diff --git a/src/auth.js b/src/auth.js
index 4d9c86c67fedb7ffe8a900884df3695044175c76..8f15d4cf948d303bf2ad0688e5b7677b71a19176 100644
--- a/src/auth.js
+++ b/src/auth.js
@@ -9,6 +9,9 @@ import config from './resourceConfig.json';
const APISession = {
authenticated: false,
token: '',
+ // user admins are a very special case as the permissions on the resource can only
+ // be seen by requesting users and check whether you see their membership
+ isUserAdmin: false
};
// OAuth Handler
@@ -36,7 +39,7 @@ function checkToken(token) {
amivapi.get('users', {
headers: { 'Content-Type': 'application/json', Authorization: token },
}).then((response) => {
- if (response.status === 200) resolve();
+ if (response.status === 200) resolve(response.data);
else reject();
}).catch(reject);
});
@@ -53,9 +56,15 @@ export function checkAuthenticated() {
console.log(`found this token: ${token}`);
if (token !== '') {
// check of token is valid
- checkToken(token).then(() => {
+ checkToken(token).then((users) => {
APISession.token = token;
APISession.authenticated = true;
+ // if we see the membership of more than 1 person in the response, we
+ // have admin rights on users
+ if (users._items[0].membership && users._items[1].membership) {
+ APISession.isUserAdmin = true;
+ }
+ console.log(APISession);
resolve();
}).catch(resetSession);
} else resetSession();
@@ -89,11 +98,18 @@ export class ResourceHandler {
*/
constructor(resource, searchKeys = false) {
this.resource = resource;
- this.searchKeys = searchKeys || config[resource].searchKeys;
+ // special case for users
+ if (resource === 'users') this.searchKeys = ['firstname', 'lastname', 'nethz'];
+ else this.searchKeys = searchKeys || config[resource].searchKeys;
this.noPatchKeys = [
'_etag', '_id', '_created', '_links', '_updated',
...(config[resource].notPatchableKeys || [])];
- checkAuthenticated();
+ checkAuthenticated().then(() => {
+ // again special case for users
+ if (resource === 'users' && APISession.isUserAdmin) {
+ this.searchKeys = searchKeys || config[resource].searchKeys;
+ }
+ });
}
/*
diff --git a/src/resourceConfig.json b/src/resourceConfig.json
index a2116d00dcd06fa6da0f3ad04208afc7e3983435..253ccd3543c0681a1d44dbf1b024aaa0292ce06d 100644
--- a/src/resourceConfig.json
+++ b/src/resourceConfig.json
@@ -65,7 +65,7 @@
"lastname",
"nethz",
"legi",
- "department"
+ "email"
],
"notPatchableKeys": [
"password_set"
diff --git a/src/users/userTool.js b/src/users/userTool.js
index c4c92128789c92c899af1210b2a8813b829190cb..38355e3d6cbe322686363e88398f2b901df89294 100644
--- a/src/users/userTool.js
+++ b/src/users/userTool.js
@@ -4,7 +4,7 @@ import ViewUser from './viewUser';
import TableView from '../views/tableView';
import { users as config } from '../resourceConfig.json';
import DatalistController from '../listcontroller';
-import ItemController from '../itemcontroller'
+import ItemController from '../itemcontroller';
export class UserItem {
constructor() {
@@ -20,7 +20,7 @@ export class UserItem {
export class UserTable {
constructor() {
- this.ctrl = new DatalistController('users', {}, config.tableKeys);
+ this.ctrl = new DatalistController('users');
}
view() {
return m(TableView, {