feat(git-provider): enhance sharing and permissions management

- Added functionality to toggle sharing of Git providers with the organization.
- Introduced a new column "sharedWithOrganization" in the git_provider table to track sharing status.
- Updated user permissions to include accessedGitProviders, allowing for more granular access control.
- Enhanced API routes to support fetching accessible Git providers based on user roles and permissions.
- Implemented UI components for managing Git provider sharing and permissions in the dashboard.

packages/server/src/db/schema/account.ts

@@ -163,6 +163,10 @@ export const member = pgTable("member", {
 		.array()
 		.notNull()
 		.default(sql`ARRAY[]::text[]`),
+	accessedGitProviders: text("accessedGitProviders")
+		.array()
+		.notNull()
+		.default(sql`ARRAY[]::text[]`),
 });
 
 export const memberRelations = relations(member, ({ one }) => ({

packages/server/src/db/schema/git-provider.ts

@@ -1,5 +1,5 @@
 import { relations } from "drizzle-orm";
-import { pgEnum, pgTable, text } from "drizzle-orm/pg-core";
+import { boolean, pgEnum, pgTable, text } from "drizzle-orm/pg-core";
 import { nanoid } from "nanoid";
 import { z } from "zod";
 import { organization } from "./account";
@@ -32,6 +32,9 @@ export const gitProvider = pgTable("git_provider", {
 	userId: text("userId")
 		.notNull()
 		.references(() => user.id, { onDelete: "cascade" }),
+	sharedWithOrganization: boolean("sharedWithOrganization")
+		.notNull()
+		.default(false),
 });
 
 export const gitProviderRelations = relations(gitProvider, ({ one }) => ({
@@ -64,3 +67,8 @@ export const gitProviderRelations = relations(gitProvider, ({ one }) => ({
 export const apiRemoveGitProvider = z.object({
 	gitProviderId: z.string().min(1),
 });
+
+export const apiToggleShareGitProvider = z.object({
+	gitProviderId: z.string().min(1),
+	sharedWithOrganization: z.boolean(),
+});

packages/server/src/db/schema/user.ts

@@ -126,6 +126,7 @@ export const apiAssignPermissions = createSchema
 		accessedProjects: z.array(z.string()).optional(),
 		accessedEnvironments: z.array(z.string()).optional(),
 		accessedServices: z.array(z.string()).optional(),
+		accessedGitProviders: z.array(z.string()).optional(),
 		canCreateProjects: z.boolean().optional(),
 		canCreateServices: z.boolean().optional(),
 		canDeleteProjects: z.boolean().optional(),

packages/server/src/services/git-provider.ts

@@ -1,7 +1,8 @@
 import { db } from "@dokploy/server/db";
-import { gitProvider } from "@dokploy/server/db/schema";
+import { gitProvider, member } from "@dokploy/server/db/schema";
+import { hasValidLicense } from "@dokploy/server/services/proprietary/license-key";
 import { TRPCError } from "@trpc/server";
-import { eq } from "drizzle-orm";
+import { and, eq } from "drizzle-orm";
 
 export type GitProvider = typeof gitProvider.$inferSelect;
 
@@ -41,3 +42,51 @@ export const updateGitProvider = async (
 		.returning()
 		.then((response) => response[0]);
 };
+
+export const getAccessibleGitProviderIds = async (session: {
+	userId: string;
+	activeOrganizationId: string;
+}): Promise<Set<string>> => {
+	const { userId, activeOrganizationId } = session;
+
+	const allOrgProviders = await db.query.gitProvider.findMany({
+		where: eq(gitProvider.organizationId, activeOrganizationId),
+		columns: {
+			gitProviderId: true,
+			userId: true,
+			sharedWithOrganization: true,
+		},
+	});
+
+	const memberRecord = await db.query.member.findFirst({
+		where: and(
+			eq(member.userId, userId),
+			eq(member.organizationId, activeOrganizationId),
+		),
+		columns: { accessedGitProviders: true, role: true },
+	});
+
+	if (
+		memberRecord?.role === "owner" ||
+		memberRecord?.role === "admin"
+	) {
+		return new Set(allOrgProviders.map((p) => p.gitProviderId));
+	}
+
+	const licensed = await hasValidLicense(activeOrganizationId);
+	const assignedSet = licensed
+		? new Set(memberRecord?.accessedGitProviders ?? [])
+		: new Set<string>();
+
+	const result = new Set<string>();
+	for (const p of allOrgProviders) {
+		if (
+			p.userId === userId ||
+			p.sharedWithOrganization ||
+			assignedSet.has(p.gitProviderId)
+		) {
+			result.add(p.gitProviderId);
+		}
+	}
+	return result;
+};