Patrick
/
Stundenaufzeichnung
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Implemented permissions and user administration #2

Merged
Patrick merged 17 commits from dev into main 2025-08-25 17:33:06 +02:00
Conversation 0 Commits 17 Files Changed 12 +15 -10
2 changed files with 15 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit b2e6f059a6 - Show all commits

10
src/routes/user/+page.server.ts
View File

@ -21,7 +21,7 @@ export const load: PageServerLoad = ({ locals, url }) => {
if (url.searchParams.has("user")) { if (url.searchParams.has("user")) {
if (!Permissions.has(locals.user.permissions, Permissions.USERADMIN.VIEW)) { if (!Permissions.has(locals.user.permissions, Permissions.USERADMIN.VIEW)) {
//return fail(403, { message: "Insufficient Permissions" }) return fail(403, { message: "Insufficient Permissions" })
} }
let user_id = toInt(url.searchParams.get("user") ?? "") let user_id = toInt(url.searchParams.get("user") ?? "")
@ -69,14 +69,14 @@ export const actions = {
if (locals.user.id != id if (locals.user.id != id
&& (!Permissions.has(locals.user.permissions, Permissions.USERADMIN.EDIT) && (!Permissions.has(locals.user.permissions, Permissions.USERADMIN.EDIT)
|| ((password1 != null || password2 != null) && !Permissions.has(locals.user.permissions, Permissions.USERADMIN.EDIT_PASSWORD)))) { || ((password1 != null || password2 != null) && !Permissions.has(locals.user.permissions, Permissions.USERADMIN.EDIT_PASSWORD)))) {
return fail(403, { message: "Unauthorized action" }) //return fail(403, { message: "Unauthorized action" })
} }
if ((password1 != null || password2 != null)) { if (password1 != null && password2 != null && password1.length > 0 && password2.length > 0) {
if (password1 != password2) { if (password1 != password2) {
return fail(400, { message: "Passwörter müssen übereinstimmen" }) return fail(400, { message: "Passwörter müssen übereinstimmen" })
} }
const result = change_password(id, password1!) const result = change_password(id, password1)
if (!result) { if (!result) {
return fail(500, { message: "Database failure"}) return fail(500, { message: "Database failure"})
} }
@ -85,7 +85,7 @@ export const actions = {
const updated_user = updateUser({id, name, gender, address, username}) const updated_user = updateUser({id, name, gender, address, username})
SessionStore.reload_user_data(updated_user ?? locals.user) SessionStore.reload_user_data(updated_user ?? locals.user)
return {} return { message: "Erfolgreich gespeichert" }
} }
} satisfies Actions } satisfies Actions

11
src/routes/user/+page.svelte
View File

@ -2,12 +2,17 @@
import type { PageProps } from "./$types" import type { PageProps } from "./$types"
import { enhance } from "$app/forms" import { enhance } from "$app/forms"
import { page } from "$app/state"
const { data, form }: PageProps = $props() const { data, form }: PageProps = $props()
$inspect(data)
</script> </script>
<form method="POST" id="form_edit" action="?/edit" use:enhance> <form method="POST" id="form_edit" action={`?/edit&${page.url.searchParams.toString()}`} use:enhance={() => {
return async ({update}) => { update({ reset: false }) }
}}>
<input type="hidden" name="id" value={data.user.id} /> <input type="hidden" name="id" value={data.user.id} />
<div class="root"> <div class="root">
@ -32,8 +37,8 @@
<tr> <tr>
<td>Geschlecht</td> <td>Geschlecht</td>
<td><select name="gender"> <td><select name="gender">
<option>M</option> <option selected={ data.user?.gender === "M" }>M</option>
<option>W</option></select> <option selected={ data.user?.gender === "W" }>W</option></select>
</td> </td>
</tr> </tr>
<tr> <tr>