sharing service mock to include isAdmin.
backend/src/tests/services/viewpoint.service.test.ts Updates sharing service mock to include isAdmin.
backend/src/tests/services/transformation.service.test.ts Updates sharing service mock to include isAdmin.
backend/src/tests/services/codegeneration.service.test.ts Updates sharing service mock to include isAdmin.
backend/src/tests/services/test.service.test.ts Updates sharing service mock to include isAdmin.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread backend/src/services/model.service.ts Outdated
Comment on lines +23 to +27
// Platform admins see every model on the platform (read-only for those they
// don't own).
if (await sharingService.isAdmin(userId)) {
const all = await prisma.model.findMany({
orderBy: { name: 'asc' },
Comment on lines +46 to +50
// Platform admins see every rule on the platform (read-only for those they
// don't own).
if (await sharingService.isAdmin(userId)) {
const all = await prisma.transformationRule.findMany({
orderBy: [{ priority: 'desc' }, { name: 'asc' }],
Comment thread backend/src/services/test.service.ts Outdated
Comment on lines +50 to +55
// Platform admins see every test case on the platform (read-only for those
// they don't own).
if (await sharingService.isAdmin(userId)) {
const all = await prisma.testCase.findMany({
orderBy: { name: 'asc' },
include: { user: { select: { email: true } } },
Comment on lines +21 to +27
// Platform admins see every project on the platform (read-only for those
// they don't own).
if (await sharingService.isAdmin(userId)) {
const all = await prisma.codeGenerationProject.findMany({
orderBy: { name: 'asc' },
include: { user: { select: { email: true } } },
});
Comment thread backend/src/services/diagram.service.ts Outdated
Comment on lines +448 to +454
// Platform admins see every diagram on the platform (read-only for those
// they don't own).
if (await sharingService.isAdmin(userId)) {
const all = await prisma.diagram.findMany({
orderBy: { name: 'asc' },
include: { user: { select: { email: true } } },
});
Comment on lines +346 to +352
// Platform admins see every viewpoint on the platform.
if (await sharingService.isAdmin(userId)) {
const allViewpoints = await prisma.viewpoint.findMany({
where: metamodelId ? { metamodelId } : {},
orderBy: [{ metamodelId: 'asc' }, { isDefault: 'desc' }, { name: 'asc' }],
});
return allViewpoints.map(row => this.mapToViewpoint(row));
Comment thread backend/src/services/sharing.service.ts Outdated
Comment on lines +508 to +512
// Platform admins can view every resource, even ones not owned by or shared
// with them. Access is read-only — edit/delete/share stay owner-restricted.
if (await this.isAdmin(userId)) {
const ownerId = await this.getResourceOwnerId(resourceType, resourceId);
if (ownerId) {
Switch the platform-admin bypass from VIEWER to EDITOR so admins can
update other users' metamodels, models, diagrams, viewpoints,
transformation rules, codegen projects, and test cases. Delete and
share remain owner-only (those paths gate on ownership directly).
@haphantran haphantran changed the title Let platform admins view all assets Let platform admins view and edit all assets Jun 15, 2026
…tests

- checkAccess resolves the resource owner once (via getResourceOwnerId)
  and short-circuits when the resource is missing, removing the
  duplicate ownership lookup in the admin branch.
- Add admin platform-wide getAll tests for model, diagram, transformation,
  codegen, test, and viewpoint services.
@haphantran haphantran merged commit 551af1b into main Jun 15, 2026
3 checks passed
@haphantran haphantran deleted the feature/admin-view-all-assets branch June 25, 2026 14:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants