Update sample user admin to user authority, add revoke role to auth
This commit is contained in:
parent
43f3ad986e
commit
d431963181
5 changed files with 175 additions and 3 deletions
|
@ -19,6 +19,29 @@ import (
|
|||
|
||||
func AdminUsersList(c *core.Context) *core.Response {
|
||||
|
||||
// initiate authority
|
||||
auth := new(utils.Authority)
|
||||
var session = new(utils.SessionUser)
|
||||
// true if session is active
|
||||
hassession := session.Init(c)
|
||||
|
||||
if !hassession {
|
||||
type emptytemplate struct{}
|
||||
emptyData := emptytemplate{}
|
||||
return c.Response.Template("nopermission.html", emptyData)
|
||||
}
|
||||
|
||||
session_uid := session.GetUserID()
|
||||
// check if user has role admin
|
||||
is_admin, _ := auth.CheckUserRole(c, session_uid, "admin")
|
||||
|
||||
if !is_admin {
|
||||
type emptytemplate struct{}
|
||||
emptyData := emptytemplate{}
|
||||
return c.Response.Template("nopermission.html", emptyData)
|
||||
}
|
||||
|
||||
// continue if has session and is admin
|
||||
var users []models.User
|
||||
db := c.GetGorm()
|
||||
db.Find(&users)
|
||||
|
@ -46,6 +69,10 @@ func AdminUsersList(c *core.Context) *core.Response {
|
|||
Value: "Email",
|
||||
ValueType: "string",
|
||||
},
|
||||
{
|
||||
Value: "Roles",
|
||||
ValueType: "string",
|
||||
},
|
||||
{
|
||||
Value: "Created",
|
||||
},
|
||||
|
@ -57,13 +84,26 @@ func AdminUsersList(c *core.Context) *core.Response {
|
|||
},
|
||||
}
|
||||
|
||||
var listroles string
|
||||
rows := make([][]components.ContentTableTD, len(users))
|
||||
for i, u := range users {
|
||||
|
||||
roles, _ := auth.GetUserRoles(c, u.ID)
|
||||
listroles = ""
|
||||
|
||||
for _, role := range roles {
|
||||
if listroles != "" {
|
||||
listroles += ", "
|
||||
}
|
||||
listroles += role.Name
|
||||
}
|
||||
|
||||
row := []components.ContentTableTD{
|
||||
{Value: strconv.Itoa(int(u.ID))},
|
||||
{Value: u.Name},
|
||||
{Value: u.Fullname},
|
||||
{Value: u.Email},
|
||||
{Value: listroles},
|
||||
{Value: utils.FormatUnix(u.Created)},
|
||||
{Value: utils.FormatUnix(u.Updated)},
|
||||
{Value: components.ContentHref{
|
||||
|
@ -93,10 +133,44 @@ func AdminUsersList(c *core.Context) *core.Response {
|
|||
|
||||
func AdminUsersAdd(c *core.Context) *core.Response {
|
||||
|
||||
// initiate authority
|
||||
auth := new(utils.Authority)
|
||||
var session = new(utils.SessionUser)
|
||||
// true if session is active
|
||||
hassession := session.Init(c)
|
||||
|
||||
if !hassession {
|
||||
type emptytemplate struct{}
|
||||
emptyData := emptytemplate{}
|
||||
return c.Response.Template("nopermission.html", emptyData)
|
||||
}
|
||||
|
||||
session_uid := session.GetUserID()
|
||||
// check if user has role admin
|
||||
is_admin, _ := auth.CheckUserRole(c, session_uid, "admin")
|
||||
|
||||
if !is_admin {
|
||||
type emptytemplate struct{}
|
||||
emptyData := emptytemplate{}
|
||||
return c.Response.Template("nopermission.html", emptyData)
|
||||
}
|
||||
|
||||
// check if is submit
|
||||
submit := c.GetRequestParam("submit").(string)
|
||||
|
||||
errormessages := make([]string, 0)
|
||||
var listroles []components.FormCheckboxItem
|
||||
systemroles, _ := auth.GetAllRoles(c)
|
||||
|
||||
for _, systemrole := range systemroles {
|
||||
var userrole components.FormCheckboxItem
|
||||
userrole.Label = systemrole.Name
|
||||
userrole.Name = "roles"
|
||||
userrole.Value = systemrole.Slug
|
||||
if systemrole.Slug == "authenticated" {
|
||||
userrole.IsChecked = true
|
||||
}
|
||||
listroles = append(listroles, userrole)
|
||||
}
|
||||
|
||||
name := ""
|
||||
fullname := ""
|
||||
|
@ -109,6 +183,7 @@ func AdminUsersAdd(c *core.Context) *core.Response {
|
|||
fullname = c.GetRequestParam("fullname").(string)
|
||||
email = c.GetRequestParam("email").(string)
|
||||
password = c.GetRequestParam("password").(string)
|
||||
roles := c.GetRequesForm("roles").([]string)
|
||||
|
||||
// check if email exists
|
||||
var user models.User
|
||||
|
@ -161,6 +236,11 @@ func AdminUsersAdd(c *core.Context) *core.Response {
|
|||
errormessages = append(errormessages, res.Error.Error())
|
||||
} else {
|
||||
|
||||
// assign roles
|
||||
for _, role := range roles {
|
||||
auth.AssignRoleToUser(c, user.ID, role)
|
||||
}
|
||||
|
||||
// fire user registered event
|
||||
err := c.GetEventsManager().Fire(&core.Event{Name: events.USER_REGISTERED, Payload: map[string]interface{}{
|
||||
"user": user,
|
||||
|
@ -180,6 +260,7 @@ func AdminUsersAdd(c *core.Context) *core.Response {
|
|||
FieldName components.FormInput
|
||||
FieldFullname components.FormInput
|
||||
FieldEmail components.FormInput
|
||||
FieldRoles components.FormCheckbox
|
||||
FieldPassword components.FormInput
|
||||
ErrorMessages []string
|
||||
SubmitButton components.FormButton
|
||||
|
@ -208,6 +289,10 @@ func AdminUsersAdd(c *core.Context) *core.Response {
|
|||
//Autocomplete: true,
|
||||
IsRequired: true,
|
||||
},
|
||||
FieldRoles: components.FormCheckbox{
|
||||
Label: "Roles",
|
||||
AllCheckbox: listroles,
|
||||
},
|
||||
FieldPassword: components.FormInput{
|
||||
ID: "password",
|
||||
Label: "Password",
|
||||
|
@ -236,6 +321,29 @@ func AdminUsersEdit(c *core.Context) *core.Response {
|
|||
user_id := c.GetPathParam("id")
|
||||
|
||||
errormessages := make([]string, 0)
|
||||
// initiate authority
|
||||
auth := new(utils.Authority)
|
||||
|
||||
var listroles []components.FormCheckboxItem
|
||||
|
||||
systemroles, _ := auth.GetAllRoles(c)
|
||||
user_id_uint, _ := strconv.ParseUint(user_id.(string), 10, 32)
|
||||
|
||||
userroles, _ := auth.GetUserRoles(c, uint(user_id_uint))
|
||||
|
||||
for _, systemrole := range systemroles {
|
||||
var userrole components.FormCheckboxItem
|
||||
userrole.Label = systemrole.Name
|
||||
userrole.Name = "roles"
|
||||
userrole.Value = systemrole.Slug
|
||||
for _, ur := range userroles {
|
||||
if ur.Slug == systemrole.Slug {
|
||||
userrole.IsChecked = true
|
||||
break
|
||||
}
|
||||
}
|
||||
listroles = append(listroles, userrole)
|
||||
}
|
||||
|
||||
var origin_user models.User
|
||||
|
||||
|
@ -259,6 +367,7 @@ func AdminUsersEdit(c *core.Context) *core.Response {
|
|||
fullname = c.GetRequestParam("fullname").(string)
|
||||
email = c.GetRequestParam("email").(string)
|
||||
password = c.GetRequestParam("password").(string)
|
||||
roles := c.GetRequesForm("roles").([]string)
|
||||
key := c.GetRequestParam("key")
|
||||
|
||||
// check if email exists
|
||||
|
@ -316,6 +425,14 @@ func AdminUsersEdit(c *core.Context) *core.Response {
|
|||
c.GetLogger().Error("Admin user: error updating")
|
||||
errormessages = append(errormessages, fmt.Sprintf("Error updating user %s:", user_id_string))
|
||||
} else {
|
||||
|
||||
// delete roles
|
||||
auth.RevokeAllUserRole(c, origin_user.ID)
|
||||
// assign roles
|
||||
for _, role := range roles {
|
||||
auth.AssignRoleToUser(c, origin_user.ID, role)
|
||||
}
|
||||
|
||||
return c.Response.Redirect("/admin/users")
|
||||
}
|
||||
}
|
||||
|
@ -325,6 +442,7 @@ func AdminUsersEdit(c *core.Context) *core.Response {
|
|||
FieldName components.FormInput
|
||||
FieldFullname components.FormInput
|
||||
FieldEmail components.FormInput
|
||||
FieldRoles components.FormCheckbox
|
||||
FieldPassword components.FormInput
|
||||
FieldKey components.FormInput
|
||||
ErrorMessages []string
|
||||
|
@ -355,6 +473,10 @@ func AdminUsersEdit(c *core.Context) *core.Response {
|
|||
//Autocomplete: true,
|
||||
IsRequired: true,
|
||||
},
|
||||
FieldRoles: components.FormCheckbox{
|
||||
Label: "Roles",
|
||||
AllCheckbox: listroles,
|
||||
},
|
||||
FieldPassword: components.FormInput{
|
||||
ID: "password",
|
||||
Label: "Password",
|
||||
|
@ -461,6 +583,9 @@ func AdminUsersDelConfirm(c *core.Context) *core.Response {
|
|||
// check if is the seed user
|
||||
seed := "1"
|
||||
if user_id != seed {
|
||||
|
||||
// initiate authority
|
||||
auth := new(utils.Authority)
|
||||
// Delete the user
|
||||
// fire user delete event
|
||||
err := c.GetEventsManager().Fire(&core.Event{Name: events.USER_DELETED, Payload: map[string]interface{}{
|
||||
|
@ -469,6 +594,7 @@ func AdminUsersDelConfirm(c *core.Context) *core.Response {
|
|||
if err != nil {
|
||||
c.GetLogger().Error(err.Error())
|
||||
}
|
||||
auth.RevokeAllUserRole(c, origin_user.ID)
|
||||
result_db.Unscoped().Delete(&origin_user)
|
||||
}
|
||||
}
|
||||
|
|
|
@ -15,7 +15,8 @@
|
|||
<form method="POST" id="add_user" action="/admin/users/add">
|
||||
{{template "form_input" .FieldName}}
|
||||
{{template "form_input" .FieldFullname}}
|
||||
{{template "form_input" .FieldEmail}}
|
||||
{{template "form_input" .FieldEmail}}
|
||||
{{template "form_checkbox" .FieldRoles}}
|
||||
{{template "form_input" .FieldPassword}}
|
||||
<hr>
|
||||
{{template "form_button" .SubmitButton}}
|
||||
|
|
|
@ -15,7 +15,8 @@
|
|||
<form method="POST" id="add_user" action="/admin/users/edit/{{.FieldKey.Value}}">
|
||||
{{template "form_input" .FieldName}}
|
||||
{{template "form_input" .FieldFullname}}
|
||||
{{template "form_input" .FieldEmail}}
|
||||
{{template "form_input" .FieldEmail}}
|
||||
{{template "form_checkbox" .FieldRoles}}
|
||||
{{template "form_input" .FieldPassword}}
|
||||
{{template "form_input" .FieldKey}}
|
||||
{{template "form_button" .SubmitButton}}
|
||||
|
|
12
storage/templates/nopermission.html
Normal file
12
storage/templates/nopermission.html
Normal file
|
@ -0,0 +1,12 @@
|
|||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
{{template "page_head" "No permission"}}
|
||||
<body>
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
You do not have permission to visit this page.
|
||||
</div>
|
||||
</div>
|
||||
{{template "page_footer"}}
|
||||
</body>
|
||||
</html>
|
|
@ -265,6 +265,38 @@ func (a *Authority) RevokeRolePermission(c *core.Context, roleSlug string, permS
|
|||
return nil
|
||||
}
|
||||
|
||||
// Revokes a user's role
|
||||
func (a *Authority) RevokeUserRole(c *core.Context, userID uint, roleSlug string) error {
|
||||
// find the role
|
||||
var role models.Role
|
||||
res := c.GetGorm().Where("slug = ?", roleSlug).First(&role)
|
||||
if res.Error != nil {
|
||||
if errors.Is(res.Error, gorm.ErrRecordNotFound) {
|
||||
return ErrRoleNotFound
|
||||
}
|
||||
return res.Error
|
||||
}
|
||||
|
||||
// revoke the role
|
||||
rRes := c.GetGorm().Where("user_id = ?", userID).Where("role_id = ?", role.ID).Delete(models.UserRole{})
|
||||
if rRes.Error != nil {
|
||||
return rRes.Error
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// Revokes all user's role
|
||||
func (a *Authority) RevokeAllUserRole(c *core.Context, userID uint) error {
|
||||
// revoke the role
|
||||
rRes := c.GetGorm().Where("user_id = ?", userID).Delete(models.UserRole{})
|
||||
if rRes.Error != nil {
|
||||
return rRes.Error
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// Returns all stored roles
|
||||
func (a *Authority) GetAllRoles(c *core.Context) ([]models.Role, error) {
|
||||
var roles []models.Role
|
||||
|
|
Loading…
Reference in a new issue