Alex/GoMembership
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

implemented permission system

Browse Source
This commit is contained in:
Alex
2025-03-02 10:27:56 +01:00
parent 298ef9843e
commit 29f405385e
6 changed files with 311 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
frontend/src/lib/components/Header.svelte
View File

@@ -5,6 +5,8 @@
import { page } from '$app/stores';
import { t } from 'svelte-i18n';
import { writable } from 'svelte/store';
import { PERMISSIONS } from '$lib/utils/constants';
import { hasPrivilige } from '$lib/utils/helpers';
let isMobileMenuOpen = false;
@@ -104,7 +106,7 @@
{$page.data.user.last_name}
</a>
</div>
{#if $page.data.user.role_id > 0}
{#if hasPrivilige($page.data.user, PERMISSIONS.View)}
<div
class="header-nav-item"
class:active={$page.url.pathname.startsWith(`${base}/auth/admin/users`)}

281
frontend/src/lib/components/UserEditForm.svelte
View File

@@ -3,8 +3,9 @@
import SmallLoader from '$lib/components/SmallLoader.svelte';
import { createEventDispatcher } from 'svelte';
import { applyAction, enhance } from '$app/forms';
import { receive, send } from '$lib/utils/helpers';
import { hasPrivilige, receive, send } from '$lib/utils/helpers';
import { t } from 'svelte-i18n';
import { PERMISSIONS } from '$lib/utils/constants';
/** @type {import('../../routes/auth/about/[id]/$types').ActionData} */
export let form;
@@ -29,7 +30,7 @@
profile_picture: '',
payment_status: 0,
status: 1,
role_id: 0,
role_id: 1,
membership: {
id: 0,
start_date: '',
@@ -70,12 +71,14 @@
/** @type {App.Locals['user'] | null} */
export let user;
/** @type {Number} */
export let role_id;
/** @type {App.Locals['user']} */
export let editor;
/** @type {App.Locals['user'] } */
let localUser;
let readonlyUser = !hasPrivilige(editor, PERMISSIONS.Update);
$: {
if (user !== undefined && !localUser) {
localUser =
@@ -106,8 +109,9 @@
const userRoleOptions = [
{ value: 0, label: $t('userRole.0'), color: '--subtext1' }, // Grey for "Nicht verifiziert"
{ value: 1, label: $t('userRole.1'), color: '--light-green' }, // Light green for "Verifiziert"
{ value: 4, label: $t('userRole.4'), color: '--green' }, // Green for "Aktiv"
{ value: 8, label: $t('userRole.8'), color: '--pink' } // Pink for "Passiv"
{ value: 2, label: $t('userRole.2'), color: '--green' }, // Light green for "Verifiziert"
{ value: 4, label: $t('userRole.4'), color: '--pink' }, // Green for "Aktiv"
{ value: 8, label: $t('userRole.8'), color: '--red' } // Pink for "Passiv"
];
const membershipStatusOptions = [
{ value: 3, label: $t('userStatus.3'), color: '--green' }, // Green for "Aktiv"
@@ -232,9 +236,9 @@
label={$t('status')}
bind:value={localUser.status}
options={userStatusOptions}
readonly={role_id === 0}
readonly={readonlyUser}
/>
{#if role_id === 8}
{#if hasPrivilige(editor, PERMISSIONS.Super)}
<InputField
name="user[role_id]"
type="select"
@@ -243,29 +247,31 @@
options={userRoleOptions}
/>
{/if}
<InputField
name="user[password]"
type="password"
label={$t('password')}
placeholder={$t('placeholder.password')}
bind:value={password}
otherPasswordValue={confirm_password}
/>
<InputField
name="confirm_password"
type="password"
label={$t('confirm_password')}
placeholder={$t('placeholder.password')}
bind:value={confirm_password}
otherPasswordValue={password}
/>
{#if hasPrivilige(localUser, PERMISSIONS.Member)}
<InputField
name="user[password]"
type="password"
label={$t('password')}
placeholder={$t('placeholder.password')}
bind:value={password}
otherPasswordValue={confirm_password}
/>
<InputField
name="confirm_password"
type="password"
label={$t('confirm_password')}
placeholder={$t('placeholder.password')}
bind:value={confirm_password}
otherPasswordValue={password}
/>
{/if}
<InputField
name="user[first_name]"
label={$t('user.first_name')}
bind:value={localUser.first_name}
placeholder={$t('placeholder.first_name')}
required={true}
readonly={role_id === 0}
readonly={readonlyUser}
/>
<InputField
name="user[last_name]"
@@ -273,7 +279,7 @@
bind:value={localUser.last_name}
placeholder={$t('placeholder.last_name')}
required={true}
readonly={role_id === 0}
readonly={readonlyUser}
/>
<InputField
name="user[company]"
@@ -296,14 +302,16 @@
bind:value={localUser.phone}
placeholder={$t('placeholder.phone')}
/>
<InputField
name="user[dateofbirth]"
type="date"
label={$t('user.dateofbirth')}
bind:value={localUser.dateofbirth}
placeholder={$t('placeholder.dateofbirth')}
readonly={role_id === 0}
/>
{#if hasPrivilige(localUser, PERMISSIONS.Member)}
<InputField
name="user[dateofbirth]"
type="date"
label={$t('user.dateofbirth')}
bind:value={localUser.dateofbirth}
placeholder={$t('placeholder.dateofbirth')}
readonly={readonlyUser}
/>
{/if}
<InputField
name="user[address]"
label={$t('address')}
@@ -322,7 +330,7 @@
bind:value={localUser.city}
placeholder={$t('placeholder.city')}
/>
{#if role_id > 0}
{#if !readonlyUser}
<InputField
name="user[notes]"
type="textarea"
@@ -335,77 +343,80 @@
/>
{/if}
</div>
<div class="tab-content" style="display: {activeTab === 'licence' ? 'block' : 'none'}">
<InputField
name="user[licence][status]"
type="select"
label={$t('status')}
bind:value={localUser.licence.status}
options={licenceStatusOptions}
readonly={role_id === 0}
/>
<InputField
name="user[licence][number]"
type="text"
label={$t('licence_number')}
bind:value={localUser.licence.number}
placeholder={$t('placeholder.licence_number')}
toUpperCase={true}
readonly={role_id === 0}
/>
<InputField
name="user[licence][issued_date]"
type="date"
label={$t('issued_date')}
bind:value={localUser.licence.issued_date}
placeholder={$t('placeholder.issued_date')}
readonly={role_id === 0}
/>
<InputField
name="user[licence][expiration_date]"
type="date"
label={$t('expiration_date')}
bind:value={localUser.licence.expiration_date}
placeholder={$t('placeholder.expiration_date')}
readonly={role_id === 0}
/>
<InputField
name="user[licence][country]"
label={$t('country')}
bind:value={localUser.licence.country}
placeholder={$t('placeholder.issuing_country')}
readonly={role_id === 0}
/>
<div class="licence-categories">
<h3>{$t('licence_categories')}</h3>
<div class="checkbox-grid">
{#each Object.entries(groupedCategories) as [, categories], groupIndex}
{#if groupIndex > 0}
<div class="category-break"></div>
{/if}
{#each categories as category}
<div class="checkbox-item">
<div class="checkbox-label-container">
<InputField
type="checkbox"
name="user[licence][categories][]"
value={JSON.stringify(category)}
label={category.category}
checked={localUser.licence.categories != null &&
localUser.licence.categories.some(
(cat) => cat.category === category.category
)}
/>
{#if hasPrivilige(localUser, PERMISSIONS.Member)}
<div class="tab-content" style="display: {activeTab === 'licence' ? 'block' : 'none'}">
<InputField
name="user[licence][status]"
type="select"
label={$t('status')}
bind:value={localUser.licence.status}
options={licenceStatusOptions}
readonly={readonlyUser}
/>
<InputField
name="user[licence][number]"
type="text"
label={$t('licence_number')}
bind:value={localUser.licence.number}
placeholder={$t('placeholder.licence_number')}
toUpperCase={true}
readonly={readonlyUser}
/>
<InputField
name="user[licence][issued_date]"
type="date"
label={$t('issued_date')}
bind:value={localUser.licence.issued_date}
placeholder={$t('placeholder.issued_date')}
readonly={readonlyUser}
/>
<InputField
name="user[licence][expiration_date]"
type="date"
label={$t('expiration_date')}
bind:value={localUser.licence.expiration_date}
placeholder={$t('placeholder.expiration_date')}
readonly={readonlyUser}
/>
<InputField
name="user[licence][country]"
label={$t('country')}
bind:value={localUser.licence.country}
placeholder={$t('placeholder.issuing_country')}
readonly={readonlyUser}
/>
<div class="licence-categories">
<h3>{$t('licence_categories')}</h3>
<div class="checkbox-grid">
{#each Object.entries(groupedCategories) as [, categories], groupIndex}
{#if groupIndex > 0}
<div class="category-break"></div>
{/if}
{#each categories as category}
<div class="checkbox-item">
<div class="checkbox-label-container">
<InputField
type="checkbox"
name="user[licence][categories][]"
value={JSON.stringify(category)}
label={category.category}
checked={localUser.licence.categories != null &&
localUser.licence.categories.some(
(cat) => cat.category === category.category
)}
/>
</div>
<span class="checkbox-description">
{$t(`licenceCategory.${category.category}`)}
</span>
</div>
<span class="checkbox-description">
{$t(`licenceCategory.${category.category}`)}
</span>
</div>
{/each}
{/each}
{/each}
</div>
</div>
</div>
</div>
{/if}
<div class="tab-content" style="display: {activeTab === 'membership' ? 'block' : 'none'}">
<InputField
name="user[membership][status]"
@@ -413,7 +424,7 @@
label={$t('status')}
bind:value={localUser.membership.status}
options={membershipStatusOptions}
readonly={role_id === 0}
readonly={readonlyUser}
/>
<InputField
name="user[membership][subscription_model][name]"
@@ -421,31 +432,33 @@
label={$t('subscription.subscription')}
bind:value={localUser.membership.subscription_model.name}
options={subscriptionModelOptions}
readonly={role_id === 0}
readonly={readonlyUser}
/>
<div class="subscription-info">
<div class="subscription-column">
<p>
<strong>{$t('subscription.monthly_fee')}:</strong>
{selectedSubscriptionModel?.monthly_fee || '-'}
</p>
<p>
<strong>{$t('subscription.hourly_rate')}:</strong>
{selectedSubscriptionModel?.hourly_rate || '-'}
</p>
{#if selectedSubscriptionModel?.included_hours_per_year}
{#if hasPrivilige(editor, PERMISSIONS.Member)}
<div class="subscription-column">
<p>
<strong>{$t('subscription.included_hours_per_year')}:</strong>
{selectedSubscriptionModel?.included_hours_per_year}
<strong>{$t('subscription.monthly_fee')}:</strong>
{selectedSubscriptionModel?.monthly_fee || '-'}
</p>
{/if}
{#if selectedSubscriptionModel?.included_hours_per_month}
<p>
<strong>{$t('subscription.included_hours_per_month')}:</strong>
{selectedSubscriptionModel?.included_hours_per_month}
<strong>{$t('subscription.hourly_rate')}:</strong>
{selectedSubscriptionModel?.hourly_rate || '-'}
</p>
{/if}
</div>
{#if selectedSubscriptionModel?.included_hours_per_year}
<p>
<strong>{$t('subscription.included_hours_per_year')}:</strong>
{selectedSubscriptionModel?.included_hours_per_year}
</p>
{/if}
{#if selectedSubscriptionModel?.included_hours_per_month}
<p>
<strong>{$t('subscription.included_hours_per_month')}:</strong>
{selectedSubscriptionModel?.included_hours_per_month}
</p>
{/if}
</div>
{/if}
<div class="subscription-column">
<p>
<strong>{$t('details')}:</strong>
@@ -465,7 +478,7 @@
label={$t('start')}
bind:value={localUser.membership.start_date}
placeholder={$t('placeholder.start_date')}
readonly={role_id === 0}
readonly={readonlyUser}
/>
<InputField
name="user[membership][end_date]"
@@ -473,16 +486,18 @@
label={$t('end')}
bind:value={localUser.membership.end_date}
placeholder={$t('placeholder.end_date')}
readonly={role_id === 0}
/>
<InputField
name="user[membership][parent_member_id]"
type="number"
label={$t('parent_member_id')}
bind:value={localUser.membership.parent_member_id}
placeholder={$t('placeholder.parent_member_id')}
readonly={role_id === 0}
readonly={readonlyUser}
/>
{#if hasPrivilige(editor, PERMISSIONS.Member)}
<InputField
name="user[membership][parent_member_id]"
type="number"
label={$t('parent_member_id')}
bind:value={localUser.membership.parent_member_id}
placeholder={$t('placeholder.parent_member_id')}
readonly={readonlyUser}
/>
{/if}
</div>
<div class="tab-content" style="display: {activeTab === 'bankaccount' ? 'block' : 'none'}">
<InputField
@@ -516,7 +531,7 @@
label={$t('mandate_reference')}
bind:value={localUser.bank_account.mandate_reference}
placeholder={$t('placeholder.mandate_reference')}
readonly={role_id === 0}
readonly={readonlyUser}
/>
<InputField
name="user[bank_account][mandate_date_signed]"

4
frontend/src/routes/auth/about/[id]/+page.svelte
View File

@@ -36,7 +36,7 @@
default: 'unknown status'
})}</span
>
<span>{$t(`userRole.${user.role_id}`, { default: 'unknown role' })}</span>
<span>{$t(`userRole.${user.role_id}`, { default: 'unknown' })}</span>
</span>
</h3>
{/if}
@@ -93,7 +93,7 @@
{licence_categories}
on:close={close}
on:cancel={close}
role_id={user.role_id}
editor={user}
/>
</Modal>
{/if}

6
frontend/src/routes/auth/admin/users/+page.server.js
View File

@@ -2,8 +2,8 @@
// - Implement a load function to fetch a list of all users.
// - Create actions for updating user information (similar to the about/[id] route).
import { BASE_API_URI } from '$lib/utils/constants';
import { formatError, userDatesFromRFC3339 } from '$lib/utils/helpers';
import { BASE_API_URI, PERMISSIONS } from '$lib/utils/constants';
import { formatError, hasPrivilige, userDatesFromRFC3339 } from '$lib/utils/helpers';
import { fail, redirect } from '@sveltejs/kit';
import {
formDataToObject,
@@ -18,7 +18,7 @@ export async function load({ locals }) {
if (!locals.user) {
throw redirect(302, `${base}/auth/login?next=${base}/auth/admin/users`);
}
if (locals.user.role_id === 0) {
if (!hasPrivilige(locals.user, PERMISSIONS.View)) {
throw redirect(302, `${base}/auth/about/${locals.user.id}`);
}
}

163
frontend/src/routes/auth/admin/users/+page.svelte
View File

@@ -6,7 +6,8 @@
import { t } from 'svelte-i18n';
import { page } from '$app/stores';
import { applyAction, enhance } from '$app/forms';
import { receive, send } from '$lib/utils/helpers';
import { hasPrivilige, receive, send } from '$lib/utils/helpers';
import { PERMISSIONS } from '$lib/utils/constants';
/** @type {import('./$types').ActionData} */
export let form;
@@ -19,7 +20,7 @@
payments = []
} = $page.data);
let activeSection = 'users';
let activeSection = 'members';
/** @type{App.Locals['user'] | null} */
let selectedUser = null;
/** @type{App.Types['subscription'] | null} */
@@ -28,9 +29,21 @@
let showUserModal = false;
let searchTerm = '';
$: filteredUsers = searchTerm ? getFilteredUsers() : users;
$: members = users.filter((/** @type{App.Locals['user']} */ user) => {
return user.role_id >= PERMISSIONS.Member;
});
$: supporters = users.filter((/** @type{App.Locals['user']} */ user) => {
return user.role_id < PERMISSIONS.Member;
});
$: filteredMembers = searchTerm ? getFilteredUsers(members) : members;
function handleMailButtonClick() {
$: filteredSupporters = searchTerm ? getFilteredUsers(supporters) : supporters;
/**
* Handles Mail button click to open a formatted mailto link
* @param {App.Locals['user'][]} filteredUsers - the users to send the mail to
*/
function handleMailButtonClick(filteredUsers) {
const subject = 'Important Announcement';
const body = `Hello everyone,\n\nThis is an important message.`;
const bccEmails = filteredUsers
@@ -43,14 +56,15 @@
}
/**
* returns a set of users depending on the entered search query
* returns a set of members depending on the entered search query
* @param {App.Locals['user'][]} userSet Set to filter
* @return {App.Locals['user'][]}*/
const getFilteredUsers = () => {
if (!searchTerm.trim()) return users;
const getFilteredUsers = (userSet) => {
if (!searchTerm.trim()) return userSet;
const term = searchTerm.trim().toLowerCase();
return users.filter((/** @type{App.Locals['user']}*/ user) => {
return userSet.filter((/** @type{App.Locals['user']}*/ user) => {
const basicMatch = [
user.first_name?.toLowerCase(),
user.last_name?.toLowerCase(),
@@ -124,12 +138,22 @@
<ul class="nav-list">
<li>
<button
class="nav-link {activeSection === 'users' ? 'active' : ''}"
on:click={() => setActiveSection('users')}
class="nav-link {activeSection === 'members' ? 'active' : ''}"
on:click={() => setActiveSection('members')}
>
<i class="fas fa-users"></i>
{$t('users')}
<span class="nav-badge">{users.length}</span>
<span class="nav-badge">{members.length}</span>
</button>
</li>
<li>
<button
class="nav-link {activeSection === 'supporter' ? 'active' : ''}"
on:click={() => setActiveSection('supporter')}
>
<i class="fas fa-hand-holding-dollar"></i>
{$t('supporter')}
<span class="nav-badge">{supporters.length}</span>
</button>
</li>
<li>
@@ -168,7 +192,7 @@
{/each}
{/if}
{#if activeSection === 'users'}
{#if activeSection === 'members'}
<div class="section-header">
<h2>{$t('users')}</h2>
<div class="title-container">
@@ -183,7 +207,7 @@
<button
class="btn primary"
aria-label="Mail Users"
on:click={() => handleMailButtonClick()}
on:click={() => handleMailButtonClick(filteredMembers)}
>
<i class="fas fa-envelope"></i>
</button>
@@ -196,7 +220,108 @@
</div>
</div>
<div class="accordion">
{#each filteredUsers as user}
{#each filteredMembers as user}
<details class="accordion-item">
<summary class="accordion-header">
{user.first_name}
{user.last_name}
</summary>
<div class="accordion-content">
<table class="table">
<tbody>
<tr>
<th>{$t('user.id')}</th>
<td>{user.id}</td>
</tr>
<tr>
<th>{$t('name')}</th>
<td>{user.first_name} {user.last_name}</td>
</tr>
<tr>
<th>{$t('user.email')}</th>
<td>{user.email}</td>
</tr>
<tr>
<th>{$t('subscription.subscription')}</th>
<td>{user.membership?.subscription_model?.name}</td>
</tr>
<tr>
<th>{$t('status')}</th>
<td>{$t('userStatus.' + user.status)}</td>
</tr>
</tbody>
</table>
<div class="button-group">
<button class="btn primary" on:click={() => openEditUserModal(user)}>
<i class="fas fa-edit"></i>
{$t('edit')}
</button>
<form
method="POST"
action="?/userDelete"
use:enhance={() => {
return async ({ result }) => {
if (result.type === 'success' || result.type === 'redirect') {
await applyAction(result);
}
};
}}
on:submit|preventDefault={(/** @type {SubmitEvent} */ e) => {
if (
!confirm(
$t('dialog.user_deletion', {
values: {
firstname: user.first_name || '',
lastname: user.last_name || ''
}
})
)
) {
e.preventDefault(); // Cancel form submission if user declines
}
}}
>
<input type="hidden" name="user[id]" value={user.id} />
<input type="hidden" name="user[last_name]" value={user.last_name} />
<button class="btn danger" type="submit">
<i class="fas fa-trash"></i>
{$t('delete')}
</button>
</form>
</div>
</div>
</details>
{/each}
</div>
{:else if activeSection === 'supporter'}
<div class="section-header">
<h2>{$t('supporter')}</h2>
<div class="title-container">
<InputField
name="search"
bind:value={searchTerm}
placeholder={$t('placeholder.search')}
backgroundColor="--base"
/>
</div>
<div>
<button
class="btn primary"
aria-label="Mail Supporter"
on:click={() => handleMailButtonClick(filteredSupporters)}
>
<i class="fas fa-envelope"></i>
</button>
</div>
<div>
<button class="btn primary" on:click={() => openEditUserModal(null)}>
<i class="fas fa-plus"></i>
{$t('add_new')}
</button>
</div>
</div>
<div class="accordion">
{#each filteredSupporters as user}
<details class="accordion-item">
<summary class="accordion-header">
{user.first_name}
@@ -272,7 +397,7 @@
{:else if activeSection === 'subscriptions'}
<div class="section-header">
<h2>{$t('subscription.subscriptions')}</h2>
{#if user.role_id == 8}
{#if hasPrivilige(user, PERMISSIONS.Super)}
<button class="btn primary" on:click={() => openEditSubscriptionModal(null)}>
<i class="fas fa-plus"></i>
{$t('add_new')}
@@ -285,7 +410,7 @@
<summary class="accordion-header">
{subscription.name}
<span class="nav-badge"
>{users.filter(
>{members.filter(
(/** @type{App.Locals['user']}*/ user) =>
user.membership?.subscription_model?.name === subscription.name
).length}</span
@@ -328,7 +453,7 @@
</tr>
</tbody>
</table>
{#if user.role_id == 8}
{#if hasPrivilige(user, PERMISSIONS.Super)}
<div class="button-group">
<button
class="btn primary"
@@ -337,7 +462,7 @@
<i class="fas fa-edit"></i>
{$t('edit')}
</button>
{#if !users.some(/** @param{App.Locals['user']} user */ (user) => user.membership?.subscription_model?.id === subscription.id)}
{#if !members.some(/** @param{App.Locals['user']} user */ (user) => user.membership?.subscription_model?.id === subscription.id)}
<form
method="POST"
action="?/subscriptionDelete"
@@ -415,7 +540,7 @@
<Modal on:close={close}>
<UserEditForm
{form}
role_id={user.role_id}
editor={user}
user={selectedUser}
{subscriptions}
{licence_categories}

20
go-backend/internal/constants/constants.go
View File

@@ -66,22 +66,24 @@ var Priviliges = struct {
Update int8
Delete int8
}{
View: 1,
View: 2,
Update: 4,
Create: 4,
Delete: 4,
}
var Roles = struct {
Member int8
Viewer int8
Editor int8
Admin int8
Supporter int8
Member int8
Viewer int8
Editor int8
Admin int8
}{
Member: 0,
Viewer: 1,
Editor: 4,
Admin: 8,
Supporter: 0,
Member: 1,
Viewer: 2,
Editor: 4,
Admin: 8,
}
var MemberUpdateFields = map[string]bool{