Ehrenamt/ff-admin-server
2
0
Fork 0
Code Issues 13 Pull requests Projects Releases 24 Packages Wiki Activity Actions

Compare commits

base: Ehrenamt:9a1f4a298577ca5c2a66c38f5e1f413dac0ca464
Branches Tags
Ehrenamt:main
Ehrenamt:feature/#70-static-user-login
Ehrenamt:develop
Ehrenamt:anton/importFromOld
Ehrenamt:anton/export_db
Ehrenamt:v1.4.2
Ehrenamt:v1.4.1
Ehrenamt:v1.4.0
Ehrenamt:v1.3.12
Ehrenamt:v1.3.11
Ehrenamt:v1.3.10
Ehrenamt:v1.3.9
Ehrenamt:v1.3.8
Ehrenamt:v1.3.7
Ehrenamt:v1.3.6
Ehrenamt:v1.3.5
Ehrenamt:v1.3.4
Ehrenamt:v1.3.3
Ehrenamt:v1.3.2
Ehrenamt:v1.3.1
Ehrenamt:v1.3.0
Ehrenamt:v1.2.2
Ehrenamt:v1.2.1
Ehrenamt:v1.2.0
Ehrenamt:v1.1.1
Ehrenamt:v1.1.0
Ehrenamt:v1.0.2
Ehrenamt:v1.0.1
Ehrenamt:v1.0.0
Ehrenamt:v0.0.12
Ehrenamt:v0.0.11
Ehrenamt:v0.0.10
Ehrenamt:v0.0.9
Ehrenamt:v0.0.8
Ehrenamt:v0.0.7
Ehrenamt:v0.0.6
Ehrenamt:v0.0.5
Ehrenamt:v0.0.4
Ehrenamt:v0.0.3
Ehrenamt:v0.0.2
..
compare: Ehrenamt:b7b6694407f40c5710659cdbb28c1f76ddd7ded4
Branches Tags
Ehrenamt:feature/#70-static-user-login
Ehrenamt:develop
Ehrenamt:main
Ehrenamt:anton/importFromOld
Ehrenamt:anton/export_db
Ehrenamt:v1.4.2
Ehrenamt:v1.4.1
Ehrenamt:v1.4.0
Ehrenamt:v1.3.12
Ehrenamt:v1.3.11
Ehrenamt:v1.3.10
Ehrenamt:v1.3.9
Ehrenamt:v1.3.8
Ehrenamt:v1.3.7
Ehrenamt:v1.3.6
Ehrenamt:v1.3.5
Ehrenamt:v1.3.4
Ehrenamt:v1.3.3
Ehrenamt:v1.3.2
Ehrenamt:v1.3.1
Ehrenamt:v1.3.0
Ehrenamt:v1.2.2
Ehrenamt:v1.2.1
Ehrenamt:v1.2.0
Ehrenamt:v1.1.1
Ehrenamt:v1.1.0
Ehrenamt:v1.0.2
Ehrenamt:v1.0.1
Ehrenamt:v1.0.0
Ehrenamt:v0.0.12
Ehrenamt:v0.0.11
Ehrenamt:v0.0.10
Ehrenamt:v0.0.9
Ehrenamt:v0.0.8
Ehrenamt:v0.0.7
Ehrenamt:v0.0.6
Ehrenamt:v0.0.5
Ehrenamt:v0.0.4
Ehrenamt:v0.0.3
Ehrenamt:v0.0.2

No commits in common. "9a1f4a298577ca5c2a66c38f5e1f413dac0ca464" and "b7b6694407f40c5710659cdbb28c1f76ddd7ded4" have entirely different histories.
9a1f4a2985 ... b7b6694407

9 changed files with 30 additions and 188 deletions
Show stats Expand all files Collapse all files

3
src/entity/club/calendar.ts
View file

@ -43,9 +43,6 @@ export class calendar {
@UpdateDateColumn() @UpdateDateColumn()
updatedAt: Date; updatedAt: Date;
@Column({ type: "varchar", nullable: true, default: null, unique: true })
webpageId: string;
@ManyToOne(() => calendarType, (t) => t.calendar, { @ManyToOne(() => calendarType, (t) => t.calendar, {
nullable: false, nullable: false,
onDelete: "RESTRICT", onDelete: "RESTRICT",

5
src/entity/settings/calendarType.ts
View file

@ -9,7 +9,7 @@ export class calendarType {
@Column({ type: "varchar", length: 255, unique: true }) @Column({ type: "varchar", length: 255, unique: true })
type: string; type: string;
@Column({ type: "boolean", default: false }) // none specified cal dav request @Column({ type: "boolean" }) // none specified cal dav request
nscdr: boolean; nscdr: boolean;
@Column({ type: "varchar", length: 255 }) @Column({ type: "varchar", length: 255 })
@ -18,9 +18,6 @@ export class calendarType {
@Column({ type: "varchar", length: 255, nullable: true, default: null }) @Column({ type: "varchar", length: 255, nullable: true, default: null })
passphrase: string | null; passphrase: string | null;
@Column({ type: "boolean", default: false })
sendToWebpage: boolean;
@OneToMany(() => calendar, (c) => c.type, { @OneToMany(() => calendar, (c) => c.type, {
nullable: false, nullable: false,
onDelete: "RESTRICT", onDelete: "RESTRICT",

3
src/entity/user/user.ts
View file

@ -22,9 +22,6 @@ export class user {
@Column({ type: "varchar", length: 255 }) @Column({ type: "varchar", length: 255 })
secret: string; secret: string;
@Column({ type: "boolean", default: false })
static: boolean;
@Column({ type: "boolean", default: false }) @Column({ type: "boolean", default: false })
isOwner: boolean; isOwner: boolean;

7
src/helpers/backupHelper.ts
View file

@ -21,7 +21,8 @@ export type BackupSectionRefered = {
}; };
export type BackupFileContent = { [key in BackupSection]?: BackupFileContentSection } & { export type BackupFileContent = { [key in BackupSection]?: BackupFileContentSection } & {
backup_file_details: { collectIds: boolean; createdAt: Date; version: 1 }; collectIds: boolean;
version: 1;
}; };
export type BackupFileContentSection = Array<any> | { [key: string]: Array<any> }; export type BackupFileContentSection = Array<any> | { [key: string]: Array<any> };
@ -89,7 +90,7 @@ export default abstract class BackupHelper {
filename = new Date().toISOString().split("T")[0]; filename = new Date().toISOString().split("T")[0];
} }
let json: BackupFileContent = { backup_file_details: { collectIds, createdAt: new Date(), version: 1 } }; let json: BackupFileContent = { collectIds, version: 1 };
for (const section of this.backupSection) { for (const section of this.backupSection) {
json[section.type] = await this.getSectionData(section.type, collectIds); json[section.type] = await this.getSectionData(section.type, collectIds);
} }
@ -130,7 +131,7 @@ export default abstract class BackupHelper {
for (const section of sections for (const section of sections
.filter((s) => Object.keys(backup).includes(s.type)) .filter((s) => Object.keys(backup).includes(s.type))
.sort((a, b) => a.orderOnInsert - b.orderOnInsert)) { .sort((a, b) => a.orderOnInsert - b.orderOnInsert)) {
await this.setSectionData(section.type, backup[section.type], backup.backup_file_details.collectIds ?? false); await this.setSectionData(section.type, backup[section.type], backup.collectIds ?? false);
} }
this.transactionManager = undefined; this.transactionManager = undefined;

77
src/helpers/permissionHelper.ts
View file

@ -32,19 +32,6 @@ export default class PermissionHelper {
return false; return false;
} }
static canSome(
permissions: PermissionObject,
checks: Array<{
requiredPermissions: PermissionType | "admin";
section: PermissionSection;
module?: PermissionModule;
}>
) {
checks.reduce<boolean>((prev, curr) => {
return prev || this.can(permissions, curr.requiredPermissions, curr.section, curr.module);
}, false);
}
static canSection( static canSection(
permissions: PermissionObject, permissions: PermissionObject,
type: PermissionType | "admin", type: PermissionType | "admin",
@ -61,18 +48,6 @@ export default class PermissionHelper {
return false; return false;
} }
static canSomeSection(
permissions: PermissionObject,
checks: Array<{
requiredPermissions: PermissionType | "admin";
section: PermissionSection;
}>
): boolean {
return checks.reduce<boolean>((prev, curr) => {
return prev || this.can(permissions, curr.requiredPermissions, curr.section);
}, false);
}
static passCheckMiddleware( static passCheckMiddleware(
requiredPermissions: PermissionType | "admin", requiredPermissions: PermissionType | "admin",
section: PermissionSection, section: PermissionSection,
@ -85,29 +60,11 @@ export default class PermissionHelper {
if (isOwner || this.can(permissions, requiredPermissions, section, module)) { if (isOwner || this.can(permissions, requiredPermissions, section, module)) {
next(); next();
} else { } else {
throw new ForbiddenRequestException(`missing permission for ${section}.${module}.${requiredPermissions}`); throw new ForbiddenRequestException(
} `missing permission for ${section}.${module}.${
}; Array.isArray(requiredPermissions) ? requiredPermissions.join("|") : requiredPermissions
} }`
);
static passCheckSomeMiddleware(
checks: Array<{
requiredPermissions: PermissionType | "admin";
section: PermissionSection;
module?: PermissionModule;
}>
): (req: Request, res: Response, next: Function) => void {
return (req: Request, res: Response, next: Function) => {
const permissions = req.permissions;
const isOwner = req.isOwner;
if (isOwner || this.canSome(permissions, checks)) {
next();
} else {
let permissionsToPass = checks.reduce<string>((prev, curr) => {
return prev + (prev != " or " ? "" : "") + `${curr.section}.${curr.module}.${curr.requiredPermissions}`;
}, "");
throw new ForbiddenRequestException(`missing permission for ${permissionsToPass}`);
} }
}; };
} }
@ -123,25 +80,11 @@ export default class PermissionHelper {
if (isOwner || this.canSection(permissions, requiredPermissions, section)) { if (isOwner || this.canSection(permissions, requiredPermissions, section)) {
next(); next();
} else { } else {
throw new ForbiddenRequestException(`missing permission for ${section}.${module}.${requiredPermissions}`); throw new ForbiddenRequestException(
} `missing permission for ${section}.${module}.${
}; Array.isArray(requiredPermissions) ? requiredPermissions.join("|") : requiredPermissions
} }`
);
static sectionPassCheckSomeMiddleware(
checks: Array<{ requiredPermissions: PermissionType | "admin"; section: PermissionSection }>
): (req: Request, res: Response, next: Function) => void {
return (req: Request, res: Response, next: Function) => {
const permissions = req.permissions;
const isOwner = req.isOwner;
if (isOwner || this.canSomeSection(permissions, checks)) {
next();
} else {
let permissionsToPass = checks.reduce<string>((prev, curr) => {
return prev + (prev != " or " ? "" : "") + `${curr.section}.${curr.requiredPermissions}`;
}, "");
throw new ForbiddenRequestException(`missing permission for ${permissionsToPass}`);
} }
}; };
} }

1
src/migrations/baseSchemaTables/admin.ts
View file

@ -59,7 +59,6 @@ export const user_table = new Table({
{ name: "firstname", type: getTypeByORM("varchar"), length: "255", isNullable: false }, { name: "firstname", type: getTypeByORM("varchar"), length: "255", isNullable: false },
{ name: "lastname", type: getTypeByORM("varchar"), length: "255", isNullable: false }, { name: "lastname", type: getTypeByORM("varchar"), length: "255", isNullable: false },
{ name: "secret", type: getTypeByORM("varchar"), length: "255", isNullable: false }, { name: "secret", type: getTypeByORM("varchar"), length: "255", isNullable: false },
{ name: "static", type: getTypeByORM("boolean"), isNullable: false, default: false },
{ name: "isOwner", type: getTypeByORM("boolean"), isNullable: false, default: false }, { name: "isOwner", type: getTypeByORM("boolean"), isNullable: false, default: false },
], ],
}); });

11
src/migrations/baseSchemaTables/calendar.ts
View file

@ -6,10 +6,9 @@ export const calendar_type_table = new Table({
columns: [ columns: [
{ name: "id", type: getTypeByORM("int"), isPrimary: true, isGenerated: true, generationStrategy: "increment" }, { name: "id", type: getTypeByORM("int"), isPrimary: true, isGenerated: true, generationStrategy: "increment" },
{ name: "type", type: getTypeByORM("varchar"), length: "255", isUnique: true, isNullable: false }, { name: "type", type: getTypeByORM("varchar"), length: "255", isUnique: true, isNullable: false },
{ name: "nscdr", type: getTypeByORM("boolean"), isNullable: false, default: false }, { name: "nscdr", type: getTypeByORM("boolean"), isNullable: false },
{ name: "color", type: getTypeByORM("varchar"), length: "255", isNullable: false }, { name: "color", type: getTypeByORM("varchar"), length: "255", isNullable: false },
{ name: "passphrase", type: getTypeByORM("varchar"), length: "255", isNullable: true }, { name: "passphrase", type: getTypeByORM("varchar"), length: "255", isNullable: true },
{ name: "sendToWebpage", type: getTypeByORM("boolean"), isNullable: false, default: false },
], ],
}); });
@ -46,14 +45,6 @@ export const calendar_table = new Table({
default: "CURRENT_TIMESTAMP(6)", default: "CURRENT_TIMESTAMP(6)",
onUpdate: "CURRENT_TIMESTAMP(6)", onUpdate: "CURRENT_TIMESTAMP(6)",
}, },
{
name: "webpageId",
type: getTypeByORM("varchar"),
length: "255",
isNullable: true,
default: null,
isUnique: true,
},
{ name: "typeId", type: getTypeByORM("int"), isNullable: false }, { name: "typeId", type: getTypeByORM("int"), isNullable: false },
], ],
foreignKeys: [ foreignKeys: [

104
src/routes/admin/index.ts
View file

@ -27,120 +27,42 @@ import preventWebapiAccess from "../../middleware/preventWebApiAccess";
var router = express.Router({ mergeParams: true }); var router = express.Router({ mergeParams: true });
router.use( router.use("/award", PermissionHelper.passCheckMiddleware("read", "settings", "award"), award);
"/award",
PermissionHelper.passCheckSomeMiddleware([
{ requiredPermissions: "read", section: "settings", module: "award" },
{ requiredPermissions: "read", section: "club", module: "member" },
]),
award
);
router.use( router.use(
"/communicationtype", "/communicationtype",
PermissionHelper.passCheckSomeMiddleware([ PermissionHelper.passCheckMiddleware("read", "settings", "communication_type"),
{ requiredPermissions: "read", section: "settings", module: "communication_type" },
{ requiredPermissions: "read", section: "club", module: "member" },
]),
communicationType communicationType
); );
router.use( router.use(
"/executiveposition", "/executiveposition",
PermissionHelper.passCheckSomeMiddleware([ PermissionHelper.passCheckMiddleware("read", "settings", "executive_position"),
{ requiredPermissions: "read", section: "settings", module: "executive_position" },
{ requiredPermissions: "read", section: "club", module: "member" },
]),
executivePosition executivePosition
); );
router.use( router.use(
"/membershipstatus", "/membershipstatus",
PermissionHelper.passCheckSomeMiddleware([ PermissionHelper.passCheckMiddleware("read", "settings", "membership_status"),
{ requiredPermissions: "read", section: "settings", module: "membership_status" },
{ requiredPermissions: "read", section: "club", module: "member" },
]),
membershipStatus membershipStatus
); );
router.use( router.use("/qualification", PermissionHelper.passCheckMiddleware("read", "settings", "qualification"), qualification);
"/qualification", router.use("/salutation", PermissionHelper.passCheckMiddleware("read", "settings", "salutation"), salutation);
PermissionHelper.passCheckSomeMiddleware([ router.use("/calendartype", PermissionHelper.passCheckMiddleware("read", "settings", "calendar_type"), calendarType);
{ requiredPermissions: "read", section: "settings", module: "qualification" },
{ requiredPermissions: "read", section: "club", module: "member" },
]),
qualification
);
router.use(
"/salutation",
PermissionHelper.passCheckSomeMiddleware([
{ requiredPermissions: "read", section: "settings", module: "salutation" },
{ requiredPermissions: "read", section: "club", module: "member" },
]),
salutation
);
router.use(
"/calendartype",
PermissionHelper.passCheckSomeMiddleware([
{ requiredPermissions: "read", section: "settings", module: "calendar_type" },
{ requiredPermissions: "read", section: "club", module: "calendar" },
]),
calendarType
);
router.use("/querystore", PermissionHelper.passCheckMiddleware("read", "settings", "query_store"), queryStore); router.use("/querystore", PermissionHelper.passCheckMiddleware("read", "settings", "query_store"), queryStore);
router.use("/template", PermissionHelper.passCheckMiddleware("read", "settings", "template"), template); router.use("/template", PermissionHelper.passCheckMiddleware("read", "settings", "template"), template);
router.use( router.use("/templateusage", PermissionHelper.passCheckMiddleware("read", "settings", "template_usage"), templateUsage);
"/templateusage",
PermissionHelper.passCheckSomeMiddleware([
{ requiredPermissions: "read", section: "settings", module: "template_usage" },
{ requiredPermissions: "read", section: "settings", module: "template" },
]),
templateUsage
);
router.use( router.use(
"/newsletterconfig", "/newsletterconfig",
PermissionHelper.passCheckSomeMiddleware([ PermissionHelper.passCheckMiddleware("read", "settings", "newsletter_config"),
{ requiredPermissions: "read", section: "settings", module: "newsletter_config" },
{ requiredPermissions: "read", section: "settings", module: "communication_type" },
]),
newsletterConfig newsletterConfig
); );
router.use("/member", PermissionHelper.passCheckMiddleware("read", "club", "member"), member); router.use("/member", PermissionHelper.passCheckMiddleware("read", "club", "member"), member);
router.use( router.use("/protocol", PermissionHelper.passCheckMiddleware("read", "club", "protocol"), protocol);
"/protocol",
PermissionHelper.passCheckSomeMiddleware([
{ requiredPermissions: "read", section: "club", module: "protocol" },
{ requiredPermissions: "read", section: "club", module: "member" },
]),
protocol
);
router.use("/calendar", PermissionHelper.passCheckMiddleware("read", "club", "calendar"), calendar); router.use("/calendar", PermissionHelper.passCheckMiddleware("read", "club", "calendar"), calendar);
router.use( router.use("/querybuilder", PermissionHelper.passCheckMiddleware("read", "club", "query"), queryBuilder);
"/querybuilder", router.use("/newsletter", PermissionHelper.passCheckMiddleware("read", "club", "newsletter"), newsletter);
PermissionHelper.passCheckSomeMiddleware([
{ requiredPermissions: "read", section: "club", module: "query" },
{ requiredPermissions: "read", section: "settings", module: "query_store" },
]),
queryBuilder
);
router.use(
"/newsletter",
PermissionHelper.passCheckSomeMiddleware([
{ requiredPermissions: "read", section: "club", module: "newsletter" },
{ requiredPermissions: "read", section: "club", module: "member" },
{ requiredPermissions: "read", section: "club", module: "calendar" },
{ requiredPermissions: "read", section: "club", module: "query" },
{ requiredPermissions: "read", section: "settings", module: "query_store" },
]),
newsletter
);
router.use("/role", PermissionHelper.passCheckMiddleware("read", "user", "role"), role); router.use("/role", PermissionHelper.passCheckMiddleware("read", "user", "role"), role);
router.use( router.use("/user", PermissionHelper.passCheckMiddleware("read", "user", "user"), user);
"/user",
PermissionHelper.passCheckSomeMiddleware([
{ requiredPermissions: "read", section: "user", module: "user" },
{ requiredPermissions: "read", section: "user", module: "role" },
]),
user
);
router.use("/invite", PermissionHelper.passCheckMiddleware("read", "user", "user"), invite); router.use("/invite", PermissionHelper.passCheckMiddleware("read", "user", "user"), invite);
router.use("/webapi", preventWebapiAccess, PermissionHelper.passCheckMiddleware("read", "user", "webapi"), api); router.use("/webapi", preventWebapiAccess, PermissionHelper.passCheckMiddleware("read", "user", "webapi"), api);

7
src/service/club/newsletter/newsletterRecipientsService.ts
View file

@ -14,12 +14,7 @@ export default abstract class NewsletterRecipientsService {
.getRepository(newsletterRecipients) .getRepository(newsletterRecipients)
.createQueryBuilder("newsletterRecipients") .createQueryBuilder("newsletterRecipients")
.leftJoinAndSelect("newsletterRecipients.member", "member") .leftJoinAndSelect("newsletterRecipients.member", "member")
.leftJoinAndMapOne( .leftJoinAndSelect("member.sendNewsletter", "sendNewsletter")
"member.sendNewsletter",
"member.communications",
"sendNewsletter",
"sendNewsletter.isSendNewsletter = 1"
)
.leftJoinAndSelect("sendNewsletter.type", "communicationtype") .leftJoinAndSelect("sendNewsletter.type", "communicationtype")
.leftJoinAndSelect("newsletterRecipients.newsletter", "newsletter") .leftJoinAndSelect("newsletterRecipients.newsletter", "newsletter")
.where("newsletterRecipients.newsletterId = :id", { id: newsletterId }) .where("newsletterRecipients.newsletterId = :id", { id: newsletterId })