Fix user rights
This commit is contained in:
Lars Westermann
parent
76945c20d2
commit
fface0e5ba
GPG key ID:
9D417FA5BB9D5E1D
|
|
@ -13,8 +13,6 @@ data class User(
|
|||
override val updateAt: Long = 0
|
||||
) : Model {
|
||||
|
||||
|
||||
|
||||
fun checkPermission(permission: Permission): Boolean {
|
||||
return permission in permissions || Permission.ADMIN in permissions
|
||||
}
|
||||
|
|
|
|||
|
|
@ -43,11 +43,7 @@ open class TableLine(line: HTMLElement) : View(line) {
|
|||
protected fun setupBoolean(view: TextView, onSave: () -> Unit) {
|
||||
view.classList += "no-select"
|
||||
view.tabIndex = 0
|
||||
view.onClick {
|
||||
onSave()
|
||||
}
|
||||
view.onKeyDown {
|
||||
if (it.keyCode != 32) return@onKeyDown
|
||||
view.onDblClick {
|
||||
onSave()
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -71,6 +71,8 @@ object UserRepository : Repository<User> {
|
|||
val now = Date().time
|
||||
|
||||
dbQuery {
|
||||
DbUserPermission.deleteWhere { DbUserPermission.userId eq model.id }
|
||||
|
||||
DbUser.update({ DbUser.id eq model.id }) {
|
||||
it[username] = model.username
|
||||
it[password] = model.password
|
||||
|
|
@ -78,8 +80,6 @@ object UserRepository : Repository<User> {
|
|||
it[updatedAt] = now
|
||||
}
|
||||
|
||||
DbUserPermission.deleteWhere { DbUserPermission.userId eq model.id }
|
||||
|
||||
for (permission in model.permissions) {
|
||||
DbUserPermission.insert {
|
||||
it[userId] = model.id
|
||||
|
|
|
|||
|
|
@ -171,9 +171,9 @@ fun Route.track() {
|
|||
}
|
||||
|
||||
div("form-group") {
|
||||
a("$prefix/track") {
|
||||
a("$prefix/tracks") {
|
||||
button(classes = "form-btn") {
|
||||
+"Cancel"
|
||||
+"Abbrechen"
|
||||
}
|
||||
}
|
||||
button(type = ButtonType.submit, classes = "form-btn btn-primary") {
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ fun Route.user() {
|
|||
+u.username
|
||||
}
|
||||
td {
|
||||
+u.permissions.joinToString(", ") { it.toString().toLowerCase() }
|
||||
+u.permissions.joinToString(", ") { it.germanInfo.toLowerCase().capitalize() }
|
||||
}
|
||||
td(classes = "action") {
|
||||
a("$prefix/user/${u.id}") {
|
||||
|
|
@ -106,7 +106,7 @@ fun Route.user() {
|
|||
|
||||
div("form-switch-group") {
|
||||
for (permission in Permission.values()) {
|
||||
val name = permission.germanInfo.toLowerCase()
|
||||
val name = permission.name.toLowerCase()
|
||||
div("form-group form-switch") {
|
||||
input(
|
||||
name = "permission-$name",
|
||||
|
|
@ -122,7 +122,7 @@ fun Route.user() {
|
|||
}
|
||||
label {
|
||||
htmlFor = "permission-$name"
|
||||
+name.capitalize()
|
||||
+permission.germanInfo.toLowerCase().capitalize()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -161,6 +161,17 @@ fun Route.user() {
|
|||
value = ""
|
||||
}
|
||||
}
|
||||
|
||||
div("form-group") {
|
||||
a("$prefix/users") {
|
||||
button(classes = "form-btn") {
|
||||
+"Abbrechen"
|
||||
}
|
||||
}
|
||||
button(type = ButtonType.submit, classes = "form-btn btn-primary") {
|
||||
+"Speichern"
|
||||
}
|
||||
}
|
||||
}
|
||||
a("$prefix/user/${editUser.id}/delete") {
|
||||
button(classes = "form-btn btn-danger") {
|
||||
|
|
@ -193,13 +204,10 @@ fun Route.user() {
|
|||
}
|
||||
}
|
||||
|
||||
val permissions = Permission.values().filter { permission ->
|
||||
val name = permission.toString().toLowerCase()
|
||||
user.checkPermission(permission) && params["permission-$name"] == "on"
|
||||
}.toSet()
|
||||
val permissions = parsePermissions(user, params)
|
||||
editUser = editUser.copy(permissions = permissions)
|
||||
|
||||
UserRepository.update(user)
|
||||
UserRepository.update(editUser)
|
||||
|
||||
call.respondRedirect("$prefix/users")
|
||||
}
|
||||
|
|
@ -243,7 +251,7 @@ fun Route.user() {
|
|||
|
||||
div("form-switch-group") {
|
||||
for (permission in Permission.values()) {
|
||||
val name = permission.germanInfo.toLowerCase()
|
||||
val name = permission.name.toLowerCase()
|
||||
div("form-group form-switch") {
|
||||
input(
|
||||
name = "permission-$name",
|
||||
|
|
@ -259,14 +267,14 @@ fun Route.user() {
|
|||
}
|
||||
label {
|
||||
htmlFor = "permission-$name"
|
||||
+name.capitalize()
|
||||
+permission.germanInfo.toLowerCase().capitalize()
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
div("form-group") {
|
||||
a("$prefix/user") {
|
||||
a("$prefix/users") {
|
||||
button(classes = "form-btn") {
|
||||
+"Abbrechen"
|
||||
}
|
||||
|
|
@ -290,12 +298,7 @@ fun Route.user() {
|
|||
val username = params["username"] ?: return@post
|
||||
val password = params["password"] ?: return@post
|
||||
|
||||
val permissions = Permission.values().mapNotNull { permission ->
|
||||
if (user.checkPermission(permission) && params["permission-${permission.toString().toLowerCase()}"] == "on")
|
||||
permission
|
||||
else
|
||||
null
|
||||
}.toSet()
|
||||
val permissions = parsePermissions(user, params)
|
||||
|
||||
val newUser = User(null, username, hashPassword(password), permissions)
|
||||
|
||||
|
|
@ -320,3 +323,10 @@ fun Route.user() {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
fun parsePermissions(user: User, params: Map<String, String?>): Set<Permission> {
|
||||
return Permission.values().filter { permission ->
|
||||
val name = permission.name.toLowerCase()
|
||||
user.checkPermission(permission) && params["permission-$name"] == "on"
|
||||
}.toSet()
|
||||
}
|
||||
|
|
@ -548,7 +548,7 @@ fun Route.workGroup() {
|
|||
}
|
||||
|
||||
div("form-group") {
|
||||
a("$prefix/workgroup") {
|
||||
a("$prefix/workgroups") {
|
||||
button(classes = "form-btn") {
|
||||
+"Abbrechen"
|
||||
}
|
||||
|
|
@ -844,7 +844,7 @@ fun Route.workGroup() {
|
|||
}
|
||||
|
||||
div("form-group") {
|
||||
a("$prefix/workgroup") {
|
||||
a("$prefix/workgroups") {
|
||||
button(classes = "form-btn") {
|
||||
+"Abbrechen"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -111,7 +111,7 @@ object WikiImporter {
|
|||
}
|
||||
}
|
||||
|
||||
var akLength = 60
|
||||
var akLength = 120
|
||||
|
||||
if (length.isNotBlank()) {
|
||||
val regex = """(\d+) *(h|[Ss]tund|[Ss]lot)""".toRegex()
|
||||
|
|
|
|||
Loading…
Reference in a new issue