ClusterCockpit/cc-backend
1
0
Fork 0
mirror of https://github.com/ClusterCockpit/cc-backend synced 2024-12-26 13:29:05 +01:00
Code Issues Packages Releases Activity

Add admin function to remove roles, rename addroles to editroles

Browse Source
This commit is contained in:
Christoph Kluge 2022-08-26 15:15:36 +02:00
parent 0186e886e4
commit c9954787c1
4 changed files with 85 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
internal/api/rest.go
View File

@ -580,14 +580,26 @@ func (api *RestApi) updateUser(rw http.ResponseWriter, r *http.Request) {
return
}
// TODO: Handle anything but roles...
// Get Values
newrole := r.FormValue("add-role")
if err := api.Authentication.AddRole(r.Context(), mux.Vars(r)["id"], newrole); err != nil {
http.Error(rw, err.Error(), http.StatusUnprocessableEntity)
return
}
delrole := r.FormValue("remove-role")
rw.Write([]byte("success"))
// TODO: Handle anything but roles...
if (newrole != "") {
if err := api.Authentication.AddRole(r.Context(), mux.Vars(r)["id"], newrole); err != nil {
http.Error(rw, err.Error(), http.StatusUnprocessableEntity)
return
}
rw.Write([]byte("Add Role Success"))
} else if (delrole != "") {
if err := api.Authentication.RemoveRole(r.Context(), mux.Vars(r)["id"], delrole); err != nil {
http.Error(rw, err.Error(), http.StatusUnprocessableEntity)
return
}
rw.Write([]byte("Remove Role Success"))
} else {
http.Error(rw, "Not Add or Del?", http.StatusInternalServerError)
}
}
func (api *RestApi) updateConfiguration(rw http.ResponseWriter, r *http.Request) {

31
internal/auth/users.go
View File

@ -129,6 +129,37 @@ func (auth *Authentication) AddRole(ctx context.Context, username string, role s
return nil
}
func (auth *Authentication) RemoveRole(ctx context.Context, username string, role string) error {
user, err := auth.GetUser(username)
if err != nil {
return err
}
if role != RoleAdmin && role != RoleApi && role != RoleUser {
return fmt.Errorf("invalid user role: %#v", role)
}
var exists bool
var newroles []string
for _, r := range user.Roles {
if r != role {
newroles = append(newroles, r) // Append all roles not matching requested delete role
} else {
exists = true
}
}
if (exists == true) {
var mroles, _ = json.Marshal(newroles)
if _, err := sq.Update("user").Set("roles", mroles).Where("user.username = ?", username).RunWith(auth.db).Exec(); err != nil {
return err
}
return nil
} else {
return fmt.Errorf("user %#v already does not have role %#v", username, role)
}
}
func FetchUser(ctx context.Context, db *sqlx.DB, username string) (*model.User, error) {
me := GetUser(ctx)
if me != nil && !me.HasRole(RoleAdmin) && me.Username != username {

4
web/frontend/src/config/AdminSettings.svelte
View File

@ -1,7 +1,7 @@
<script>
import { Row, Col } from 'sveltestrap'
import { onMount } from 'svelte'
import AddRole from './admin/AddRole.svelte'
import EditRole from './admin/EditRole.svelte'
import AddUser from './admin/AddUser.svelte'
import ShowUsers from './admin/ShowUsers.svelte'
import Options from './admin/Options.svelte'
@ -28,7 +28,7 @@
<ShowUsers on:reload={getUserList} bind:users={users}/>
</Col>
<Col>
<AddRole on:reload={getUserList}/>
<EditRole on:reload={getUserList}/>
</Col>
<Col>
<Options/>

38
web/frontend/src/config/admin/AddRole.svelte → web/frontend/src/config/admin/EditRole.svelte
View File

@ -9,8 +9,8 @@
let displayMessage = false
async function handleAddRole() {
const username = document.querySelector('#add-role-username').value
const role = document.querySelector('#add-role-select').value
const username = document.querySelector('#role-username').value
const role = document.querySelector('#role-select').value
if (username == "" || role == "") {
alert('Please fill in a username and select a role.')
@ -37,6 +37,35 @@
}
}
async function handleRemoveRole() {
const username = document.querySelector('#role-username').value
const role = document.querySelector('#role-select').value
if (username == "" || role == "") {
alert('Please fill in a username and select a role.')
return
}
let formData = new FormData()
formData.append('username', username)
formData.append('remove-role', role)
try {
const res = await fetch(`/api/user/${username}`, { method: 'POST', body: formData })
if (res.ok) {
let text = await res.text()
popMessage(text, '#048109')
reloadUserList()
} else {
let text = await res.text()
// console.log(res.statusText)
throw new Error('Response Code ' + res.status + '-> ' + text)
}
} catch (err) {
popMessage(err, '#d63384')
}
}
function popMessage(response, rescolor) {
message = {msg: response, color: rescolor}
displayMessage = true
@ -54,8 +83,8 @@
<CardBody>
<CardTitle class="mb-3">Add Role to User</CardTitle>
<div class="input-group mb-3">
<input type="text" class="form-control" placeholder="username" id="add-role-username"/>
<select class="form-select" id="add-role-select">
<input type="text" class="form-control" placeholder="username" id="role-username"/>
<select class="form-select" id="role-select">
<option selected value="">Role...</option>
<option value="user">User</option>
<option value="admin">Admin</option>
@ -64,6 +93,7 @@
<!-- PreventDefault on Sveltestrap-Button more complex to achieve than just use good ol' html button -->
<!-- see: https://stackoverflow.com/questions/69630422/svelte-how-to-use-event-modifiers-in-my-own-components -->
<button class="btn btn-primary" type="button" id="add-role-button" on:click|preventDefault={handleAddRole}>Add</button>
<button class="btn btn-danger" type="button" id="remove-role-button" on:click|preventDefault={handleRemoveRole}>Remove</button>
</div>
<p>
{#if displayMessage}<b><code style="color: {message.color};" out:fade>Update: {message.msg}</code></b>{/if}