ownership
This commit is contained in:
parent
85289069ba
commit
d98afa259e
5 changed files with 18 additions and 14 deletions
|
|
@ -1,7 +1,10 @@
|
||||||
<template>
|
<template>
|
||||||
<div class="flex flex-col h-fit w-full border border-primary rounded-md">
|
<div class="flex flex-col h-fit w-full border border-primary rounded-md">
|
||||||
<div class="bg-primary p-2 text-white flex flex-row justify-between items-center">
|
<div class="bg-primary p-2 text-white flex flex-row justify-between items-center">
|
||||||
<p>{{ user.firstname }} {{ user.lastname }} <small v-if="user.permissions_total.admin">(Admin)</small></p>
|
<p>
|
||||||
|
{{ user.firstname }} {{ user.lastname }} <small v-if="user.permissions_total.admin">(Admin)</small
|
||||||
|
><small v-if="isOwner"> (Owner)</small>
|
||||||
|
</p>
|
||||||
<div class="flex flex-row">
|
<div class="flex flex-row">
|
||||||
<RouterLink
|
<RouterLink
|
||||||
v-if="can('update', 'user', 'user')"
|
v-if="can('update', 'user', 'user')"
|
||||||
|
|
@ -62,8 +65,7 @@ export default defineComponent({
|
||||||
user: { type: Object as PropType<UserViewModel>, default: {} },
|
user: { type: Object as PropType<UserViewModel>, default: {} },
|
||||||
},
|
},
|
||||||
computed: {
|
computed: {
|
||||||
...mapState(useAbilityStore, ["can"]),
|
...mapState(useAbilityStore, ["can", "isOwner"]),
|
||||||
...mapState(useAbilityStore, ["can"]),
|
|
||||||
},
|
},
|
||||||
methods: {
|
methods: {
|
||||||
...mapActions(useModalStore, ["openModal"]),
|
...mapActions(useModalStore, ["openModal"]),
|
||||||
|
|
|
||||||
|
|
@ -12,6 +12,7 @@ export type Payload = JwtPayload & {
|
||||||
firstname: string;
|
firstname: string;
|
||||||
lastname: string;
|
lastname: string;
|
||||||
mail: string;
|
mail: string;
|
||||||
|
isOwner: boolean;
|
||||||
permissions: PermissionObject;
|
permissions: PermissionObject;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
@ -66,16 +67,16 @@ export async function isAuthenticatedPromise(): Promise<Payload> {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
var { firstname, lastname, mail, username, permissions } = decoded;
|
var { firstname, lastname, mail, username, permissions, isOwner } = decoded;
|
||||||
|
|
||||||
if (Object.keys(permissions).length === 0) {
|
if (Object.keys(permissions).length === 0 && !isOwner) {
|
||||||
auth.setFailed();
|
auth.setFailed();
|
||||||
reject("nopermissions");
|
reject("nopermissions");
|
||||||
}
|
}
|
||||||
|
|
||||||
auth.setSuccess();
|
auth.setSuccess();
|
||||||
account.setAccountData(firstname, lastname, mail, username);
|
account.setAccountData(firstname, lastname, mail, username);
|
||||||
ability.setAbility(permissions);
|
ability.setAbility(permissions, isOwner);
|
||||||
resolve(decoded);
|
resolve(decoded);
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
|
||||||
|
|
@ -5,6 +5,7 @@ export const useAbilityStore = defineStore("ability", {
|
||||||
state: () => {
|
state: () => {
|
||||||
return {
|
return {
|
||||||
permissions: {} as PermissionObject,
|
permissions: {} as PermissionObject,
|
||||||
|
isOwner: false as boolean,
|
||||||
};
|
};
|
||||||
},
|
},
|
||||||
getters: {
|
getters: {
|
||||||
|
|
@ -12,6 +13,7 @@ export const useAbilityStore = defineStore("ability", {
|
||||||
(state) =>
|
(state) =>
|
||||||
(type: PermissionType | "admin", section: PermissionSection, module?: PermissionModule): boolean => {
|
(type: PermissionType | "admin", section: PermissionSection, module?: PermissionModule): boolean => {
|
||||||
const permissions = state.permissions;
|
const permissions = state.permissions;
|
||||||
|
if (state.isOwner) return true;
|
||||||
if (type == "admin") return permissions?.admin ?? false;
|
if (type == "admin") return permissions?.admin ?? false;
|
||||||
if (permissions?.admin) return true;
|
if (permissions?.admin) return true;
|
||||||
if (
|
if (
|
||||||
|
|
@ -30,6 +32,7 @@ export const useAbilityStore = defineStore("ability", {
|
||||||
(state) =>
|
(state) =>
|
||||||
(type: PermissionType | "admin", section: PermissionSection): boolean => {
|
(type: PermissionType | "admin", section: PermissionSection): boolean => {
|
||||||
const permissions = state.permissions;
|
const permissions = state.permissions;
|
||||||
|
if (state.isOwner) return true;
|
||||||
if (type == "admin") return permissions?.admin ?? false;
|
if (type == "admin") return permissions?.admin ?? false;
|
||||||
if (permissions?.admin) return true;
|
if (permissions?.admin) return true;
|
||||||
if (
|
if (
|
||||||
|
|
@ -48,6 +51,7 @@ export const useAbilityStore = defineStore("ability", {
|
||||||
section: PermissionSection,
|
section: PermissionSection,
|
||||||
module?: PermissionModule
|
module?: PermissionModule
|
||||||
): boolean => {
|
): boolean => {
|
||||||
|
// ignores ownership
|
||||||
if (type == "admin") return permissions?.admin ?? false;
|
if (type == "admin") return permissions?.admin ?? false;
|
||||||
if (permissions?.admin) return true;
|
if (permissions?.admin) return true;
|
||||||
if (
|
if (
|
||||||
|
|
@ -64,8 +68,9 @@ export const useAbilityStore = defineStore("ability", {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
actions: {
|
actions: {
|
||||||
setAbility(permissions: PermissionObject) {
|
setAbility(permissions: PermissionObject, isOwner: boolean) {
|
||||||
this.permissions = permissions;
|
this.permissions = permissions;
|
||||||
|
this.isOwner = isOwner;
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
});
|
});
|
||||||
|
|
|
||||||
|
|
@ -7,6 +7,7 @@ export interface UserViewModel {
|
||||||
mail: string;
|
mail: string;
|
||||||
firstname: string;
|
firstname: string;
|
||||||
lastname: string;
|
lastname: string;
|
||||||
|
isOwner: boolean;
|
||||||
permissions: PermissionObject;
|
permissions: PermissionObject;
|
||||||
roles: Array<RoleViewModel>;
|
roles: Array<RoleViewModel>;
|
||||||
permissions_total: PermissionObject;
|
permissions_total: PermissionObject;
|
||||||
|
|
|
||||||
|
|
@ -74,11 +74,6 @@ export default defineComponent({
|
||||||
props: {
|
props: {
|
||||||
id: String,
|
id: String,
|
||||||
},
|
},
|
||||||
watch: {
|
|
||||||
origin() {
|
|
||||||
this.assigned = this.origin?.roles.map((r) => r.id) ?? [];
|
|
||||||
},
|
|
||||||
},
|
|
||||||
data() {
|
data() {
|
||||||
return {
|
return {
|
||||||
loading: "loading" as "loading" | "fetched" | "failed",
|
loading: "loading" as "loading" | "fetched" | "failed",
|
||||||
|
|
@ -97,7 +92,7 @@ export default defineComponent({
|
||||||
return this.roles.filter((r) => !this.assigned.includes(r.id));
|
return this.roles.filter((r) => !this.assigned.includes(r.id));
|
||||||
},
|
},
|
||||||
canSaveOrReset(): boolean {
|
canSaveOrReset(): boolean {
|
||||||
return isEqual(this.origin?.roles, this.assigned);
|
return isEqual(this.origin?.roles.map((r) => r.id) ?? [], this.assigned);
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
mounted() {
|
mounted() {
|
||||||
|
|
@ -118,8 +113,8 @@ export default defineComponent({
|
||||||
fetchItem() {
|
fetchItem() {
|
||||||
this.fetchUserById(parseInt(this.id ?? ""))
|
this.fetchUserById(parseInt(this.id ?? ""))
|
||||||
.then((result) => {
|
.then((result) => {
|
||||||
this.assigned = this.origin?.roles.map((r) => r.id) ?? [];
|
|
||||||
this.origin = cloneDeep(result.data);
|
this.origin = cloneDeep(result.data);
|
||||||
|
this.assigned = this.origin?.roles.map((r) => r.id) ?? [];
|
||||||
this.loading = "fetched";
|
this.loading = "fetched";
|
||||||
})
|
})
|
||||||
.catch((err) => {
|
.catch((err) => {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue