kif/portal
10
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Fix user rights

Browse source
This commit is contained in:
Lars Westermann 2019-06-12 17:27:15 +02:00
parent 76945c20d2
commit fface0e5ba
Signed by: lars.westermann
GPG key ID: 9D417FA5BB9D5E1D
7 changed files with 35 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/commonMain/kotlin/de/kif/common/model/User.kt
View file

@ -13,8 +13,6 @@ data class User(
override val updateAt: Long = 0 override val updateAt: Long = 0
) : Model { ) : Model {
fun checkPermission(permission: Permission): Boolean { fun checkPermission(permission: Permission): Boolean {
return permission in permissions || Permission.ADMIN in permissions return permission in permissions || Permission.ADMIN in permissions
} }

6
src/jsMain/kotlin/de/kif/frontend/views/table/TableLine.kt
View file

@ -43,11 +43,7 @@ open class TableLine(line: HTMLElement) : View(line) {
protected fun setupBoolean(view: TextView, onSave: () -> Unit) { protected fun setupBoolean(view: TextView, onSave: () -> Unit) {
view.classList += "no-select" view.classList += "no-select"
view.tabIndex = 0 view.tabIndex = 0
view.onClick { view.onDblClick {
onSave()
}
view.onKeyDown {
if (it.keyCode != 32) return@onKeyDown
onSave() onSave()
} }
} }

4
src/jvmMain/kotlin/de/kif/backend/repository/UserRepository.kt
View file

@ -71,6 +71,8 @@ object UserRepository : Repository<User> {
val now = Date().time val now = Date().time
dbQuery { dbQuery {
DbUserPermission.deleteWhere { DbUserPermission.userId eq model.id }
DbUser.update({ DbUser.id eq model.id }) { DbUser.update({ DbUser.id eq model.id }) {
it[username] = model.username it[username] = model.username
it[password] = model.password it[password] = model.password
@ -78,8 +80,6 @@ object UserRepository : Repository<User> {
it[updatedAt] = now it[updatedAt] = now
} }
DbUserPermission.deleteWhere { DbUserPermission.userId eq model.id }
for (permission in model.permissions) { for (permission in model.permissions) {
DbUserPermission.insert { DbUserPermission.insert {
it[userId] = model.id it[userId] = model.id

4
src/jvmMain/kotlin/de/kif/backend/route/Track.kt
View file

@ -171,9 +171,9 @@ fun Route.track() {
} }
div("form-group") { div("form-group") {
a("$prefix/track") { a("$prefix/tracks") {
button(classes = "form-btn") { button(classes = "form-btn") {
+"Cancel" +"Abbrechen"
} }
} }
button(type = ButtonType.submit, classes = "form-btn btn-primary") { button(type = ButtonType.submit, classes = "form-btn btn-primary") {

44
src/jvmMain/kotlin/de/kif/backend/route/User.kt
View file

@ -66,7 +66,7 @@ fun Route.user() {
+u.username +u.username
} }
td { td {
+u.permissions.joinToString(", ") { it.toString().toLowerCase() } +u.permissions.joinToString(", ") { it.germanInfo.toLowerCase().capitalize() }
} }
td(classes = "action") { td(classes = "action") {
a("$prefix/user/${u.id}") { a("$prefix/user/${u.id}") {
@ -106,7 +106,7 @@ fun Route.user() {
div("form-switch-group") { div("form-switch-group") {
for (permission in Permission.values()) { for (permission in Permission.values()) {
val name = permission.germanInfo.toLowerCase() val name = permission.name.toLowerCase()
div("form-group form-switch") { div("form-group form-switch") {
input( input(
name = "permission-$name", name = "permission-$name",
@ -122,7 +122,7 @@ fun Route.user() {
} }
label { label {
htmlFor = "permission-$name" htmlFor = "permission-$name"
+name.capitalize() +permission.germanInfo.toLowerCase().capitalize()
} }
} }
} }
@ -161,6 +161,17 @@ fun Route.user() {
value = "" value = ""
} }
} }
div("form-group") {
a("$prefix/users") {
button(classes = "form-btn") {
+"Abbrechen"
}
}
button(type = ButtonType.submit, classes = "form-btn btn-primary") {
+"Speichern"
}
}
} }
a("$prefix/user/${editUser.id}/delete") { a("$prefix/user/${editUser.id}/delete") {
button(classes = "form-btn btn-danger") { button(classes = "form-btn btn-danger") {
@ -193,13 +204,10 @@ fun Route.user() {
} }
} }
val permissions = Permission.values().filter { permission -> val permissions = parsePermissions(user, params)
val name = permission.toString().toLowerCase()
user.checkPermission(permission) && params["permission-$name"] == "on"
}.toSet()
editUser = editUser.copy(permissions = permissions) editUser = editUser.copy(permissions = permissions)
UserRepository.update(user) UserRepository.update(editUser)
call.respondRedirect("$prefix/users") call.respondRedirect("$prefix/users")
} }
@ -243,7 +251,7 @@ fun Route.user() {
div("form-switch-group") { div("form-switch-group") {
for (permission in Permission.values()) { for (permission in Permission.values()) {
val name = permission.germanInfo.toLowerCase() val name = permission.name.toLowerCase()
div("form-group form-switch") { div("form-group form-switch") {
input( input(
name = "permission-$name", name = "permission-$name",
@ -259,14 +267,14 @@ fun Route.user() {
} }
label { label {
htmlFor = "permission-$name" htmlFor = "permission-$name"
+name.capitalize() +permission.germanInfo.toLowerCase().capitalize()
} }
} }
} }
} }
div("form-group") { div("form-group") {
a("$prefix/user") { a("$prefix/users") {
button(classes = "form-btn") { button(classes = "form-btn") {
+"Abbrechen" +"Abbrechen"
} }
@ -290,12 +298,7 @@ fun Route.user() {
val username = params["username"] ?: return@post val username = params["username"] ?: return@post
val password = params["password"] ?: return@post val password = params["password"] ?: return@post
val permissions = Permission.values().mapNotNull { permission -> val permissions = parsePermissions(user, params)
if (user.checkPermission(permission) && params["permission-${permission.toString().toLowerCase()}"] == "on")
permission
else
null
}.toSet()
val newUser = User(null, username, hashPassword(password), permissions) val newUser = User(null, username, hashPassword(password), permissions)
@ -320,3 +323,10 @@ fun Route.user() {
} }
} }
} }
fun parsePermissions(user: User, params: Map<String, String?>): Set<Permission> {
return Permission.values().filter { permission ->
val name = permission.name.toLowerCase()
user.checkPermission(permission) && params["permission-$name"] == "on"
}.toSet()
}

4
src/jvmMain/kotlin/de/kif/backend/route/WorkGroup.kt
View file

@ -548,7 +548,7 @@ fun Route.workGroup() {
} }
div("form-group") { div("form-group") {
a("$prefix/workgroup") { a("$prefix/workgroups") {
button(classes = "form-btn") { button(classes = "form-btn") {
+"Abbrechen" +"Abbrechen"
} }
@ -844,7 +844,7 @@ fun Route.workGroup() {
} }
div("form-group") { div("form-group") {
a("$prefix/workgroup") { a("$prefix/workgroups") {
button(classes = "form-btn") { button(classes = "form-btn") {
+"Abbrechen" +"Abbrechen"
} }

2
src/jvmMain/kotlin/de/kif/backend/util/WikiImporter.kt
View file

@ -111,7 +111,7 @@ object WikiImporter {
} }
} }
var akLength = 60 var akLength = 120
if (length.isNotBlank()) { if (length.isNotBlank()) {
val regex = """(\d+) *(h|[Ss]tund|[Ss]lot)""".toRegex() val regex = """(\d+) *(h|[Ss]tund|[Ss]lot)""".toRegex()