added permissions to user creation
This commit is contained in:
parent
d5fe38fbef
commit
1476289722
|
|
@ -8,6 +8,8 @@ import { init_db, close_db, create_user, do_users_exist } from "$lib/server/data
|
|||
|
||||
import Logs from "$lib/server/log";
|
||||
|
||||
import Permissions from "$lib/permissions"
|
||||
|
||||
let local_setup: {user_setup: (() => void) | ((username: string, password: string) => void) }= {
|
||||
user_setup: async () => {}
|
||||
}
|
||||
|
|
@ -31,7 +33,7 @@ async function init() {
|
|||
local_setup.user_setup = async (username: string, password: string) => {
|
||||
Logs.user.info("Creating first user")
|
||||
|
||||
await create_user({name: "name", gender: "x", address: "home", username: username, password: password });
|
||||
await create_user({ name: "", gender: "", address: "", username: username, password: password, permissions: Permissions.ALL(Permissions.USERADMIN) });
|
||||
|
||||
local_setup.user_setup = async () => {}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -73,6 +73,9 @@ const USER_DATABASE_SETUP: string[] = [
|
|||
const USER_DATABASE_ADD_USER: string =
|
||||
"INSERT INTO users (name, gender, address, username, password) VALUES ($name, $gender, $address, $username, $password);";
|
||||
|
||||
const USER_DATABASE_ADD_USER_WITH_PERMISSIONS: string =
|
||||
"INSERT INTO users (name, gender, address, username, password, permissions) VALUES ($name, $gender, $address, $username, $password, $permissions);";
|
||||
|
||||
const USER_DATABASE_GET_ALL_USER: string =
|
||||
"SELECT id, username, name FROM users;";
|
||||
|
||||
|
|
@ -422,11 +425,14 @@ export function close_db() {
|
|||
}
|
||||
}
|
||||
|
||||
export async function create_user(user: { name: string, gender: string, address: string, username: string, password: string }): Promise<number | bigint> {
|
||||
export async function create_user(user: { name: string, gender: string, address: string, username: string, password: string, permissions?: number }): Promise<number | bigint> {
|
||||
|
||||
user.password = await Bun.password.hash(user.password, { algorithm: "bcrypt", cost: 11});
|
||||
|
||||
const statement = user.permissions != null
|
||||
? user_database.query(USER_DATABASE_ADD_USER_WITH_PERMISSIONS)
|
||||
: user_database.query(USER_DATABASE_ADD_USER);
|
||||
|
||||
const statement = user_database.query(USER_DATABASE_ADD_USER);
|
||||
const result = statement.run(user);
|
||||
|
||||
return result.lastInsertRowid;
|
||||
|
|
|
|||
|
|
@ -81,6 +81,15 @@ export const actions = {
|
|||
if (isNaN(id) || name == null || gender == null || address == null || username == null || ua_permissions.some((permission) => isNaN(permission))) {
|
||||
return fail(400, { message: "invalid request" })
|
||||
}
|
||||
|
||||
let permissions = null
|
||||
if (ua_permissions.length > 0) {
|
||||
permissions = ua_permissions.reduce((pv, cv) => pv | cv)
|
||||
|
||||
if (locals.user.id == id && locals.user.permissions != permissions) {
|
||||
return fail(403, { message: "Cannot modify permissions for oneself" })
|
||||
}
|
||||
}
|
||||
|
||||
if (id == -1) {
|
||||
if (!Permissions.has(locals.user.permissions, Permissions.USERADMIN.CREATE)) {
|
||||
|
|
@ -101,7 +110,11 @@ export const actions = {
|
|||
|
||||
let new_user: number | bigint = -1
|
||||
try {
|
||||
new_user = await create_user({ name, gender, address, username, password: password1 })
|
||||
if (permissions && Permissions.has(locals.user.permissions, Permissions.USERADMIN.ADMIN)) {
|
||||
new_user = await create_user({ name, gender, address, username, password: password1, permissions: permissions})
|
||||
} else {
|
||||
new_user = await create_user({ name, gender, address, username, password: password1 })
|
||||
}
|
||||
} catch (e) {
|
||||
if (e instanceof SQLiteError && e.code == "SQLITE_CONSTRAINT_UNIQUE") {
|
||||
return fail(400, { message: "Benutzername ist bereits vergeben" })
|
||||
|
|
@ -131,17 +144,13 @@ export const actions = {
|
|||
return fail(500, { message: "Database failure"})
|
||||
}
|
||||
}
|
||||
|
||||
let permissions = null
|
||||
if (ua_permissions.length > 0) {
|
||||
permissions = ua_permissions.reduce((pv, cv) => pv | cv)
|
||||
|
||||
if (locals.user.id == id && locals.user.permissions != permissions) {
|
||||
return fail(403, { message: "Cannot modify permissions for oneself" })
|
||||
}
|
||||
let updated_user
|
||||
if (permissions) {
|
||||
updated_user = updateUser({ id, name, gender, address, username, permissions})
|
||||
} else {
|
||||
updated_user = updateUser({ id, name, gender, address, username })
|
||||
}
|
||||
|
||||
const updated_user = updateUser({id, name, gender, address, username, permissions})
|
||||
SessionStore.reload_user_data(updated_user ?? locals.user)
|
||||
|
||||
return { message: "Erfolgreich gespeichert" }
|
||||
|
|
|
|||
Loading…
Reference in New Issue