Commit 49d4c958 authored by Hermann's avatar Hermann Committed by Sandro Lutz
Browse files

Make UI dependent on User Rights

parent 51dc5a6b
......@@ -12,6 +12,11 @@ const APISession = {
authenticated: false,
token: '',
userID: null,
rights: {
users: [],
joboffers: [],
studydocuments: [],
},
};
const amivapi = axios.create({
......@@ -62,7 +67,16 @@ export function checkAuthenticated() {
APISession.authenticated = true;
APISession.userID = session.user;
console.log(APISession);
resolve();
amivapi.get('/', {
headers: { 'Content-Type': 'application/json', Authorization: token },
}).then((response) => {
const rights = {};
response.data._links.child.forEach(({ href, methods }) => {
rights[href] = methods;
});
APISession.rights = rights;
resolve();
});
}).catch(resetSession);
} else resetSession();
}
......@@ -110,6 +124,10 @@ export function getCurrentUser() {
return APISession.userID;
}
export function getUserRights() {
return APISession.rights;
}
export class ResourceHandler {
/* Handler to get and manipulate resource items
*
......@@ -336,18 +354,12 @@ export class ResourceHandler {
export class OauthRedirect {
view() {
oauth.token.getToken(m.route.get()).then((auth) => {
APISession.authenticated = true;
APISession.token = auth.accessToken;
localStorage.set('token', auth.accessToken);
amivapi.get(`sessions/${auth.accessToken}`, {
headers: { 'Content-Type': 'application/json', Authorization: APISession.token },
}).then((response) => {
console.log(response);
APISession.userID = response.data.user;
checkAuthenticated().then(() => {
// checkAuthenticated will check whetehr the token is valid
// and store all relevant session info for easy access
m.route.set('/');
}).catch(() => {
resetSession();
});
}).catch(resetSession);
});
return 'redirecting...';
}
......
......@@ -73,7 +73,7 @@ export default class GroupList {
style: { display: 'flex', 'flex-wrap': 'wrap' },
}, [
this.groups.map(item => m(GroupListItem, item)),
m('div', {
this.handler.rights.indexOf('POST') > -1 && m('div', {
style: { 'max-width': '500px', margin: '5px' },
onclick: () => { m.route.set('/newgroup'); },
}, m(Card, { content: [{ primary: { title: '+ add' } }] })),
......
......@@ -20,8 +20,9 @@ import { ResourceHandler } from '../auth';
// Helper class to either display the signed up participants or those on the
// waiting list.
class MembersTable {
constructor({ attrs: { group } }) {
constructor({ attrs: { group, hasPatchRights } }) {
this.group_id = group;
this.hasPatchRights = hasPatchRights;
this.ctrl = new RelationlistController('groupmemberships', 'users', { where: { group } });
// true while in the modus of adding a member
this.addmode = false;
......@@ -36,7 +37,7 @@ class MembersTable {
m('div', { style: { width: '18em' } }, `${data.user.firstname} ${data.user.lastname}`),
m('div', { style: { width: '9em' } }, data.user.email),
m('div', { style: { 'flex-grow': '100' } }),
m('div', m(Button, {
this.hasPatchRights && m('div', m(Button, {
// Button to remove this groupmembership
className: 'red-row-button',
borders: false,
......@@ -75,7 +76,7 @@ class MembersTable {
}) : '',
m(Toolbar, { compact: true }, [
m(ToolbarTitle, { text: 'Members' }),
m(Button, {
this.hasPatchRights && m(Button, {
className: 'blue-button',
borders: true,
label: 'add',
......@@ -100,7 +101,7 @@ class MembersTable {
// Table for list of email adresses, both forward_to and receive
class EmailTable {
constructor({ attrs: { onRemove = () => {} } }) {
constructor({ attrs: { onRemove = false } }) {
this.addmode = false;
this.dirty = false;
this.newvalue = '';
......@@ -117,7 +118,7 @@ class EmailTable {
},
}, [
data,
m(Icon, {
this.onRemove && m(Icon, {
style: { 'margin-left': '3px' },
svg: { content: m.trust(icons.clear) },
size: 'small',
......@@ -128,7 +129,7 @@ class EmailTable {
]);
}
view({ attrs: { list, title, style = {}, onSubmit = () => {} } }) {
view({ attrs: { list, title, style = {}, onSubmit = false } }) {
return m(Card, {
style: { height: '200px', ...style },
content: m('div', [
......@@ -163,7 +164,7 @@ class EmailTable {
]) : '',
m(Toolbar, { compact: true }, [
m(ToolbarTitle, { text: title }),
m(Button, {
onSubmit && m(Button, {
className: 'blue-button',
borders: true,
label: 'add',
......@@ -191,9 +192,8 @@ export default class viewGroup extends ItemView {
view() {
// update the reference to the controller data, as this may be refreshed in between
this.data = this.controller.data;
const hasPatchRights = this.data._links.self.methods.indexOf('PATCH') > -1;
const stdMargin = { margin: '5px' };
return this.layout([
// this div is the title line
m('div.maincontainer', [
......@@ -205,7 +205,8 @@ export default class viewGroup extends ItemView {
...stdMargin,
}, 'has a folder on the AMIV Cloud'),
m('div', { style: { display: 'flex' } }, [
this.numMembers && m(Property, { title: 'Members', style: stdMargin }, this.numMembers),
('numMembers' in this) &&
m(Property, { title: 'Members', style: stdMargin }, this.numMembers),
this.data.moderator && m(Property, {
title: 'Moderator',
onclick: () => { m.route.set(`/users/${this.data.moderator._id}`); },
......@@ -222,22 +223,22 @@ export default class viewGroup extends ItemView {
Object.keys(this.data.permissions)
.map(key => m(Property, { title: key }, this.data.permissions[key])),
) : '',
m(MembersTable, { group: this.data._id }),
m(MembersTable, { group: this.data._id, hasPatchRights }),
]),
// the second column contains receive_from and forward_to emails
m('div.viewcontainercolumn', [
m(EmailTable, {
list: this.data.receive_from || [],
title: 'Receiving Email Adresses',
onSubmit: (newItem) => {
onSubmit: hasPatchRights ? (newItem) => {
const oldList = this.data.receive_from || [];
this.controller.patch({
_id: this.data._id,
_etag: this.data._etag,
receive_from: [...oldList, newItem],
});
},
onRemove: (item) => {
} : undefined,
onRemove: hasPatchRights ? (item) => {
const oldList = this.data.receive_from;
// remove the first occurence of the given item-string
const index = oldList.indexOf(item);
......@@ -249,21 +250,21 @@ export default class viewGroup extends ItemView {
receive_from: oldList,
});
}
},
} : undefined,
}),
m(EmailTable, {
list: this.data.forward_to || [],
title: 'Forwards to Email Adresses',
style: { 'margin-top': '10px' },
onSubmit: (newItem) => {
onSubmit: hasPatchRights ? (newItem) => {
const oldList = this.data.forward_to || [];
this.controller.patch({
_id: this.data._id,
_etag: this.data._etag,
forward_to: [...oldList, newItem],
});
},
onRemove: (item) => {
} : undefined,
onRemove: hasPatchRights ? (item) => {
const oldList = this.data.forward_to;
// remove the first occurence of the given item-string
const index = oldList.indexOf(item);
......@@ -275,7 +276,7 @@ export default class viewGroup extends ItemView {
forward_to: oldList,
});
}
},
} : undefined,
}),
]),
]),
......
......@@ -13,7 +13,7 @@ import {
} from 'polythene-mithril';
import { styler } from 'polythene-core-css';
import { icons } from './views/elements';
import { deleteSession } from './auth';
import { deleteSession, getUserRights } from './auth';
import { colors } from './style';
const layoutStyle = [
......@@ -96,6 +96,7 @@ class Menupoint {
export class Layout {
view({ children }) {
const userRights = getUserRights();
return m('div', [
m('div.wrapper-main.smooth', [
m(Toolbar, {
......@@ -122,7 +123,7 @@ export class Layout {
header: { title: 'Menu' },
hoverable: true,
tiles: [
m(Menupoint, {
userRights.users.indexOf('POST') > -1 && m(Menupoint, {
href: '/users',
icon: icons.iconUsersSVG,
title: 'Users',
......@@ -137,12 +138,12 @@ export class Layout {
icon: icons.group,
title: 'Groups',
}),
m(Menupoint, {
userRights.joboffers.indexOf('POST') > -1 && m(Menupoint, {
href: '/joboffers',
icon: icons.iconJobsSVG,
title: 'Job offers',
}),
m(Menupoint, {
userRights.studydocuments.indexOf('PATCH') > -1 && m(Menupoint, {
href: '/studydocuments',
icon: icons.studydoc,
title: 'Studydocs',
......
......@@ -57,7 +57,9 @@ export default class ItemView {
this.data = this.controller.data;
return m('div', [
m(Toolbar, [
m('div', { style: { width: 'calc(100% - 48px)' } }, m('div.pe-button-row', [
this.handler.rights.indexOf('PATCH') > -1 && m('div', {
style: { width: 'calc(100% - 48px)' },
}, m('div.pe-button-row', [
m(Button, {
element: 'div',
className: 'itemView-edit-button',
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment