new package dbHandler accesscontrol memeberdb and login with rights

backend/dbRequest/dbRequest.go

@@ -1,45 +0,0 @@
-package dbRequest
-
-import (
-	"backend/models"
-	"fmt"
-	"net/http"
-
-	"github.com/gin-gonic/gin"
-)
-
-var CreateUserTable string = `CREATE TABLE IF NOT EXISTS users (
-						id INTEGER PRIMARY KEY AUTOINCREMENT,
-						username TEXT NOT NULL,
-						email TEXT NOT NULL,
-						role TEXT NOT NULL,
-						password TEXT NOT NULL,
-						settings TEXT NOT NULL
-						);`
-
-var CreateRoleTable string = `CREATE TABLE IF NOT EXISTS roles (
-						id INTEGER PRIMARY KEY AUTOINCREMENT,
-						role TEXT NOT NULL,
-						rights TEXT NOT NULL
-						);`
-
-var NewUser string = `INSERT INTO users (username, email, role, password, settings) VALUES (?, ?, ?, ?, ?)`
-var NewRole = `INSERT INTO roles (role, rights) VALUES (?, ?)`
-var DBQueryPassword string = `SELECT id, role, password, settings FROM users WHERE username = ?`
-var DBUserLookup string = `SELECT EXISTS(SELECT 1 FROM users WHERE username = ?)`
-var DBRoleLookup string = `SELECT EXISTS(SELECT 1 FROM roles WHERE role = ?)`
-var DBRemoveUser string = `DELETE FROM users WHERE username = $1`
-var DBUpdateSettings string = `UPDATE users SET settings = ? WHERE username = ?`
-var DBUpdateRole string = `UPDATE roles SET rights = ? WHERE role = ?`
-
-func CheckDBError(c *gin.Context, username string, err error) bool {
-	if err != nil {
-		if err.Error() == "sql: no rows in result set" {
-			c.JSON(http.StatusBadRequest, models.NewJsonErrorMessageResponse(fmt.Sprintf("no user '%s' found", username)))
-			return true
-		}
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return true
-	}
-	return false
-}

backend/go.mod

@@ -3,29 +3,34 @@ module backend
 go 1.24.5
 
 require (
-	gitea.tecamino.com/paadi/memberDB v1.0.1
+	gitea.tecamino.com/paadi/access-handler v1.0.12
+	gitea.tecamino.com/paadi/memberDB v1.0.4
 	gitea.tecamino.com/paadi/tecamino-dbm v0.1.1
 	gitea.tecamino.com/paadi/tecamino-logger v0.2.1
 	github.com/gin-contrib/cors v1.7.6
 	github.com/gin-gonic/gin v1.11.0
-	github.com/golang-jwt/jwt/v5 v5.2.2
+	golang.org/x/crypto v0.43.0
-	golang.org/x/crypto v0.40.0
-	modernc.org/sqlite v1.39.0
 )
 
 require (
+	gitea.tecamino.com/paadi/dbHandler v1.0.4 // indirect
 	github.com/bytedance/sonic v1.14.0 // indirect
 	github.com/bytedance/sonic/loader v0.3.0 // indirect
 	github.com/cloudwego/base64x v0.1.6 // indirect
 	github.com/dustin/go-humanize v1.0.1 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.9 // indirect
 	github.com/gin-contrib/sse v1.1.0 // indirect
+	github.com/glebarez/go-sqlite v1.21.2 // indirect
+	github.com/glebarez/sqlite v1.11.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-playground/validator/v10 v10.27.0 // indirect
 	github.com/goccy/go-json v0.10.5 // indirect
 	github.com/goccy/go-yaml v1.18.0 // indirect
+	github.com/golang-jwt/jwt/v5 v5.3.0 // indirect
 	github.com/google/uuid v1.6.0 // indirect
+	github.com/jinzhu/inflection v1.0.0 // indirect
+	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/klauspost/cpuid/v2 v2.3.0 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
@@ -45,15 +50,17 @@ require (
 	go.uber.org/zap v1.27.0 // indirect
 	golang.org/x/arch v0.20.0 // indirect
 	golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b // indirect
-	golang.org/x/mod v0.25.0 // indirect
+	golang.org/x/mod v0.28.0 // indirect
-	golang.org/x/net v0.42.0 // indirect
+	golang.org/x/net v0.45.0 // indirect
-	golang.org/x/sync v0.16.0 // indirect
+	golang.org/x/sync v0.17.0 // indirect
-	golang.org/x/sys v0.35.0 // indirect
+	golang.org/x/sys v0.37.0 // indirect
-	golang.org/x/text v0.27.0 // indirect
+	golang.org/x/text v0.30.0 // indirect
-	golang.org/x/tools v0.34.0 // indirect
+	golang.org/x/tools v0.37.0 // indirect
 	google.golang.org/protobuf v1.36.9 // indirect
 	gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
+	gorm.io/gorm v1.31.0 // indirect
 	modernc.org/libc v1.66.3 // indirect
 	modernc.org/mathutil v1.7.1 // indirect
 	modernc.org/memory v1.11.0 // indirect
+	modernc.org/sqlite v1.39.0 // indirect
 )

backend/go.sum

@@ -1,5 +1,9 @@
-gitea.tecamino.com/paadi/memberDB v1.0.1 h1:hNnnoCeFRBEOQ+QmizF9nzvrQ8bNed8YrDln5jeRy2Y=
+gitea.tecamino.com/paadi/access-handler v1.0.12 h1:lSmW0YrBJJvCqCg0ukTJHlFUNwd7q6hFYtNd2rfztrE=
-gitea.tecamino.com/paadi/memberDB v1.0.1/go.mod h1:4tgbjrSZ2FZeJL68R2TFHPH34+aGxx5wtZxRmu6nZv4=
+gitea.tecamino.com/paadi/access-handler v1.0.12/go.mod h1:w71lpnuu5MgAWG3oiI9vsY2dWi4njF/iPrM/xV/dbBQ=
+gitea.tecamino.com/paadi/dbHandler v1.0.4 h1:ctnaec0GDdtw3gRQdUISVDYLJ9x+vt50VW41OemfhD4=
+gitea.tecamino.com/paadi/dbHandler v1.0.4/go.mod h1:y/xn/POJg1DO++67uKvnO23lJQgh+XFQq7HZCS9Getw=
+gitea.tecamino.com/paadi/memberDB v1.0.4 h1:2H7obSoMq4dW+VN8PsDOv1UK75hCtlF+NymU5NBGuw4=
+gitea.tecamino.com/paadi/memberDB v1.0.4/go.mod h1:iLm7nunVRzqJK8CV4PJVuWIhgPlQjNIaeOkmtfK5fMg=
 gitea.tecamino.com/paadi/tecamino-dbm v0.1.1 h1:vAq7mwUxlxJuLzCQSDMrZCwo8ky5usWi9Qz+UP+WnkI=
 gitea.tecamino.com/paadi/tecamino-dbm v0.1.1/go.mod h1:+tmf1rjPaKEoNeUcr1vdtoFIFweNG3aUGevDAl3NMBk=
 gitea.tecamino.com/paadi/tecamino-logger v0.2.1 h1:sQTBKYPdzn9mmWX2JXZBtGBvNQH7cuXIwsl4TD0aMgE=
@@ -23,6 +27,10 @@ github.com/gin-contrib/sse v1.1.0 h1:n0w2GMuUpWDVp7qSpvze6fAu9iRxJY4Hmj6AmBOU05w
 github.com/gin-contrib/sse v1.1.0/go.mod h1:hxRZ5gVpWMT7Z0B0gSNYqqsSCNIJMjzvm6fqCz9vjwM=
 github.com/gin-gonic/gin v1.11.0 h1:OW/6PLjyusp2PPXtyxKHU0RbX6I/l28FTdDlae5ueWk=
 github.com/gin-gonic/gin v1.11.0/go.mod h1:+iq/FyxlGzII0KHiBGjuNn4UNENUlKbGlNmc+W50Dls=
+github.com/glebarez/go-sqlite v1.21.2 h1:3a6LFC4sKahUunAmynQKLZceZCOzUthkRkEAl9gAXWo=
+github.com/glebarez/go-sqlite v1.21.2/go.mod h1:sfxdZyhQjTM2Wry3gVYWaW072Ri1WMdWJi0k6+3382k=
+github.com/glebarez/sqlite v1.11.0 h1:wSG0irqzP6VurnMEpFGer5Li19RpIRi2qvQz++w0GMw=
+github.com/glebarez/sqlite v1.11.0/go.mod h1:h8/o8j5wiAsqSPoWELDUdJXhjAhsVliSn7bWZjOhrgQ=
 github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
 github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
 github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
@@ -35,8 +43,8 @@ github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4=
 github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
 github.com/goccy/go-yaml v1.18.0 h1:8W7wMFS12Pcas7KU+VVkaiCng+kG8QiFeFwzFb+rwuw=
 github.com/goccy/go-yaml v1.18.0/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA=
-github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8=
+github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
-github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
+github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
 github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
 github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@@ -44,6 +52,10 @@ github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e h1:ijClszYn+mADRFY17k
 github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
+github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
+github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
+github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
 github.com/klauspost/cpuid/v2 v2.3.0 h1:S4CRMLnYUhGeDFDqkGriYKdfoFlDnMtqTiI/sFzhA9Y=
@@ -94,23 +106,23 @@ go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
 go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
 golang.org/x/arch v0.20.0 h1:dx1zTU0MAE98U+TQ8BLl7XsJbgze2WnNKF/8tGp/Q6c=
 golang.org/x/arch v0.20.0/go.mod h1:bdwinDaKcfZUGpH09BB7ZmOfhalA8lQdzl62l8gGWsk=
-golang.org/x/crypto v0.40.0 h1:r4x+VvoG5Fm+eJcxMaY8CQM7Lb0l1lsmjGBQ6s8BfKM=
+golang.org/x/crypto v0.43.0 h1:dduJYIi3A3KOfdGOHX8AVZ/jGiyPa3IbBozJ5kNuE04=
-golang.org/x/crypto v0.40.0/go.mod h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY=
+golang.org/x/crypto v0.43.0/go.mod h1:BFbav4mRNlXJL4wNeejLpWxB7wMbc79PdRGhWKncxR0=
 golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b h1:M2rDM6z3Fhozi9O7NWsxAkg/yqS/lQJ6PmkyIV3YP+o=
 golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b/go.mod h1:3//PLf8L/X+8b4vuAfHzxeRUl04Adcb341+IGKfnqS8=
-golang.org/x/mod v0.25.0 h1:n7a+ZbQKQA/Ysbyb0/6IbB1H/X41mKgbhfv7AfG/44w=
+golang.org/x/mod v0.28.0 h1:gQBtGhjxykdjY9YhZpSlZIsbnaE2+PgjfLWUQTnoZ1U=
-golang.org/x/mod v0.25.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
+golang.org/x/mod v0.28.0/go.mod h1:yfB/L0NOf/kmEbXjzCPOx1iK1fRutOydrCMsqRhEBxI=
-golang.org/x/net v0.42.0 h1:jzkYrhi3YQWD6MLBJcsklgQsoAcw89EcZbJw8Z614hs=
+golang.org/x/net v0.45.0 h1:RLBg5JKixCy82FtLJpeNlVM0nrSqpCRYzVU1n8kj0tM=
-golang.org/x/net v0.42.0/go.mod h1:FF1RA5d3u7nAYA4z2TkclSCKh68eSXtiFwcWQpPXdt8=
+golang.org/x/net v0.45.0/go.mod h1:ECOoLqd5U3Lhyeyo/QDCEVQ4sNgYsqvCZ722XogGieY=
-golang.org/x/sync v0.16.0 h1:ycBJEhp9p4vXvUZNszeOq0kGTPghopOL8q0fq3vstxw=
+golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug=
-golang.org/x/sync v0.16.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
+golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI=
+golang.org/x/sys v0.37.0 h1:fdNQudmxPjkdUTPnLn5mdQv7Zwvbvpaxqs831goi9kQ=
-golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/sys v0.37.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
-golang.org/x/text v0.27.0 h1:4fGWRpyh641NLlecmyl4LOe6yDdfaYNrGb2zdfo4JV4=
+golang.org/x/text v0.30.0 h1:yznKA/E9zq54KzlzBEAWn1NXSQ8DIp/NYMy88xJjl4k=
-golang.org/x/text v0.27.0/go.mod h1:1D28KMCvyooCX9hBiosv5Tz/+YLxj0j7XhWjpSUF7CU=
+golang.org/x/text v0.30.0/go.mod h1:yDdHFIX9t+tORqspjENWgzaCVXgk0yYnYuSZ8UzzBVM=
-golang.org/x/tools v0.34.0 h1:qIpSLOxeCYGg9TrcJokLBG4KFA6d795g0xkBkiESGlo=
+golang.org/x/tools v0.37.0 h1:DVSRzp7FwePZW356yEAChSdNcQo6Nsp+fex1SUW09lE=
-golang.org/x/tools v0.34.0/go.mod h1:pAP9OwEaY1CAW3HOmg3hLZC5Z0CCmzjAF2UQMSqNARg=
+golang.org/x/tools v0.37.0/go.mod h1:MBN5QPQtLMHVdvsbtarmTNukZDdgwdwlO5qGacAzF0w=
 google.golang.org/protobuf v1.36.9 h1:w2gp2mA27hUeUzj9Ex9FBjsBm40zfaDtEWow293U7Iw=
 google.golang.org/protobuf v1.36.9/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -119,6 +131,8 @@ gopkg.in/natefinch/lumberjack.v2 v2.2.1/go.mod h1:YD8tP3GAjkrDg1eZH7EGmyESg/lsYs
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gorm.io/gorm v1.31.0 h1:0VlycGreVhK7RF/Bwt51Fk8v0xLiiiFdbGDPIZQ7mJY=
+gorm.io/gorm v1.31.0/go.mod h1:XyQVbO2k6YkOis7C2437jSit3SsDK72s7n7rsSHd+Gs=
 modernc.org/cc/v4 v4.26.2 h1:991HMkLjJzYBIfha6ECZdjrIYz2/1ayr+FL8GN+CNzM=
 modernc.org/cc/v4 v4.26.2/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0=
 modernc.org/ccgo/v4 v4.28.0 h1:rjznn6WWehKq7dG4JtLRKxb52Ecv8OUGah8+Z/SfpNU=

backend/main.go

@@ -3,7 +3,6 @@ package main
 import (
 	"backend/models"
 	"backend/server"
-	"backend/user"
 	"backend/utils"
 	"flag"
 	"fmt"
@@ -14,9 +13,10 @@ import (
 	"strings"
 	"time"
 
+	AccessHandler "gitea.tecamino.com/paadi/access-handler"
+	dbApi "gitea.tecamino.com/paadi/memberDB/api"
 	"gitea.tecamino.com/paadi/tecamino-dbm/cert"
 
-	dbApi "gitea.tecamino.com/paadi/memberDB/api"
 	"gitea.tecamino.com/paadi/tecamino-logger/logging"
 	"github.com/gin-contrib/cors"
 	"github.com/gin-gonic/gin"
@@ -59,14 +59,14 @@ func main() {
 		TerminalOut: true,
 	})
 	if err != nil {
-		logger.Error("main new logger", err.Error())
+		logger.Error("main new logger", err)
 		panic(err)
 	}
 
 	//new login manager
-	userManager, err := user.NewUserManager(".")
+	accessHandler, err := AccessHandler.NewAccessHandler(".", logger)
 	if err != nil {
-		logger.Error("main login manager", err.Error())
+		logger.Error("main login manager", err)
 		panic(err)
 	}
 
@@ -74,7 +74,11 @@ func main() {
 	s := server.NewServer()
 
 	// initiate Database handler
-	dbHandler := dbApi.NewAPIHandler()
+	dbHandler, err := dbApi.NewAPIHandler(logger)
+	if err != nil {
+		logger.Error("main login manager", err)
+		panic(err)
+	}
 
 	//get local ip
 	httpString := "http://"
@@ -82,17 +86,18 @@ func main() {
 		httpString = "https://"
 
 	}
-	allowOrigins = append(allowOrigins, httpString+"localhost:9000", httpString+"localhost:9500", httpString+"127.0.0.1:9500")
+	allowOrigins = append(allowOrigins, httpString+"localhost:9000", httpString+"localhost:9500", httpString+"127.0.0.1:9500", httpString+"0.0.0.0:9500")
 
 	localIP, err := utils.GetLocalIP()
 	if err != nil {
-		logger.Error("main", fmt.Sprintf("get local ip : %s", err.Error()))
+		logger.Error("main", fmt.Sprintf("get local ip : %s", err))
 	} else {
 		allowOrigins = append(allowOrigins, fmt.Sprintf("%s%s:9000", httpString, localIP), fmt.Sprintf("%s%s:9500", httpString, localIP))
 	}
 
 	s.Routes.Use(cors.New(cors.Config{
-		AllowOrigins:     allowOrigins,
+		AllowOrigins: allowOrigins,
+		//AllowOrigins:     []string{"*"},
 		AllowMethods:     []string{"POST", "GET", "DELETE", "OPTIONS"},
 		AllowHeaders:     []string{"Origin", "Content-Type"},
 		ExposeHeaders:    []string{"Content-Length"},
@@ -100,21 +105,25 @@ func main() {
 		MaxAge:           12 * time.Hour,
 	}))
 
+	//set logger for AuthMiddleware
+	accessHandler.SetMiddlewareLogger(s.Routes)
 	api := s.Routes.Group("/api")
 	//set routes
 
 	//public
-	api.GET("/logout", userManager.Logout)
+	api.GET("/logout", accessHandler.Logout)
-	api.GET("/login/me", userManager.Me)
+	api.GET("/login/me", accessHandler.Me)
 
-	api.POST("/login", userManager.Login)
+	api.POST("/login", accessHandler.Login)
 
 	//private
-	auth := api.Group("/secure", user.AuthMiddleware())
+	auth := api.Group("", accessHandler.AuthMiddleware())
 
-	auth.GET("/users", userManager.GetUserById)
+	role := auth.Group("", accessHandler.AuthorizeRole("/api"))
-	auth.GET("/members", dbHandler.GetMemberById)
+	role.GET("/members", dbHandler.GetMember)
-	auth.GET("/roles", userManager.GetRoleById)
+
+	auth.GET("/users", accessHandler.GetUser)
+	auth.GET("/roles", accessHandler.GetRole)
 
 	auth.POST("database/open", dbHandler.OpenDatabase)
 	auth.POST("/members/add", dbHandler.AddNewMember)
@@ -122,23 +131,22 @@ func main() {
 	auth.POST("/members/delete", dbHandler.DeleteMember)
 	auth.POST("/members/import/csv", dbHandler.ImportCSV)
 
-	auth.POST("/settings/update", userManager.UpdateSettings)
+	auth.POST("/roles/add", accessHandler.AddRole)
+	auth.POST("/roles/update", accessHandler.UpdateRole)
+	auth.POST("/roles/delete", accessHandler.DeleteRole)
 
-	auth.POST("/roles/add", userManager.AddRole)
+	auth.POST("/users/add", accessHandler.AddUser)
-	auth.POST("/roles/update", userManager.UpdateRole)
+	auth.POST("/users/update", accessHandler.UpdateUser)
-	auth.POST("/roles/delete", userManager.DeleteRole)
+	auth.POST("/users/delete", accessHandler.DeleteUser)
 
-	auth.POST("/users/add", userManager.AddUser)
+	api.POST("/login/refresh", accessHandler.Refresh)
-	auth.POST("/users/delete", userManager.DeleteUser)
-
-	auth.POST("/login/refresh", userManager.Refresh)
 
 	// Serve static files
 	s.Routes.StaticFS("/assets", gin.Dir(filepath.Join(*spa, "assets"), true))
 	s.Routes.NoRoute(func(c *gin.Context) {
 		// Disallow fallback for /api paths
 		if strings.HasPrefix(c.Request.URL.Path, "/api") {
-			c.JSON(http.StatusNotFound, models.NewJsonErrorMessageResponse("API endpoint not found"))
+			c.JSON(http.StatusNotFound, models.NewJsonMessageResponse("API endpoint not found"))
 			return
 		}
 		// Try to serve file from SPA directory
@@ -155,7 +163,7 @@ func main() {
 	go func() {
 		time.Sleep(500 * time.Millisecond)
 		if err := utils.OpenBrowser(fmt.Sprintf("%slocalhost:%d", httpString, *port), logger); err != nil {
-			logger.Error("main", fmt.Sprintf("starting browser error : %s", err.Error()))
+			logger.Error("main", fmt.Sprintf("starting browser error : %s", err))
 		}
 	}()
 

backend/models/jsonResponse.go

@@ -5,16 +5,14 @@ type JsonResponse struct {
 	Message string `json:"message,omitempty"`
 }
 
-func NewJsonErrorMessageResponse(msg string) JsonResponse {
+func NewJsonMessageResponse(msg string) JsonResponse {
 	return JsonResponse{
-		Error:   true,
 		Message: msg,
 	}
 }
 
 func NewJsonErrorResponse(err error) JsonResponse {
 	return JsonResponse{
-		Error:   true,
 		Message: err.Error(),
 	}
 }

backend/models/rights.go

@@ -1,8 +1,6 @@
 package models
 
-type Rights struct {
+// type Rights struct {
-	Name   string `json:"name,omitempty"`
+// 	Name   string `json:"name"`
-	Read   bool   `json:"read,omitempty"`
+// 	Rights int    `json:"rights"`
-	Write  bool   `json:"write,omitempty"`
+// }
-	Delete bool   `json:"delete,omitempty"`
-}

backend/models/role.go

@@ -1,11 +1,11 @@
 package models
 
-type Role struct {
+// type Role struct {
-	Id     int      `json:"id"`
+// 	Id     int      `json:"id"`
-	Role   string   `json:"role"`
+// 	Role   string   `json:"role"`
-	Rights []Rights `json:"rights"`
+// 	Rights []Rights `json:"rights"`
-}
+// }
 
-func (r *Role) IsValid() bool {
+// func (r *Role) IsValid() bool {
-	return r.Role != ""
+// 	return r.Role != ""
-}
+// }

backend/models/settings.go

@@ -1,9 +1,11 @@
 package models
 
-type Settings struct {
+// type Settings struct {
-	PrimaryColor   string `json:"primaryColor,omitempty"`
+// 	PrimaryColor       string `json:"primaryColor,omitempty"`
-	SecondaryColor string `json:"secondaryColor,omitempty"`
+// 	PrimaryColorText   string `json:"primaryColorText,omitempty"`
-	Icon           string `json:"icon,omitempty"`
+// 	SecondaryColor     string `json:"secondaryColor,omitempty"`
-	DatabaseName   string `json:"databaseName,omitempty"`
+// 	SecondaryColorText string `json:"secondaryColorText,omitempty"`
-	DatabaseToken  string `json:"databaseToken,omitempty"`
+// 	Icon               string `json:"icon,omitempty"`
-}
+// 	DatabaseName       string `json:"databaseName,omitempty"`
+// 	DatabaseToken      string `json:"databaseToken,omitempty"`
+// }

backend/models/user.go

@@ -1,14 +1,14 @@
 package models
 
-type User struct {
+// type User struct {
-	Id       int      `json:"id"`
+// 	Id       int      `json:"id"`
-	Name     string   `json:"user"`
+// 	Name     string   `json:"user"`
-	Email    string   `json:"email"`
+// 	Email    string   `json:"email"`
-	Role     string   `json:"role"`
+// 	Role     string   `json:"role"`
-	Password string   `json:"password,omitempty"`
+// 	Password string   `json:"password,omitempty"`
-	Settings Settings `json:"settings"`
+// 	Settings Settings `json:"settings"`
-}
+// }
 
-func (u *User) IsValid() bool {
+// func (u *User) IsValid() bool {
-	return u.Name != ""
+// 	return u.Name != ""
-}
+// }

backend/user/Middleware.go

@@ -1,41 +0,0 @@
-package user
-
-import (
-	"net/http"
-
-	"github.com/gin-gonic/gin"
-	"github.com/golang-jwt/jwt/v5"
-)
-
-func AuthMiddleware() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		// Read access token from cookie
-		cookie, err := c.Cookie("access_token")
-		if err != nil {
-			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"message": "not logged in"})
-			return
-		}
-
-		token, err := jwt.Parse(cookie, func(t *jwt.Token) (any, error) {
-			return JWT_SECRET, nil
-		})
-		if err != nil || !token.Valid {
-			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"message": "invalid token"})
-			return
-		}
-		c.Next()
-	}
-}
-
-func AuthorizeRole(roles ...string) gin.HandlerFunc {
-	return func(c *gin.Context) {
-		userRole := c.GetString("role")
-		for _, role := range roles {
-			if userRole == role {
-				c.Next()
-				return
-			}
-			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"message": "Forbidden"})
-		}
-	}
-}

backend/user/login.go

@@ -1,181 +0,0 @@
-package user
-
-import (
-	"backend/dbRequest"
-	"backend/models"
-	"backend/utils"
-	"encoding/json"
-	"io"
-	"net/http"
-	"time"
-
-	"github.com/gin-gonic/gin"
-	"github.com/golang-jwt/jwt/v5"
-	_ "modernc.org/sqlite"
-)
-
-var JWT_SECRET = []byte("4h5Jza1Fn_zuzu&417%8nH*UH100+55-")
-var DOMAIN = "localhost"
-var ACCESS_TOKEN_TIME = 15 * time.Minute
-var REFRESH_TOKEN_TIME = 72 * time.Hour
-
-func (um *UserManager) Login(c *gin.Context) {
-	if !um.databaseOpened(c) {
-		return
-	}
-
-	body, err := io.ReadAll(c.Request.Body)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return
-	}
-
-	user := models.User{}
-	err = json.Unmarshal(body, &user)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return
-	}
-
-	if !user.IsValid() {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorMessageResponse("user empty"))
-		return
-	}
-
-	var storedPassword, settingsJsonString string
-	if err := um.database.QueryRow(dbRequest.DBQueryPassword, user.Name).Scan(&user.Id, &user.Role, &storedPassword, &settingsJsonString); dbRequest.CheckDBError(c, user.Name, err) {
-		return
-	}
-
-	err = json.Unmarshal([]byte(settingsJsonString), &user.Settings)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorMessageResponse(err.Error()))
-		return
-	}
-
-	if !utils.CheckPassword(user.Password, storedPassword) {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorMessageResponse("wrong password"))
-		return
-	}
-
-	// ---- Create JWT tokens ----
-	accessTokenExp := time.Now().Add(ACCESS_TOKEN_TIME)
-	refreshTokenExp := time.Now().Add(REFRESH_TOKEN_TIME)
-
-	// Create token
-	accessToken := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
-		"id":       user.Id,
-		"username": user.Name,
-		"role":     user.Role,
-		"type":     "access",
-		"exp":      accessTokenExp.Unix(),
-	})
-
-	refreshToken := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
-		"id":       user.Id,
-		"username": user.Name,
-		"role":     user.Role,
-		"type":     "refresh",
-		"exp":      refreshTokenExp.Unix(),
-	})
-
-	accessString, err := accessToken.SignedString(JWT_SECRET)
-	if err != nil {
-		c.JSON(http.StatusInternalServerError, models.NewJsonErrorMessageResponse("could not create access token"))
-		return
-	}
-
-	refreshString, err := refreshToken.SignedString(JWT_SECRET)
-	if err != nil {
-		c.JSON(http.StatusInternalServerError, models.NewJsonErrorMessageResponse("could not create refresh token"))
-		return
-	}
-
-	// ---- Set secure cookies ----
-	secure := gin.Mode() == gin.ReleaseMode
-	c.SetCookie("access_token", accessString, int(time.Until(accessTokenExp).Seconds()),
-		"/", "", secure, true) // Path=/, Secure=true (only HTTPS), HttpOnly=true
-	c.SetCookie("refresh_token", refreshString, int(time.Until(refreshTokenExp).Seconds()),
-		"/", "", secure, true)
-
-	c.JSON(http.StatusOK, gin.H{
-		"message":  "login successful",
-		"id":       user.Id,
-		"user":     user.Name,
-		"role":     user.Role,
-		"settings": user.Settings,
-	})
-}
-
-func (um *UserManager) Refresh(c *gin.Context) {
-	refreshCookie, err := c.Cookie("refresh_token")
-	if err != nil {
-		c.JSON(http.StatusUnauthorized, gin.H{"message": "no refresh token"})
-		return
-	}
-
-	token, err := jwt.Parse(refreshCookie, func(token *jwt.Token) (any, error) {
-		return JWT_SECRET, nil
-	})
-	if err != nil || !token.Valid {
-		c.JSON(http.StatusUnauthorized, gin.H{"message": "invalid refresh token"})
-		return
-	}
-
-	claims, ok := token.Claims.(jwt.MapClaims)
-	if !ok || claims["type"] != "refresh" {
-		c.JSON(http.StatusUnauthorized, gin.H{"message": "invalid token type"})
-		return
-	}
-
-	username := claims["username"].(string)
-	id := claims["id"].(float64)
-	role := claims["role"].(string)
-
-	// new access token
-	accessExp := time.Now().Add(ACCESS_TOKEN_TIME)
-	newAccess := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
-		"id":       id,
-		"username": username,
-		"role":     role,
-		"exp":      accessExp.Unix(),
-	})
-	accessString, _ := newAccess.SignedString(JWT_SECRET)
-
-	c.SetCookie("access_token", accessString, int(time.Until(accessExp).Seconds()), "/", DOMAIN, gin.Mode() == gin.ReleaseMode, true)
-	c.JSON(http.StatusOK, gin.H{"message": "token refreshed"})
-}
-
-func (um *UserManager) Me(c *gin.Context) {
-	// Read access token from cookie
-	cookie, err := c.Cookie("access_token")
-	if err != nil {
-		c.JSON(http.StatusUnauthorized, gin.H{"message": "not logged in"})
-		return
-	}
-
-	// Verify token
-	token, err := jwt.Parse(cookie, func(t *jwt.Token) (any, error) {
-		return JWT_SECRET, nil
-	})
-	if err != nil || !token.Valid {
-		c.JSON(http.StatusUnauthorized, gin.H{"message": "invalid token"})
-		return
-	}
-
-	claims := token.Claims.(jwt.MapClaims)
-	c.JSON(http.StatusOK, gin.H{
-		"id":   claims["id"],
-		"user": claims["username"],
-		"role": claims["role"],
-	})
-}
-
-func (um *UserManager) Logout(c *gin.Context) {
-	secure := gin.Mode() == gin.ReleaseMode
-
-	c.SetCookie("access_token", "", -1, "/", DOMAIN, secure, true)
-	c.SetCookie("refresh_token", "", -1, "/", DOMAIN, secure, true)
-
-	c.JSON(http.StatusOK, gin.H{"message": "logged out"})
-}

backend/user/manager.go

@@ -1,261 +0,0 @@
-package user
-
-import (
-	"backend/dbRequest"
-	"backend/models"
-	"backend/utils"
-	"database/sql"
-	"encoding/json"
-	"errors"
-	"fmt"
-	"io"
-	"net/http"
-	"os"
-	"strconv"
-	"strings"
-
-	"github.com/gin-gonic/gin"
-)
-
-type UserManager struct {
-	database *sql.DB
-}
-
-func NewUserManager(dir string) (*UserManager, error) {
-	if dir == "" {
-		dir = "."
-	}
-
-	var err error
-	var um UserManager
-	file := fmt.Sprintf("%s/user.db", dir)
-
-	um.database, err = sql.Open("sqlite", file)
-	if err != nil {
-		return nil, err
-	}
-
-	if _, err := os.Stat(file); err != nil {
-		_, err = um.database.Exec(dbRequest.CreateUserTable)
-		if err != nil {
-			return nil, err
-		}
-
-		hash, err := utils.HashPassword("tecamino@2025")
-		if err != nil {
-			return nil, err
-		}
-		_, err = um.database.Exec(dbRequest.NewUser, "admin", "", "admin", hash, `{"databaseName":"members.dba","primaryColor":"#1976d2", "secondaryColor":"#26a69a"}`)
-		if err != nil {
-			return nil, err
-		}
-	}
-	return &um, nil
-}
-
-func (um *UserManager) databaseOpened(c *gin.Context) bool {
-	if um.database == nil {
-		c.JSON(http.StatusBadRequest, gin.H{
-			"message": "no database opened",
-		})
-		return false
-	}
-	return true
-}
-
-func (um *UserManager) AddUser(c *gin.Context) {
-	if !um.databaseOpened(c) {
-		return
-	}
-
-	body, err := io.ReadAll(c.Request.Body)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return
-	}
-
-	user := models.User{}
-	err = json.Unmarshal(body, &user)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return
-	}
-
-	if !user.IsValid() {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorMessageResponse("user empty"))
-		return
-	}
-
-	var exists bool
-
-	if err := um.database.QueryRow(dbRequest.DBUserLookup, user.Name).Scan(&exists); dbRequest.CheckDBError(c, user.Name, err) {
-		return
-	}
-
-	if exists {
-		c.JSON(http.StatusOK, models.NewJsonErrorMessageResponse(fmt.Sprintf("user '%s' exists already", user.Name)))
-		return
-	}
-
-	hash, err := utils.HashPassword(user.Password)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return
-	}
-
-	if !utils.IsValidEmail(user.Email) {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(errors.New("not valid email address")))
-		return
-	}
-
-	if _, err := um.database.Exec(dbRequest.NewUser, user.Name, user.Email, user.Role, hash, "{}"); dbRequest.CheckDBError(c, user.Name, err) {
-		return
-	}
-
-	c.JSON(http.StatusOK, gin.H{
-		"message": fmt.Sprintf("user '%s' successfully added", user.Name),
-	})
-}
-
-func (um *UserManager) GetUserById(c *gin.Context) {
-	if !um.databaseOpened(c) {
-		return
-	}
-
-	var i int
-	var err error
-
-	id := c.Query("id")
-	if id != "" {
-		i, err = strconv.Atoi(id)
-		if err != nil {
-			c.JSON(http.StatusBadRequest, gin.H{
-				"message": err.Error(),
-			})
-			return
-		}
-	}
-
-	query := `SELECT id, username, email, role, settings FROM users`
-	var args any
-	if i > 0 {
-		query = `
-		SELECT  id, username, email, role, settings FROM users
-		WHERE id = ? 
-	`
-		args = i
-	}
-
-	rows, err := um.database.Query(query, args)
-	if err != nil {
-		return
-	}
-	defer rows.Close()
-
-	var users []models.User
-
-	for rows.Next() {
-		var id int
-		var name, email, role, settingsString string
-		if err = rows.Scan(&id, &name, &email, &role, &settingsString); err != nil {
-			c.JSON(http.StatusBadRequest, gin.H{
-				"message": err.Error(),
-			})
-			return
-		}
-
-		var settings models.Settings
-		err := json.Unmarshal([]byte(settingsString), &settings)
-		if err != nil {
-			c.JSON(http.StatusBadRequest, gin.H{
-				"message": err.Error(),
-			})
-			return
-		}
-
-		users = append(users, models.User{
-			Id:       id,
-			Name:     name,
-			Email:    email,
-			Role:     role,
-			Settings: settings,
-		})
-	}
-
-	if err != nil {
-		c.JSON(http.StatusBadRequest, gin.H{
-			"message": err.Error(),
-		})
-		return
-	}
-	c.JSON(http.StatusOK, users)
-}
-
-func (um *UserManager) DeleteUser(c *gin.Context) {
-	if !um.databaseOpened(c) {
-		return
-	}
-
-	queryId := c.Query("id")
-
-	if queryId == "" || queryId == "null" || queryId == "undefined" {
-		c.JSON(http.StatusBadRequest, gin.H{
-			"message": "id query missing or wrong value: " + queryId,
-		})
-		return
-	}
-
-	var request struct {
-		Ids []int `json:"ids"`
-	}
-
-	err := c.BindJSON(&request)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, gin.H{
-			"message": err.Error(),
-		})
-		return
-	}
-
-	if len(request.Ids) == 0 {
-		c.JSON(http.StatusBadRequest, gin.H{
-			"message": "no ids given to be deleted",
-		})
-		return
-	}
-
-	var ownId string
-	placeholders := make([]string, len(request.Ids))
-	args := make([]any, len(request.Ids))
-	for i, id := range request.Ids {
-		if queryId == fmt.Sprint(id) {
-			ownId = queryId
-			continue
-		}
-
-		placeholders[i] = "?"
-		args[i] = id
-	}
-
-	query := fmt.Sprintf("DELETE FROM users WHERE id IN (%s)", strings.Join(placeholders, ","))
-
-	_, err = um.database.Exec(query, args...)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, gin.H{
-			"message": err.Error(),
-		})
-		return
-	}
-
-	if ownId != "" {
-		c.JSON(http.StatusBadRequest, gin.H{
-			"message": "can not delete logged in member id: " + queryId,
-			"id":      queryId,
-		})
-		return
-	}
-
-	c.JSON(http.StatusOK, gin.H{
-		"message": "member(s) deleted",
-	})
-}

backend/user/roles.go

@@ -1,245 +0,0 @@
-package user
-
-import (
-	"backend/dbRequest"
-	"backend/models"
-	"encoding/json"
-	"fmt"
-	"io"
-	"net/http"
-	"strconv"
-	"strings"
-
-	"github.com/gin-gonic/gin"
-)
-
-func (um *UserManager) AddRole(c *gin.Context) {
-	if !um.databaseOpened(c) {
-		return
-	}
-
-	body, err := io.ReadAll(c.Request.Body)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return
-	}
-
-	role := models.Role{}
-	err = json.Unmarshal(body, &role)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return
-	}
-
-	if !role.IsValid() {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorMessageResponse("user empty"))
-		return
-	}
-
-	var exists bool
-
-	if err := um.database.QueryRow(dbRequest.DBRoleLookup, role.Role).Scan(&exists); dbRequest.CheckDBError(c, role.Role, err) {
-		return
-	}
-
-	if exists {
-		c.JSON(http.StatusOK, models.NewJsonErrorMessageResponse(fmt.Sprintf("role '%s' exists already", role.Role)))
-		return
-	}
-
-	jsonBytes, err := json.Marshal(role.Rights)
-	if err != nil {
-		c.JSON(http.StatusOK, models.NewJsonErrorMessageResponse(err.Error()))
-		return
-	}
-
-	if _, err := um.database.Exec(dbRequest.NewRole, role.Role, string(jsonBytes)); dbRequest.CheckDBError(c, role.Role, err) {
-		return
-	}
-
-	c.JSON(http.StatusOK, gin.H{
-		"message": fmt.Sprintf("role '%s' successfully added", role.Role),
-	})
-}
-
-func (um *UserManager) GetRoleById(c *gin.Context) {
-	if !um.databaseOpened(c) {
-		return
-	}
-
-	if _, err := um.database.Exec(dbRequest.CreateRoleTable); err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return
-	}
-
-	var i int
-	var err error
-
-	id := c.Query("id")
-	if id != "" {
-		i, err = strconv.Atoi(id)
-		if err != nil {
-			c.JSON(http.StatusBadRequest, gin.H{
-				"message": err.Error(),
-			})
-			return
-		}
-	}
-
-	query := `SELECT id, role, rights FROM roles`
-	var args any
-	if i > 0 {
-		query = `
-		SELECT  id, role, rights  FROM users
-		WHERE id = ? 
-	`
-		args = i
-	}
-
-	rows, err := um.database.Query(query, args)
-	if err != nil {
-		return
-	}
-	defer rows.Close()
-
-	var roles []models.Role
-
-	for rows.Next() {
-		var id int
-		var role, rightsString string
-		if err = rows.Scan(&id, &role, &rightsString); err != nil {
-			c.JSON(http.StatusBadRequest, gin.H{
-				"message": err.Error(),
-			})
-			return
-		}
-
-		var data struct {
-			Rights []models.Rights `json:"rights"`
-		}
-		err := json.Unmarshal([]byte(rightsString), &data)
-		if err != nil {
-			c.JSON(http.StatusBadRequest, gin.H{
-				"message": err.Error(),
-			})
-			return
-		}
-
-		roles = append(roles, models.Role{
-			Id:     id,
-			Role:   role,
-			Rights: data.Rights,
-		})
-	}
-
-	if err != nil {
-		c.JSON(http.StatusBadRequest, gin.H{
-			"message": err.Error(),
-		})
-		return
-	}
-	c.JSON(http.StatusOK, roles)
-}
-
-func (um *UserManager) UpdateRole(c *gin.Context) {
-	if !um.databaseOpened(c) {
-		return
-	}
-
-	body, err := io.ReadAll(c.Request.Body)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return
-	}
-
-	role := models.Role{}
-	err = json.Unmarshal(body, &role)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return
-	}
-
-	jsonBytes, err := json.Marshal(role)
-	if err != nil {
-		c.JSON(http.StatusOK, models.NewJsonErrorMessageResponse(err.Error()))
-		return
-	}
-
-	if _, err := um.database.Exec(dbRequest.DBUpdateRole, string(jsonBytes), role.Role); err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return
-	}
-
-	c.JSON(http.StatusOK, gin.H{
-		"message": fmt.Sprintf("role rights '%s' successfully updated", role.Role),
-	})
-}
-
-func (um *UserManager) DeleteRole(c *gin.Context) {
-	if !um.databaseOpened(c) {
-		return
-	}
-
-	queryRole := c.Query("role")
-
-	if queryRole == "" || queryRole == "null" || queryRole == "undefined" {
-		c.JSON(http.StatusBadRequest, gin.H{
-			"message": "role query missing or wrong value: " + queryRole,
-		})
-		return
-	}
-
-	var request struct {
-		Roles []string `json:"roles"`
-	}
-
-	err := c.BindJSON(&request)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, gin.H{
-			"message": err.Error(),
-		})
-		return
-	}
-
-	if len(request.Roles) == 0 {
-		c.JSON(http.StatusBadRequest, gin.H{
-			"message": "no roles given to be deleted",
-		})
-		return
-	}
-
-	var ownRole string
-	placeholders := make([]string, len(request.Roles))
-	args := make([]any, len(request.Roles))
-	for i, role := range request.Roles {
-		if ownRole == role {
-			ownRole = queryRole
-			continue
-		}
-
-		placeholders[i] = "?"
-		args[i] = role
-	}
-
-	query := fmt.Sprintf("DELETE FROM roles WHERE role IN (%s)", strings.Join(placeholders, ","))
-
-	_, err = um.database.Exec(query, args...)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, gin.H{
-			"message": err.Error(),
-		})
-		return
-	}
-
-	if ownRole != "" {
-		c.JSON(http.StatusBadRequest, gin.H{
-			"message": "can not delete logged in role id: " + ownRole,
-			"role":    ownRole,
-		})
-		return
-	}
-
-	c.JSON(http.StatusOK, gin.H{
-		"message": "role(s) deleted",
-	})
-}

backend/user/settings.go

@@ -1,46 +0,0 @@
-package user
-
-import (
-	"backend/dbRequest"
-	"backend/models"
-	"encoding/json"
-	"fmt"
-	"io"
-	"net/http"
-
-	"github.com/gin-gonic/gin"
-)
-
-func (um *UserManager) UpdateSettings(c *gin.Context) {
-	if !um.databaseOpened(c) {
-		return
-	}
-
-	body, err := io.ReadAll(c.Request.Body)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return
-	}
-
-	user := models.User{}
-	err = json.Unmarshal(body, &user)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return
-	}
-
-	jsonBytes, err := json.Marshal(user.Settings)
-	if err != nil {
-		c.JSON(http.StatusOK, models.NewJsonErrorMessageResponse(err.Error()))
-		return
-	}
-
-	if _, err := um.database.Exec(dbRequest.DBUpdateSettings, string(jsonBytes), user.Name); err != nil {
-		c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
-		return
-	}
-
-	c.JSON(http.StatusOK, gin.H{
-		"message": fmt.Sprintf("user settings '%s' successfully updated", user.Name),
-	})
-}

backend/utils/utils.go

@@ -6,7 +6,6 @@ import (
 	"os"
 	"os/exec"
 	"path/filepath"
-	"regexp"
 	"runtime"
 
 	"gitea.tecamino.com/paadi/tecamino-logger/logging"
@@ -64,8 +63,3 @@ func FindAllFiles(rootDir, fileExtention string) (files []string, err error) {
 	})
 	return
 }
-
-func IsValidEmail(email string) bool {
-	re := regexp.MustCompile(`^[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}$`)
-	return re.MatchString(email)
-}

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "lightcontrol",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "lightcontrol",
-      "version": "1.0.0",
+      "version": "1.0.1",
       "hasInstallScript": true,
       "dependencies": {
         "@capacitor-community/sqlite": "^7.0.1",
@@ -19,12 +19,15 @@
         "vue": "^3.4.18",
         "vue-i18n": "^11.1.12",
         "vue-router": "^4.0.12",
-        "vuedraggable": "^4.1.0"
+        "vue3-touch-events": "^5.0.13",
+        "vuedraggable": "^4.1.0",
+        "zxcvbn": "^4.4.2"
       },
       "devDependencies": {
         "@eslint/js": "^9.14.0",
         "@quasar/app-vite": "^2.1.0",
         "@types/node": "^20.5.9",
+        "@types/zxcvbn": "^4.4.5",
         "@vue/eslint-config-prettier": "^10.1.0",
         "@vue/eslint-config-typescript": "^14.4.0",
         "autoprefixer": "^10.4.2",
@@ -1883,6 +1886,13 @@
         "@types/send": "*"
       }
     },
+    "node_modules/@types/zxcvbn": {
+      "version": "4.4.5",
+      "resolved": "https://registry.npmjs.org/@types/zxcvbn/-/zxcvbn-4.4.5.tgz",
+      "integrity": "sha512-FZJgC5Bxuqg7Rhsm/bx6gAruHHhDQ55r+s0JhDh8CQ16fD7NsJJ+p8YMMQDhSQoIrSmjpqqYWA96oQVMNkjRyA==",
+      "dev": true,
+      "license": "MIT"
+    },
     "node_modules/@typescript-eslint/eslint-plugin": {
       "version": "8.31.1",
       "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.31.1.tgz",
@@ -8222,6 +8232,15 @@
         "typescript": ">=5.0.0"
       }
     },
+    "node_modules/vue3-touch-events": {
+      "version": "5.0.13",
+      "resolved": "https://registry.npmjs.org/vue3-touch-events/-/vue3-touch-events-5.0.13.tgz",
+      "integrity": "sha512-VOprVhKsL5DaistDFU0+oLJz/LaFzVENeUzs4Hp3PeD0TVx1vNEgNgS/9WehUHlUIUuCdnmLm0TkmITjwVmUBQ==",
+      "license": "MIT",
+      "peerDependencies": {
+        "vue": "^3.0.0"
+      }
+    },
     "node_modules/vuedraggable": {
       "version": "4.1.0",
       "resolved": "https://registry.npmjs.org/vuedraggable/-/vuedraggable-4.1.0.tgz",
@@ -8415,6 +8434,12 @@
       "engines": {
         "node": ">= 14"
       }
+    },
+    "node_modules/zxcvbn": {
+      "version": "4.4.2",
+      "resolved": "https://registry.npmjs.org/zxcvbn/-/zxcvbn-4.4.2.tgz",
+      "integrity": "sha512-Bq0B+ixT/DMyG8kgX2xWcI5jUvCwqrMxSFam7m0lAf78nf04hv6lNCsyLYdyYTrCVMqNDY/206K7eExYCeSyUQ==",
+      "license": "MIT"
     }
   }
 }

package.json

@@ -1,6 +1,6 @@
 {
   "name": "lightcontrol",
-  "version": "1.0.1",
+  "version": "1.0.4",
   "description": "A Tecamino App",
   "productName": "Member Database",
   "author": "A. Zuercher",
@@ -25,12 +25,15 @@
     "vue": "^3.4.18",
     "vue-i18n": "^11.1.12",
     "vue-router": "^4.0.12",
-    "vuedraggable": "^4.1.0"
+    "vue3-touch-events": "^5.0.13",
+    "vuedraggable": "^4.1.0",
+    "zxcvbn": "^4.4.2"
   },
   "devDependencies": {
     "@eslint/js": "^9.14.0",
     "@quasar/app-vite": "^2.1.0",
     "@types/node": "^20.5.9",
+    "@types/zxcvbn": "^4.4.5",
     "@vue/eslint-config-prettier": "^10.1.0",
     "@vue/eslint-config-typescript": "^14.4.0",
     "autoprefixer": "^10.4.2",

quasar.config.ts

@@ -109,7 +109,7 @@ export default defineConfig((/* ctx */) => {
       // you can manually specify Quasar components/directives to be available everywhere:
       //
       // components: [],
-      // directives: [],
+      //directives: [],
 
       // Quasar plugins
       plugins: ['Notify', 'Dialog'],

src/assets/lang/de-CH.yaml

@@ -37,7 +37,9 @@ password: Passwort
 isRequired: isch erforderlich
 colors: Farbe
 primaryColor: Primär Farb
+primaryColorText: Primär Text Farb
 secondaryColor: Sekondär Farb
+secondaryColorText: Sekondär Text Farb
 database: Datebank
 general: Augemein
 setColors: Setz Farbe
@@ -51,12 +53,31 @@ role: Rolle
 addNewUser: Füeg neue Benutzer hinzue
 expires: Ablouf
 selectUserOptions: Wähle Benutzer Optione
-prenameIsRequired: Vorname ist erforderlich
+prenameIsRequired: Vorname isch erforderlich
-lastNameIsRequired: Nachname ist erforderlich
+lastNameIsRequired: Nachname isch erforderlich
-birthdayIsRequired: Geburtstag ist erforderlich
+birthdayIsRequired: Geburtstag isch erforderlich
-userIsRequired: Benutzer ist erforderlich
+userIsRequired: Benutzer isch erforderlich
-emailIsRequired: Email ist erforderlich
+emailIsRequired: Email isch erforderlich
-roleIsRequired: Rolle ist erforderlich
+roleIsRequired: Rolle isch erforderlich
-rights: Recht
+permissions: Recht
 selectRoleOptions: Wähle Roue Optione
 addNewRole: Füeg neui Roue hinzue
+veryWeak: sehr Schwach
+weak: Schwach
+fair: So so
+good: Guet
+strong: Stark
+passwordIsRequired: Password isch erforderlich
+passwordTooShort: Ds Passwort mues mindestens 8 Zeiche läng si
+passwordNeedsUppercase: Ds Passwort mues mindestens ei Grossbuechstabe enthaute
+passwordNeedsLowercase: Ds Passwort mues mindestens ei Chlibuechstabe enthaute
+passwordNeedsNumber: Ds Passwort mues mindestens ei Zau enthaute
+passwordNeedsSpecial: Ds Passwort mues mindestens eis Sonderzeiche enthaute
+passwordDoNotMatch: Passwörter stimme nid überei
+read: Lese
+write: Schribe
+userSettings: Benutzer Istellige
+members: Mitglider
+attendanceTable: Anweseheits Tabelle
+excursionTable: Usflugs Tabelle
+updated: aktualisiert

src/assets/lang/de-DE.yaml

@@ -37,7 +37,9 @@ password: Passwort
 isRequired: ist erforderlich
 colors: Farben
 primaryColor: Primär Farbe
+primaryColorText: Primär Text Farbe
 secondaryColor: Sekondär Farbe
+secondaryColorText: Sekondär Text Farbe
 database: Datenbank
 general: Allgemein
 setColors: Setze Farben
@@ -57,6 +59,25 @@ birthdayIsRequired: Geburtstag ist erforderlich
 userIsRequired: Benutzer ist erforderlich
 emailIsRequired: Email ist erforderlich
 roleIsRequired: Rolle ist erforderlich
-rights: Rechte
+permissions: Rechte
 selectRoleOptions: Wähle Rollen Option
 addNewRole: Füge neue Rolle hinzu
+veryWeak: sehr Schwach
+weak: Schwach
+fair: Ausreichend
+good: Gut
+strong:
+passwordIsRequired: Password ist erforderlich
+passwordTooShort: Das Passwort muss mindestens 8 Zeichen lang sein
+passwordNeedsUppercase: Das Passwort muss mindestens einen Großbuchstaben enthalten
+passwordNeedsLowercase: Das Passwort muss mindestens einen Kleinbuchstaben enthalten
+passwordNeedsNumber: Das Passwort muss mindestens eine Zahl enthalten
+passwordNeedsSpecial: Das Passwort muss mindestens ein Sonderzeichen enthalten
+passwordDoNotMatch: Passwörter stimmen nicht überein
+read: Lesen
+write: Schreiben
+userSettings: Benutzer Einstellungen
+members: Mitglieder
+attendanceTable: Anwesenheits Tabelle
+excursionTable: Ausflugs Tabelle
+updated: aktualisiert

src/assets/lang/en-US.yaml

@@ -37,7 +37,9 @@ password: Password
 isRequired: is required
 colors: Colors
 primaryColor: Primary Color
+primaryColorText: Primary Text Color
 secondaryColor: Secondary Color
+secondaryColorText: Secondary Text Color
 database: Database
 general: General
 setColors: Set Colors
@@ -57,6 +59,25 @@ birthdayIsRequired: Birthday is required
 userIsRequired: User is required
 emailIsRequired: Email is required
 roleIsRequired: Role is required
-rights: Rights
+permissions: Permissions
 selectRoleOptions: Select Role Options
 addNewRole: Add new Role
+veryWeak: very Weak
+weak: Weak
+fair: Fair
+good: Good
+strong: Strong
+passwordIsRequired: Password is required
+passwordTooShort: Password must be at least 8 characters long
+passwordNeedsUppercase: Password must contain at least one uppercase letter
+passwordNeedsLowercase: Password must contain at least one lowercase letter
+passwordNeedsNumber: Password must contain at least one number
+passwordNeedsSpecial: Password must contain at least one special character
+passwordDoNotMatch: Password do not match
+read: Read
+write: Write
+userSettings: User Settings
+members: Members
+attendanceTable: Attendance Table
+excursionTable: Excursion Table
+updated: updated

src/boot/auth.ts

@@ -14,7 +14,9 @@ export default boot(async ({ app }) => {
   await appApi
     .get('/login/me')
     .then((resp) => {
-      useStore.setUser({ id: resp.data.id, username: resp.data.username, role: resp.data.role });
+      useStore
+        .setUser({ id: resp.data.id, username: resp.data.username, role: resp.data.role })
+        .catch((err) => console.log(err));
       login.refresh().catch((err) => console.error(err));
     })
     .catch(() => {

src/boot/axios.ts

@@ -17,7 +17,7 @@ interface RetryRequestConfig extends AxiosRequestConfig {
   _retry?: boolean;
 }
 
-const noRefreshEndpoints = ['/login', '/secure/login/refresh', '/logout'];
+const noRefreshEndpoints = ['/login', '/login/refresh', '/logout'];
 
 // ========= Refresh Queue Handling ========= //
 let isRefreshing = false;

src/boot/quasar-global.ts

@@ -1,6 +1,6 @@
 import { boot } from 'quasar/wrappers';
-import { setQuasarInstance } from 'src/utils/globalQ';
+import { setQuasarInstance } from 'src/vueLib/utils/globalQ';
-import { setRouterInstance } from 'src/utils/globalRouter';
+import { setRouterInstance } from 'src/vueLib/utils/globalRouter';
 import { databaseName } from 'src/vueLib/tables/members/MembersTable';
 import { Logo } from 'src/vueLib/models/logo';
 
@@ -15,11 +15,29 @@ export default boot(({ app, router }) => {
   if (primaryColor == null || primaryColor === 'undefined' || primaryColor.trim() === '') {
     primaryColor = null;
   }
+  let primaryColorText = localStorage.getItem('primaryColorText');
+  if (
+    primaryColorText == null ||
+    primaryColorText === 'undefined' ||
+    primaryColorText.trim() === ''
+  ) {
+    primaryColorText = null;
+  }
   let secondaryColor = localStorage.getItem('secondaryColor');
   if (secondaryColor == null || secondaryColor === 'undefined' || secondaryColor.trim() === '') {
     secondaryColor = null;
   }
+  let secondaryColorText = localStorage.getItem('secondaryColorText');
+  if (
+    secondaryColorText == null ||
+    secondaryColorText === 'undefined' ||
+    secondaryColorText.trim() === ''
+  ) {
+    secondaryColorText = null;
+  }
 
   document.documentElement.style.setProperty('--q-primary', primaryColor ?? '#1976d2');
+  document.documentElement.style.setProperty('--q-primary-text', primaryColorText ?? '#ffffff');
   document.documentElement.style.setProperty('--q-secondary', secondaryColor ?? '#26a69a');
+  document.documentElement.style.setProperty('--q-secondary-text', secondaryColorText ?? '#ffffff');
 });

src/components/EditOneDialog.vue

@@ -29,6 +29,16 @@ const localTitle = ref('');
 const localField = ref('');
 const value = ref('');
 
+const props = defineProps({
+  endpoint: {
+    type: String,
+    required: true,
+  },
+  queryId: {
+    type: Boolean,
+  },
+});
+
 const emit = defineEmits(['update']);
 const { NotifyResponse } = useNotify();
 
@@ -42,7 +52,10 @@ function open(label: string, field: string, member: Member) {
 }
 
 function save() {
-  const query = 'secure/members/edit?id=' + localMember.value.id;
+  let query = props.endpoint;
+  if (props.queryId) {
+    query += '?id=' + localMember.value.id;
+  }
   let payload = {};
 
   if (value.value === localMember.value[localField.value]) {
@@ -50,13 +63,15 @@ function save() {
     return;
   }
   payload = {
+    id: localMember.value.id,
     [localField.value]: value.value,
   };
 
   appApi
     .post(query, payload)
-    .then(() => {
+    .then((resp) => {
-      emit('update', '');
+      emit('update');
+      NotifyResponse(resp.data);
       dialog.value.close();
     })
     .catch((err) => {

src/components/MemberEditAllDialog.vue

@@ -161,9 +161,9 @@ async function save() {
 
   if (!valid) return;
 
-  let query = 'secure/members/edit?id=' + localMember.value.id;
+  let query = 'members/edit?id=' + localMember.value.id;
   if (newMember.value) {
-    query = 'secure/members/add';
+    query = 'members/add';
   }
 
   appApi

src/components/RoleEditAllDialog.vue

@@ -2,18 +2,29 @@
   <DialogFrame
     ref="dialog"
     :header-title="newRole ? $t('addNewRole') : 'Edit ' + localRole.role"
-    :height="600"
+    :height="700"
     :width="500"
   >
-    <div class="row justify-center q-gutter-md">
+    <div class="row justify-center">
       <q-input
-        class="q-ml-md col-5 required"
+        v-if="showRoleField"
+        class="q-my-lg col-5 required"
         :label="$t('role')"
         filled
         :rules="[(val) => !!val || $t('roleIsRequired')]"
         v-model="localRole.role"
         autofocus
       ></q-input>
+      <q-card>
+        <q-card-section class="text-h5 text-bold text-primary flex justify-center">{{
+          $t('permissions')
+        }}</q-card-section>
+        <q-separator color="black" />
+        <PermissionsCheckBoxGroup
+          :permissions="localRole.permissions || []"
+          v-on:update="(val) => (localRole.permissions = val)"
+        />
+      </q-card>
     </div>
     <div class="row justify-center">
       <q-btn class="q-ma-md" color="primary" no-caps @click="save">Save</q-btn>
@@ -27,29 +38,35 @@ import { ref } from 'vue';
 import { appApi } from 'src/boot/axios';
 import type { Role } from 'src/vueLib/models/roles';
 import { useNotify } from 'src/vueLib/general/useNotify';
+import PermissionsCheckBoxGroup from 'src/vueLib/checkboxes/CheckBoxGroupPermissions.vue';
+import { defaultPermissions } from 'src/vueLib/checkboxes/permissions';
+import { i18n } from 'src/boot/lang';
 
 const { NotifyResponse } = useNotify();
 const dialog = ref();
 const newRole = ref(false);
+const showRoleField = ref(true);
 const localRole = ref<Role>({
   role: '',
-  rights: null,
+  permissions: [],
 });
 
-const emit = defineEmits(['update-role']);
+const emit = defineEmits(['update']);
 
-function open(role: Role | null) {
+function open(role: Role | null, typ?: 'permissions') {
   if (role === undefined) {
     return;
   }
 
+  showRoleField.value = typ !== 'permissions';
   if (role !== null) {
     localRole.value = role;
+    localRole.value.permissions = role.permissions || defaultPermissions;
     newRole.value = false;
   } else {
     localRole.value = {
       role: '',
-      rights: null,
+      permissions: defaultPermissions,
     };
     newRole.value = true;
   }
@@ -58,15 +75,23 @@ function open(role: Role | null) {
 }
 
 function save() {
-  let query = 'secure/roles/edit?id=' + localRole.value.id;
+  let query = 'roles/update?id=' + localRole.value.id;
+  let update = true;
   if (newRole.value) {
-    query = 'secure/roles/add';
+    query = 'roles/add';
+    update = false;
+    localRole.value.permissions = defaultPermissions;
   }
 
   appApi
     .post(query, JSON.stringify(localRole.value))
     .then(() => {
-      emit('update-role');
+      if (update) {
+        NotifyResponse(
+          i18n.global.t('role') + " '" + localRole.value.role + "' " + i18n.global.t('updated'),
+        );
+      }
+      emit('update');
       dialog.value.close();
     })
     .catch((err) => NotifyResponse(err, 'error'));

src/components/UploadDialog.vue

@@ -7,6 +7,7 @@
           :url="`https://0.0.0.0:` + portApp + `/api/members/import/csv`"
           label="Import CSV"
           multiple
+          :with-credentials="true"
           accept=".csv"
           field-name="file"
           method="POST"

src/components/UserEditAllDialog.vue

@@ -5,36 +5,100 @@
     :height="600"
     :width="500"
   >
-    <div class="row justify-center q-gutter-md">
+    <q-form ref="form">
-      <q-input
+      <div class="row justify-center q-gutter-md">
-        class="q-ml-md col-5 required"
+        <q-input
-        :label="$t('user')"
+          class="col-5 required"
-        filled
+          :label="$t('user')"
-        :rules="[(val) => !!val || $t('userIsRequired')]"
+          filled
-        v-model="localUser.user"
+          :lazy-rules="false"
-        autofocus
+          :rules="[(val) => !!val || $t('userIsRequired')]"
-      ></q-input>
+          v-model="localUser.user"
-      <q-input
+          autofocus
-        class="q-ml-md col-5 required"
+        ></q-input>
-        :label="$t('email')"
+        <q-input
-        filled
+          class="col-5 required"
-        :rules="[(val) => !!val || $t('emailIsRequired')]"
+          :label="$t('email')"
-        v-model="localUser.email"
+          filled
-      ></q-input>
+          :lazy-rules="false"
-      <q-input
+          :rules="[(val) => !!val || $t('emailIsRequired')]"
-        class="q-ml-md col-5 required"
+          v-model="localUser.email"
-        :label="$t('role')"
+        ></q-input>
-        filled
+        <div class="col-5">
-        :rules="[(val) => !!val || $t('roleIsRequired')]"
+          <q-input
-        v-model="localUser.role"
+            class="col-5 required"
-      ></q-input>
+            :label="$t('password')"
-      <q-input
+            filled
-        class="q-ml-md col-5"
+            :lazy-rules="false"
-        :label="$t('expires')"
+            :rules="[validatePassword]"
-        filled
+            v-model="localUser.password"
-        v-model="localUser.expires"
+            @update:model-value="checkStrength"
-      ></q-input>
+            :type="showPassword1 ? 'text' : 'password'"
-    </div>
+          >
+            <template v-slot:append>
+              <q-btn
+                flat
+                dense
+                :icon="showPassword1 ? 'visibility_off' : 'visibility'"
+                @mousedown.prevent="showPassword1 = true"
+                @mouseup.prevent="showPassword1 = false"
+                @mouseleave.prevent="showPassword1 = false"
+                @touchstart.prevent="showPassword1 = true"
+                @touchend.prevent="showPassword1 = false"
+                @touchcancel.prevent="showPassword1 = false"
+              ></q-btn>
+              <q-icon :name="strengthIcon" :color="strengthColor"></q-icon>
+            </template>
+          </q-input>
+
+          <div class="q-mt-md q-px-xl">
+            <q-linear-progress :value="strengthValue" :color="strengthColor" size="8px" rounded />
+            <div class="text-caption text-center q-mt-xs">
+              {{ strengthLabel }}
+            </div>
+          </div>
+          <q-input
+            class="col-5 required"
+            :label="$t('password')"
+            filled
+            :type="showPassword2 ? 'text' : 'password'"
+            :rules="[checkSamePassword]"
+            v-model="passwordCheck"
+          >
+            <template v-slot:append>
+              <q-btn
+                flat
+                dense
+                :icon="showPassword2 ? 'visibility_off' : 'visibility'"
+                @mousedown.prevent="showPassword2 = true"
+                @mouseup.prevent="showPassword2 = false"
+                @mouseleave.prevent="showPassword2 = false"
+                @touchstart.prevent="showPassword2 = true"
+                @touchend.prevent="showPassword2 = false"
+                @touchcancel.prevent="showPassword2 = false"
+              ></q-btn>
+            </template>
+          </q-input>
+        </div>
+
+        <div class="col-5">
+          <q-select
+            class="col-5 required"
+            :label="$t('role')"
+            filled
+            :options="props.roles"
+            :rules="[(val) => !!val || $t('roleIsRequired')]"
+            v-model="localUser.role"
+          ></q-select>
+          <q-input
+            class="col-5"
+            :label="$t('expires')"
+            filled
+            v-model="localUser.expires"
+          ></q-input>
+        </div>
+      </div>
+    </q-form>
     <div class="row justify-center">
       <q-btn class="q-ma-md" color="primary" no-caps @click="save">Save</q-btn>
     </div>
@@ -44,13 +108,25 @@
 <script setup lang="ts">
 import DialogFrame from 'src/vueLib/dialog/DialogFrame.vue';
 import { ref } from 'vue';
+import zxcvbn from 'zxcvbn';
 import { appApi } from 'src/boot/axios';
 import type { User } from 'src/vueLib/models/users';
 import { useNotify } from 'src/vueLib/general/useNotify';
+import { validateQForm } from 'src/vueLib/utils/validation';
+import { i18n } from 'src/boot/lang';
+import { DefaultSettings } from 'src/vueLib/models/settings';
 
 const { NotifyResponse } = useNotify();
 const dialog = ref();
+const form = ref();
 const newUser = ref(false);
+const showPassword1 = ref(false);
+const showPassword2 = ref(false);
+const passwordCheck = ref('');
+const strengthValue = ref(0);
+const strengthLabel = ref('Enter a password');
+const strengthColor = ref('grey');
+const strengthIcon = ref('lock');
 const localUser = ref<User>({
   user: '',
   email: '',
@@ -58,9 +134,16 @@ const localUser = ref<User>({
   expires: '',
 });
 
-const emit = defineEmits(['update-user']);
+const props = defineProps({
+  roles: {
+    type: Array,
+    required: true,
+  },
+});
 
-function open(user: User | null) {
+const emit = defineEmits(['update']);
+
+async function open(user: User | null) {
   if (user === undefined) {
     return;
   }
@@ -78,19 +161,66 @@ function open(user: User | null) {
     newUser.value = true;
   }
 
-  dialog.value?.open();
+  await dialog.value?.open();
+  await validateQForm(form.value);
 }
 
-function save() {
+function checkStrength() {
-  let query = 'secure/users/edit?id=' + localUser.value.id;
+  const result = zxcvbn(localUser.value.password || '');
+  strengthValue.value = (result.score + 1) / 5;
+  const levels = [
+    i18n.global.t('veryWeak'),
+    i18n.global.t('weak'),
+    i18n.global.t('fair'),
+    i18n.global.t('good'),
+    i18n.global.t('strong'),
+  ];
+  const colors = ['red', 'orange', 'yellow', 'light-green', 'green'];
+  const icon = ['lock', 'warning', 'error_outline', 'check_circle_outline', 'verified_user'];
+
+  strengthLabel.value = levels[result.score] || i18n.global.t('veryWeak');
+  strengthColor.value = colors[result.score] || 'grey';
+  strengthIcon.value = icon[result.score] || 'lock';
+}
+
+function validatePassword(): string | boolean {
+  if (!localUser.value.password) return i18n.global.t('passwordIsRequired');
+
+  if (localUser.value.password.length < 8) {
+    return i18n.global.t('passwordTooShort');
+  } else if (!/[A-Z]/.test(localUser.value.password)) {
+    return i18n.global.t('passwordNeedsUppercase');
+  } else if (!/[a-z]/.test(localUser.value.password)) {
+    return i18n.global.t('passwordNeedsLowercase');
+  } else if (!/[0-9]/.test(localUser.value.password)) {
+    return i18n.global.t('passwordNeedsNumber');
+  } else if (!/[!@#$%^&*(),.?":{}|<>]/.test(localUser.value.password)) {
+    return i18n.global.t('passwordNeedsSpecial');
+  }
+
+  return true;
+}
+
+function checkSamePassword(): string | boolean {
+  if (localUser.value.password === passwordCheck.value) return true;
+  return i18n.global.t('passwordDoNotMatch');
+}
+
+async function save() {
+  if (!(await validateQForm(form.value))) {
+    NotifyResponse(i18n.global.t('notAllRequiredFieldsFilled'), 'error');
+    return;
+  }
+  let query = 'users/edit?id=' + localUser.value.id;
   if (newUser.value) {
-    query = 'secure/users/add';
+    query = 'users/add';
+    localUser.value.settings = DefaultSettings();
   }
 
   appApi
     .post(query, JSON.stringify(localUser.value))
     .then(() => {
-      emit('update-user');
+      emit('update');
       dialog.value.close();
     })
     .catch((err) => NotifyResponse(err, 'error'));

src/css/quasar.variables.scss

@@ -13,7 +13,9 @@
 // Tip: Use the "Theme Builder" on Quasar's documentation website.
 
 $primary: #1976d2;
+$primary-text: #ffffff;
 $secondary: #26a69a;
+$secondary-text: #ffffff;
 $accent: #9c27b0;
 
 $dark: #1d1d1d;
@@ -23,3 +25,16 @@ $positive: #21ba45;
 $negative: #c10015;
 $info: #31ccec;
 $warning: #f2c037;
+
+:root {
+  --q-primary-text: #ffffff;
+  --q-secondary-text: #ffffff;
+}
+
+.text-primary-text {
+  color: var(--q-primary-text) !important;
+}
+
+.text-secondary-text {
+  color: var(--q-secondary-text) !important;
+}

src/layouts/MainLayout.vue

@@ -10,7 +10,7 @@
         />
         <q-btn flat dense round icon="menu" aria-label="Menu" @click="toggleLeftDrawer" />
 
-        <q-toolbar-title> {{ productName }} </q-toolbar-title>
+        <q-toolbar-title class="text-primary-text"> {{ productName }} </q-toolbar-title>
 
         <div>Version {{ version }}</div>
         <q-btn dense icon="refresh" square class="q-px-md q-ml-md" @click="refresh" />
@@ -23,7 +23,14 @@
         <q-item v-if="!autorized" to="/login" exact clickable v-ripple @click="closeDrawer">
           <q-item-section>{{ $t('login') }}</q-item-section>
         </q-item>
-        <q-item v-if="autorized" to="/members" exact clickable v-ripple @click="closeDrawer">
+        <q-item
+          v-if="autorized || user.isPermittedTo('members', 'read')"
+          to="/members"
+          exact
+          clickable
+          v-ripple
+          @click="closeDrawer"
+        >
           <q-item-section>Members</q-item-section>
         </q-item>
       </q-list>
@@ -45,7 +52,9 @@ const localLogo = ref(Logo);
 
 const leftDrawerOpen = ref(false);
 const user = useUserStore();
-const autorized = computed(() => !!user.isAuthorizedAs(['admin']));
+const autorized = computed(
+  () => user.isAuthorizedAs(['admin']) || user.isPermittedTo('settings', 'read'),
+);
 
 function toggleLeftDrawer() {
   leftDrawerOpen.value = !leftDrawerOpen.value;

src/pages/LoginPage.vue

@@ -7,18 +7,20 @@
 <script setup lang="ts">
 import LoginForm from 'src/vueLib/login/LoginForm.vue';
 import { useUserStore } from 'src/vueLib/login/userStore';
-import { onMounted } from 'vue';
+import { nextTick, onMounted } from 'vue';
 import { useRouter } from 'vue-router';
 
 const router = useRouter();
 const userStore = useUserStore();
 
 onMounted(() => {
-  const user = userStore.getUser();
+  if (userStore.user?.username !== '' && userStore.user?.role !== '') {
-  if (user?.username !== '' && user?.role !== '') {
     forwardToPage().catch((err) => console.error(err));
   }
 });
 
-const forwardToPage = () => router.push('/members');
+const forwardToPage = async () => {
+  await nextTick();
+  await router.push('/members');
+};
 </script>

src/pages/SettingsPage.vue

@@ -8,6 +8,7 @@
           <p class="text-bold text-h6 text-primary q-pa-md">{{ $t('general') }}</p>
           <div class="row">
             <q-input
+              :readonly="!user.isPermittedTo('userSettings', 'write')"
               :class="[
                 colorGroup ? 'col-md-4' : 'col-md-3',
                 colorGroup ? 'col-md-6' : 'col-md-6',
@@ -24,6 +25,7 @@
           <p class="text-bold text-h6 text-primary q-pa-md">{{ $t('database') }}</p>
           <div class="row">
             <q-input
+              :readonly="!user.isPermittedTo('userSettings', 'write')"
               :class="[
                 colorGroup ? 'col-md-4' : 'col-md-3',
                 colorGroup ? 'col-md-6' : 'col-md-6',
@@ -52,18 +54,72 @@
             <div class="row">
               <div class="col-12 col-sm-6 col-md-3 q-px-md">
                 <p class="text-center text-bold text-h6 text-primary">{{ $t('primaryColor') }}</p>
-                <q-color bordered class="q-mx-md" v-model="settings.primaryColor"></q-color>
+                <q-color
+                  :disable="!user.isPermittedTo('userSettings', 'write')"
+                  bordered
+                  class="q-mx-md"
+                  v-model="settings.primaryColor"
+                ></q-color>
+              </div>
+              <div class="col-12 col-sm-6 col-md-3 q-px-md">
+                <p
+                  :class="[
+                    'text-center',
+                    'text-bold',
+                    'text-h6',
+                    'text-primary-text',
+                    settings.primaryColorText === '#ffffff' ? 'bg-black' : '',
+                  ]"
+                  :style="settings.primaryColorText === '#ffffff' ? 'opacity: 0.2;' : ''"
+                >
+                  {{ $t('primaryColorText') }}
+                </p>
+                <q-color
+                  :disable="!user.isPermittedTo('userSettings', 'write')"
+                  bordered
+                  class="q-mx-md"
+                  v-model="settings.primaryColorText"
+                ></q-color>
               </div>
               <div class="col-12 col-sm-6 col-md-3 q-px-md">
                 <p class="text-center text-bold text-h6 text-secondary">
                   {{ $t('secondaryColor') }}
                 </p>
-                <q-color class="q-mx-md" v-model="settings.secondaryColor"></q-color>
+                <q-color
+                  :disable="!user.isPermittedTo('userSettings', 'write')"
+                  class="q-mx-md"
+                  v-model="settings.secondaryColor"
+                ></q-color>
+              </div>
+              <div class="col-12 col-sm-6 col-md-3 q-px-md">
+                <p
+                  :class="[
+                    'text-center',
+                    'text-bold',
+                    'text-h6',
+                    'text-secondary-text',
+                    settings.secondaryColorText === '#ffffff' ? 'bg-black' : '',
+                  ]"
+                  :style="settings.secondaryColorText === '#ffffff' ? 'opacity: 0.2;' : ''"
+                >
+                  {{ $t('secondaryColorText') }}
+                </p>
+                <q-color
+                  :disable="!user.isPermittedTo('userSettings', 'write')"
+                  class="q-mx-md"
+                  v-model="settings.secondaryColorText"
+                ></q-color>
               </div>
             </div>
-            <q-btn class="q-my-md q-mx-md" color="secondary" dense no-caps @click="resetColors">{{
+            <q-btn
-              $t('resetColors')
+              :disable="!user.isPermittedTo('userSettings', 'write')"
-            }}</q-btn>
+              class="q-my-md q-mx-md"
+              color="secondary"
+              dense
+              no-caps
+              @click="resetColors"
+              >{{ $t('resetColors') }}</q-btn
+            >
           </div>
         </q-card>
         <div class="row justify-end">
@@ -83,15 +139,21 @@ import { reactive, ref, watch } from 'vue';
 import { appApi } from 'src/boot/axios';
 import { useNotify } from 'src/vueLib/general/useNotify';
 import { type Settings } from 'src/vueLib/models/settings';
+import { useLogin } from 'src/vueLib/login/useLogin';
+import { useUserStore } from 'src/vueLib/login/userStore';
 
 const { NotifyResponse } = useNotify();
+const { getUser } = useLogin();
 const colorGroup = ref(false);
+const user = useUserStore();
 
 const settings = reactive<Settings>({
   icon: Logo.value,
   databaseName: databaseName.value,
   primaryColor: document.documentElement.style.getPropertyValue('--q-primary'),
+  primaryColorText: document.documentElement.style.getPropertyValue('--q-primary-text'),
   secondaryColor: document.documentElement.style.getPropertyValue('--q-secondary'),
+  secondaryColorText: document.documentElement.style.getPropertyValue('--q-secondary-text'),
 });
 
 watch(settings, (newSettings) => {
@@ -101,20 +163,30 @@ watch(settings, (newSettings) => {
 
 function resetColors() {
   document.documentElement.style.setProperty('--q-primary', '#1976d2');
+  settings.primaryColor = '#1976d2';
+  document.documentElement.style.setProperty('--q-primary-text', '#ffffff');
+  settings.primaryColorText = '#ffffff';
   document.documentElement.style.setProperty('--q-secondary', '#26a69a');
+  settings.secondaryColor = '#26a69a';
+  document.documentElement.style.setProperty('--q-secondary-text', '#ffffff');
+  settings.secondaryColorText = '#ffffff';
 }
 
 function save() {
   document.documentElement.style.setProperty('--q-primary', settings.primaryColor);
+  document.documentElement.style.setProperty('--q-primary-text', settings.primaryColorText);
   document.documentElement.style.setProperty('--q-secondary', settings.secondaryColor);
+  document.documentElement.style.setProperty('--q-secondary-text', settings.secondaryColorText);
   Logo.value = settings.icon;
   localStorage.setItem('icon', settings.icon);
   localStorage.setItem('databaseName', settings.databaseName);
   localStorage.setItem('primaryColor', settings.primaryColor);
+  localStorage.setItem('primaryColorText', settings.primaryColorText);
   localStorage.setItem('secondaryColor', settings.secondaryColor);
+  localStorage.setItem('secondaryColorText', settings.secondaryColorText);
 
   appApi
-    .post('secure/settings/update', { user: 'admin', settings })
+    .post('settings/update', { user: getUser()?.username, settings })
     .then((resp) => NotifyResponse(resp.data.message))
     .catch((err) => NotifyResponse(err, 'error'));
 }

src/router/index.ts

@@ -36,13 +36,13 @@ export default defineRouter(function (/* { store, ssrContext } */) {
 
   Router.beforeEach((to, from, next) => {
     const userStore = useUserStore();
-
     const isLoggedIn = userStore.isAuthenticated;
-    const isAdmin = userStore.user?.role === 'admin';
-
     if (to.meta.requiresAuth && !isLoggedIn) {
       next('/login');
-    } else if (to.meta.requiresAdmin && !isAdmin) {
+    } else if (
+      to.meta.requiresAdmin &&
+      !userStore.isPermittedTo(to.path.replace('/', ''), 'read')
+    ) {
       next('/');
     } else {
       next();

src/router/routes.ts

@@ -10,21 +10,21 @@ const routes: RouteRecordRaw[] = [
         component: () => import('pages/LoginPage.vue'),
       },
       {
-        path: '/login',
+        path: 'login',
         component: () => import('pages/LoginPage.vue'),
       },
       {
-        path: '/members',
+        path: 'members',
         component: () => import('pages/MembersTable.vue'),
         meta: { requiresAuth: true, requiresAdmin: true },
       },
       {
-        path: '/settings',
+        path: 'settings',
         component: () => import('pages/SettingsPage.vue'),
         meta: { requiresAuth: true, requiresAdmin: true },
       },
       {
-        path: '/usersSettings',
+        path: 'userSettings',
         component: () => import('pages/UserSettings.vue'),
         meta: { requiresAuth: true, requiresAdmin: true },
       },

src/vueLib/checkboxes/CheckBoxGroupPermissions.vue

@@ -0,0 +1,67 @@
+<template>
+  <q-card>
+    <q-card bordered v-for="(permission, index) in localPermission" v-bind:key="index">
+      <q-card-section class="text-center">
+        <div class="text-h7 text-bold text-primary">{{ $t(permission.name) }}</div>
+      </q-card-section>
+      <q-separator></q-separator>
+      <div class="flex justify-center">
+        <q-checkbox
+          class="q-mx-md"
+          :model-value="isFlagSet(permission.permission, 1 << 0)"
+          @update:model-value="(val) => toggleBit(index, 0, val)"
+          >{{ i18n.global.t('read') }}</q-checkbox
+        >
+        <q-checkbox
+          class="q-mx-md"
+          :model-value="isFlagSet(permission.permission, 1 << 1)"
+          @update:model-value="(val) => toggleBit(index, 1, val)"
+          >{{ i18n.global.t('write') }}</q-checkbox
+        >
+        <q-checkbox
+          class="q-mx-md"
+          :model-value="isFlagSet(permission.permission, 1 << 2)"
+          @update:model-value="(val) => toggleBit(index, 2, val)"
+          >{{ i18n.global.t('delete') }}</q-checkbox
+        >
+      </div>
+    </q-card>
+  </q-card>
+</template>
+
+<script setup lang="ts">
+import { ref, type PropType } from 'vue';
+import type { Permissions } from './permissions';
+import { i18n } from 'src/boot/lang';
+
+const props = defineProps({
+  permissions: {
+    type: Object as PropType<Permissions>,
+    required: true,
+  },
+});
+
+const emit = defineEmits(['update']);
+
+const localPermission = ref(
+  props.permissions.map((e) => ({
+    name: e.name,
+    permission: e.permission ?? 0,
+  })),
+);
+
+function isFlagSet(mask: number, flag: number) {
+  return (mask & flag) !== 0;
+}
+
+function toggleBit(index: number, bit: number, value: boolean) {
+  const item = localPermission.value[index];
+  if (!item) return; // guard against undefined index
+
+  const mask = 1 << bit;
+  const current = item.permission ?? 0;
+
+  item.permission = value ? current | mask : current & ~mask;
+  emit('update', localPermission.value);
+}
+</script>

src/vueLib/checkboxes/permissions.ts

@@ -0,0 +1,40 @@
+import { i18n } from 'src/boot/lang';
+import { ref } from 'vue';
+
+export interface Permission {
+  name: string;
+  label: string;
+  permission: number;
+}
+
+export type Permissions = Permission[];
+
+export const defaultPermissions = [
+  {
+    name: 'settings',
+    label: i18n.global.t('settings'),
+    permission: 0,
+  },
+  {
+    name: 'userSettings',
+    label: i18n.global.t('userSettings'),
+    permission: 0,
+  },
+  {
+    name: 'members',
+    label: i18n.global.t('members'),
+    permission: 0,
+  },
+  {
+    name: 'attendanceTable',
+    label: i18n.global.t('attendanceTable'),
+    permission: 0,
+  },
+  {
+    name: 'excursionTable',
+    label: i18n.global.t('excursionTable'),
+    permission: 0,
+  },
+];
+
+export const permissions = ref<Permissions>(defaultPermissions);

src/vueLib/db/db.ts

@@ -1,49 +0,0 @@
-import { CapacitorSQLite, SQLiteConnection } from '@capacitor-community/sqlite';
-import type { Settings } from '../models/settings';
-
-const sqlite = new SQLiteConnection(CapacitorSQLite);
-
-export async function initDB() {
-  const db = await sqlite.createConnection('membersDB', true, 'secreto_passwordo', 1, false);
-  await db.open();
-  await db.execute(`CREATE TABLE IF NOT EXISTS users (
-						id INTEGER PRIMARY KEY AUTOINCREMENT,
-						username TEXT NOT NULL,
-						role TEXT NOT NULL,
-						password TEXT NOT NULL,
-						settings TEXT NOT NULL
-						);`);
-
-  const result = await db.query(`SELECT * FROM users WHERE username = ?`, ['admin']);
-  if (result.values?.length === 0) {
-    await db.run(`INSERT INTO users (username, role, password, settings) VALUES (?, ?, ?, ?)`, [
-      'admin',
-      'admin',
-      'tecamino@2023',
-      {},
-    ]);
-  }
-  return db;
-}
-
-export async function addUser(user: string, role: string, password: string, settings: Settings) {
-  const db = await initDB();
-  await db.run(`INSERT INTO users (username, role, password, settings) VALUES (?, ?, ?, ?)`, [
-    user,
-    role,
-    password,
-    settings,
-  ]);
-}
-
-export async function getUsers() {
-  const db = await initDB();
-  const resp = await db.query(`SELECT * FROM users`);
-  return resp.values;
-}
-
-export async function getUser(user: string) {
-  const db = await initDB();
-  const resp = await db.query(`SELECT EXISTS(SELECT 1 FROM users WHERE username = ?)`, [user]);
-  return resp.values;
-}

src/vueLib/login/LoginForm.vue

@@ -8,6 +8,7 @@
           ref="refUserInput"
           dense
           filled
+          autocomplete="username"
           type="text"
           :label="$t('user')"
           v-model="user"
@@ -16,6 +17,7 @@
         <q-input
           dense
           filled
+          autocomplete="current-password"
           :type="showPassword ? 'text' : 'password'"
           :label="$t('password')"
           v-model="password"
@@ -27,14 +29,17 @@
               flat
               dense
               :icon="showPassword ? 'visibility_off' : 'visibility'"
-              @mousedown.left="showPassword = true"
+              @mousedown.prevent="showPassword = true"
-              @mouseup.left="showPassword = false"
+              @mouseup.prevent="showPassword = false"
-              @mouseleave="showPassword = false"
+              @mouseleave.prevent="showPassword = false"
+              @touchstart.prevent="showPassword = true"
+              @touchend.prevent="showPassword = false"
+              @touchcancel.prevent="showPassword = false"
             ></q-btn>
           </template>
         </q-input>
         <div class="q-pt-sm q-mr-md row justify-end">
-          <q-btn color="primary" :label="$t('login')" @click="onSubmit"></q-btn>
+          <q-btn no-caps color="primary" :label="$t('login')" @click="onSubmit"></q-btn>
         </div>
       </q-card>
     </q-item-section>
@@ -59,25 +64,24 @@ const { login } = useLogin();
 
 const emit = defineEmits(['update-close']);
 
-const onSubmit = () => {
+const onSubmit = async () => {
-  refForm.value?.validate().then((success: boolean) => {
+  const valid = refForm.value?.validate();
-    if (success) {
+  if (!valid) {
-      login(user.value, password.value)
+    NotifyResponse('error submitting login form', 'error');
-        .then(() => {
+    return;
-          NotifyResponse("logged in as '" + user.value + "'");
+  }
-          emit('update-close');
+  await login(user.value, password.value)
-        })
+    .then(() => {
-        .catch((err) => {
+      NotifyResponse("logged in as '" + user.value + "'");
-          NotifyResponse(err, 'error');
+    })
-          shake.value = true;
+    .catch((err) => {
-          setTimeout(() => {
+      NotifyResponse(err, 'error');
-            shake.value = false;
+      shake.value = true;
-          }, 500);
+      setTimeout(() => {
-        });
+        shake.value = false;
-    } else {
+      }, 500);
-      NotifyResponse('error submitting login form', 'error');
+    });
-    }
+  emit('update-close');
-  });
 };
 </script>
 

src/vueLib/login/LoginMenu.vue

@@ -9,6 +9,9 @@
           <q-item v-if="showLogin" clickable v-close-popup @click="openLogin">
             <q-item-section class="text-primary">{{ loginText }}</q-item-section>
           </q-item>
+          <q-item>
+            <q-btn flat :icon="Dark.mode ? 'light_mode' : 'dark_mode'" @click="Dark.toggle"></q-btn>
+          </q-item>
           <q-item>
             <q-select
               :label="$t('language')"
@@ -19,11 +22,20 @@
               :options="langSelection"
             ></q-select>
           </q-item>
-          <q-item v-if="autorized">
+          <q-item
+            v-if="
+              (autorized || user.isPermittedTo('settings', 'read')) && route.path !== '/settings'
+            "
+          >
             <q-btn flat color="secondary" icon="settings" to="/settings"></q-btn>
           </q-item>
-          <q-item v-if="autorized">
+          <q-item
-            <q-btn flat color="secondary" icon="group" to="/usersSettings"></q-btn>
+            v-if="
+              (autorized || user.isPermittedTo('userSettings', 'read')) &&
+              route.path !== '/userSettings'
+            "
+          >
+            <q-btn flat color="secondary" icon="group" to="/userSettings"></q-btn>
           </q-item>
         </q-list>
       </q-menu>
@@ -40,6 +52,7 @@ import { useNotify } from '../general/useNotify';
 import { lang, i18n } from 'src/boot/lang';
 import { useUserStore } from './userStore';
 import { useRoute } from 'vue-router';
+import { Dark } from 'quasar';
 
 const route = useRoute();
 const showLogin = computed(

src/vueLib/login/useLogin.ts

@@ -18,15 +18,21 @@ export function useLogin() {
 
         Logo.value = sets.icon;
         document.documentElement.style.setProperty('--q-primary', sets.primaryColor);
+        document.documentElement.style.setProperty('--q-primary-text', sets.primaryColorText);
         document.documentElement.style.setProperty('--q-secondary', sets.secondaryColor);
+        document.documentElement.style.setProperty('--q-secondary-text', sets.secondaryColorText);
         localStorage.setItem('icon', sets.icon);
         localStorage.setItem('databaseName', sets.databaseName);
         localStorage.setItem('primaryColor', sets.primaryColor);
+        localStorage.setItem('primaryColorText', sets.primaryColorText);
         localStorage.setItem('secondaryColor', sets.secondaryColor);
+        localStorage.setItem('secondaryColorText', sets.secondaryColorText);
       });
 
       const resp = await appApi.get('/login/me');
-      userStore.setUser({ id: resp.data.id, username: resp.data.user, role: resp.data.role });
+      await userStore
+        .setUser({ id: resp.data.id, username: resp.data.user, role: resp.data.role })
+        .catch((err) => console.log(err));
 
       startRefreshInterval();
       return true;
@@ -47,12 +53,14 @@ export function useLogin() {
 
   async function refresh() {
     await appApi
-      .post('secure/login/refresh', {}, { withCredentials: true })
+      .post('login/refresh', {}, { withCredentials: true })
       .then(() => {
         appApi
           .get('/login/me')
           .then((resp) => {
-            userStore.setUser({ id: resp.data.id, username: resp.data.user, role: resp.data.role });
+            userStore
+              .setUser({ id: resp.data.id, username: resp.data.user, role: resp.data.role })
+              .catch((err) => console.error(err));
             if (!intervalId) {
               startRefreshInterval();
             }
@@ -67,7 +75,7 @@ export function useLogin() {
     return false;
   }
   function getUser() {
-    return userStore.getUser();
+    return userStore.user;
   }
 
   function startRefreshInterval() {

src/vueLib/login/userStore.ts

@@ -1,30 +1,52 @@
 import { defineStore } from 'pinia';
-import { useGlobalRouter } from 'src/utils/globalRouter';
+import { useGlobalRouter } from 'src/vueLib/utils/globalRouter';
-import { useGlobalQ } from 'src/utils/globalQ';
+import { useGlobalQ } from 'src/vueLib/utils/globalQ';
+import { appApi } from 'src/boot/axios';
+import { useNotify } from '../general/useNotify';
+import type { Role } from '../models/roles';
+import type { UserState, User } from '../models/user';
+import type { Permission } from '../checkboxes/permissions';
 
-interface User {
+const { NotifyResponse } = useNotify();
-  id: number;
-  username: string;
-  role: string;
-}
-
-interface UserState {
-  user: User | null;
-}
 
 export const useUserStore = defineStore('user', {
   state: (): UserState => ({
     user: null,
   }),
   getters: {
-    isAuthenticated: (state): boolean => !!state.user,
+    isAuthenticated: (state: UserState): boolean => {
+      return !!state.user;
+    },
+
+    isAuthorizedAs: (state: UserState) => {
+      return (roles: string[]) => {
+        return state.user !== null && roles.includes(state.user.role);
+      };
+    },
+    isPermittedTo: (state: UserState) => {
+      return (name: string, type: 'read' | 'write' | 'delete'): boolean => {
+        const permission = state.user?.permissions?.find((r: Permission) => r.name === name);
+        switch (type) {
+          case 'read':
+            return permission?.permission ? (permission.permission & (1 << 0)) === 1 : false;
+          case 'write':
+            return permission?.permission ? (permission.permission & (1 << 1)) === 2 : false;
+          case 'delete':
+            return permission?.permission ? (permission.permission & (1 << 2)) === 4 : false;
+        }
+      };
+    },
   },
   actions: {
-    setUser(user: User) {
+    async setUser(user: User) {
-      this.user = user;
+      await appApi
-    },
+        .get('roles?role=' + user.role)
-    getUser() {
+        .then((resp) => {
-      return this.user;
+          const roleData = resp.data.find((role: Role) => role.role === user.role);
+          user.permissions = roleData?.permissions || [];
+          this.user = user;
+        })
+        .catch((err) => NotifyResponse(err, 'error'));
     },
     clearUser() {
       const $q = useGlobalQ();
@@ -60,9 +82,5 @@ export const useUserStore = defineStore('user', {
         }
       });
     },
-
-    isAuthorizedAs(roles: string[]) {
-      return this.user !== null && roles.includes(this.user.role);
-    },
   },
 });

src/vueLib/models/rights.ts

@@ -1,8 +0,0 @@
-export interface Right {
-  name: string;
-  read: boolean;
-  write: boolean;
-  delete: boolean;
-}
-
-export type Rights = Right[];

src/vueLib/models/roles.ts

@@ -1,9 +1,9 @@
-import type { Rights } from './rights';
+import type { Permissions } from '../checkboxes/permissions';
 
 export interface Role {
   id?: number;
   role: string;
-  rights: Rights | null;
+  permissions: Permissions;
 }
 
 export type Roles = Role[];

src/vueLib/models/settings.ts

@@ -2,5 +2,18 @@ export type Settings = {
   icon: string;
   databaseName: string;
   primaryColor: string;
+  primaryColorText: string;
   secondaryColor: string;
+  secondaryColorText: string;
 };
+
+export function DefaultSettings(): Settings {
+  return {
+    icon: '',
+    databaseName: 'members.dba',
+    primaryColor: document.documentElement.style.getPropertyValue('--q-primary-text'),
+    primaryColorText: document.documentElement.style.getPropertyValue('--q-primary'),
+    secondaryColor: document.documentElement.style.getPropertyValue('--q-secondary'),
+    secondaryColorText: document.documentElement.style.getPropertyValue('--q-secondary-text'),
+  };
+}

src/vueLib/models/user.ts

@@ -0,0 +1,12 @@
+import type { Permissions } from '../checkboxes/permissions';
+
+export interface User {
+  id: number;
+  username: string;
+  role: string;
+  permissions?: Permissions;
+}
+
+export interface UserState {
+  user: User | null;
+}

src/vueLib/models/users.ts

@@ -1,9 +1,13 @@
+import type { Settings } from './settings';
+
 export interface User {
   id?: number;
   user: string;
   email: string;
   role: string;
   expires: string;
+  password?: string;
+  settings?: Settings;
 }
 
 export type Users = User[];

src/vueLib/tables/members/MembersTable.ts

@@ -13,7 +13,7 @@ export function useMemberTable() {
     sortBy: 'firstName',
     descending: false,
     page: 1,
-    rowsPerPage: 10,
+    rowsPerPage: 20,
   });
 
   const columns = computed(() => [
@@ -171,7 +171,7 @@ export function useMemberTable() {
     loading.value = true;
 
     appApi
-      .get('secure/members')
+      .get('members')
       .then((resp) => {
         if (resp.data === null) {
           members.value = [];

src/vueLib/tables/members/MembersTable.vue

@@ -23,10 +23,17 @@
     >
       <template v-slot:top-left>
         <q-btn-group push flat style="color: grey">
-          <q-btn dense flat icon="add" @click="openAllValueDialog(null)">
+          <q-btn
+            v-if="user.isPermittedTo('userSettings', 'write')"
+            dense
+            flat
+            icon="add"
+            @click="openAllValueDialog(null)"
+          >
             <q-tooltip>{{ $t('addNewMember') }}</q-tooltip>
           </q-btn>
           <q-btn
+            v-if="user.isPermittedTo('userSettings', 'write')"
             dense
             flat
             style="color: grey"
@@ -35,7 +42,13 @@
           >
             <q-tooltip>{{ $t('selectMemberOptions') }}</q-tooltip>
           </q-btn>
-          <q-btn dense flat icon="upload" @click="openUploadDialog">
+          <q-btn
+            v-if="user.isPermittedTo('userSettings', 'write')"
+            dense
+            flat
+            icon="upload"
+            @click="openUploadDialog"
+          >
             <q-tooltip>{{ $t('importCSV') }}</q-tooltip>
           </q-btn>
         </q-btn-group>
@@ -66,7 +79,11 @@
         <q-td
           :props="props"
           :class="getRowClass(props.row)"
-          @click="openSingleValueDialog(props.col.label, props.col.name, props.row)"
+          :style="user.isPermittedTo('userSettings', 'write') ? 'cursor: pointer' : ''"
+          @click="
+            user.isPermittedTo('userSettings', 'write') &&
+            openSingleValueDialog(props.col.label, props.col.name, props.row)
+          "
         >
           {{ props.value }}
         </q-td>
@@ -82,9 +99,19 @@
       </template>
       <template v-slot:body-cell-option="props">
         <q-td :props="props">
-          <q-btn flat dense icon="more_vert" @click="openSubmenu = true" />
+          <q-btn
+            v-if="
+              user.isPermittedTo('userSettings', 'write') ||
+              user.isPermittedTo('userSettings', 'delete')
+            "
+            flat
+            dense
+            icon="more_vert"
+            @click="openSubmenu = true"
+          />
           <q-menu v-if="openSubmenu" anchor="top right" self="top left">
             <q-item
+              v-if="user.isPermittedTo('userSettings', 'write')"
               clickable
               v-close-popup
               @click="openAllValueDialog(props.row)"
@@ -92,6 +119,7 @@
               >{{ $t('edit') }}</q-item
             >
             <q-item
+              v-if="user.isPermittedTo('userSettings', 'delete')"
               clickable
               v-close-popup
               @click="openRemoveDialog(props.row)"
@@ -104,7 +132,12 @@
       </template>
     </q-table>
   </div>
-  <EditOneDialog ref="editOneDialog" v-on:update="updateMembers"></EditOneDialog>
+  <EditOneDialog
+    ref="editOneDialog"
+    endpoint="members/edit"
+    query-id
+    v-on:update="updateMembers"
+  ></EditOneDialog>
   <EditAllDialog ref="editAllDialog" v-on:update="updateMembers"></EditAllDialog>
   <OkDialog
     ref="okDialog"
@@ -131,6 +164,7 @@ import { useNotify } from 'src/vueLib/general/useNotify';
 import { useMemberTable } from './MembersTable';
 import UploadDialog from 'src/components/UploadDialog.vue';
 import { databaseName } from './MembersTable';
+import { useUserStore } from 'src/vueLib/login/userStore';
 
 export interface MemberDialog {
   getSelected: () => Members;
@@ -146,6 +180,7 @@ const selectOption = ref(false);
 const selected = ref<Members>([]);
 const openSubmenu = ref(false);
 const filter = ref('');
+const user = useUserStore();
 
 const {
   members,
@@ -162,7 +197,7 @@ onMounted(() => {
   loading.value = true;
 
   appApi
-    .post('secure/database/open', { dbPath: databaseName.value, create: true })
+    .post('database/open', { dbPath: databaseName.value, create: true })
     .then(() => {
       updateMembers();
     })
@@ -214,7 +249,7 @@ function removeMember(...removeMembers: Members) {
   });
 
   appApi
-    .post('secure/members/delete', { ids: memberIds })
+    .post('members/delete', { ids: memberIds })
     .then(() => {
       updateMembers();
       selected.value = [];

src/vueLib/tables/roles/RoleTable.ts

@@ -3,6 +3,8 @@ import { ref, computed } from 'vue';
 import { useNotify } from 'src/vueLib/general/useNotify';
 import { i18n } from 'boot/lang';
 import type { Roles } from 'src/vueLib/models/roles';
+import { useUserStore } from 'src/vueLib/login/userStore';
+import { useLogin } from 'src/vueLib/login/useLogin';
 
 export const roles = ref<Roles>([]);
 
@@ -31,11 +33,10 @@ export function useRoleTable() {
       sortable: true,
     },
     {
-      name: 'rights',
+      name: 'permissions',
       align: 'left' as const,
-      label: i18n.global.t('rights'),
+      label: i18n.global.t('permissions'),
-      field: 'rights',
+      field: '',
-      sortable: true,
       style: 'width: 120px; max-width: 120px;',
     },
     { name: 'option', align: 'center' as const, label: '', field: 'option', icon: 'option' },
@@ -44,18 +45,21 @@ export function useRoleTable() {
   const { NotifyResponse } = useNotify();
 
   const loading = ref(false);
+  const userStore = useUserStore();
+  const login = useLogin();
 
   //updates user list from database
-  function updateRoles() {
+  async function updateRoles() {
     loading.value = true;
-    appApi
+    await appApi
-      .get('secure/roles')
+      .get('roles?id=0')
       .then((resp) => {
         if (resp.data === null) {
           roles.value = [];
           return;
         }
         roles.value = resp.data as Roles;
+
         if (roles.value === null) {
           roles.value = [];
           return;
@@ -68,6 +72,17 @@ export function useRoleTable() {
       .finally(() => {
         loading.value = false;
       });
+    await appApi
+      .get('/login/me')
+      .then((resp) => {
+        userStore
+          .setUser({ id: resp.data.id, username: resp.data.username, role: resp.data.role })
+          .catch((err) => console.log(err));
+        login.refresh().catch((err) => console.error(err));
+      })
+      .catch(() => {
+        login.logout().catch((err) => console.error(err));
+      });
   }
   return {
     roles,

src/vueLib/tables/roles/RoleTable.vue

@@ -23,10 +23,17 @@
     >
       <template v-slot:top-left>
         <q-btn-group push flat style="color: grey">
-          <q-btn dense flat icon="add" @click="openAllValueDialog(null)">
+          <q-btn
+            v-if="user.isPermittedTo('userSettings', 'write')"
+            dense
+            flat
+            icon="add"
+            @click="openAllValueDialog(null)"
+          >
             <q-tooltip>{{ $t('addNewRole') }}</q-tooltip>
           </q-btn>
           <q-btn
+            v-if="user.isPermittedTo('userSettings', 'write')"
             dense
             flat
             style="color: grey"
@@ -62,21 +69,65 @@
       <template v-slot:body-cell="props">
         <q-td
           :props="props"
-          @click="openSingleValueDialog(props.col.label, props.col.name, props.row)"
+          :disable="!autorized(props.row)"
+          :style="
+            autorized(props.row) && user.isPermittedTo('userSettings', 'write')
+              ? 'cursor: pointer'
+              : ''
+          "
+          @click="
+            autorized(props.row) && user.isPermittedTo('userSettings', 'write')
+              ? openSingleValueDialog(props.col.label, props.col.name, props.row)
+              : ''
+          "
         >
           {{ props.value }}
         </q-td>
       </template>
+      <template v-slot:body-cell-permissions="props">
+        <q-td :props="props">
+          <q-btn
+            :disable="!autorized(props.row) || !user.isPermittedTo('userSettings', 'write')"
+            flat
+            dense
+            icon="rule"
+            :color="
+              autorized(props.row) && user.isPermittedTo('userSettings', 'write')
+                ? 'secondary'
+                : 'grey'
+            "
+            @click="
+              user.isPermittedTo('userSettings', 'write') &&
+              openAllValueDialog(props.row, 'permissions')
+            "
+          >
+            <q-tooltip> {{ $t('permissions') }} </q-tooltip>
+          </q-btn>
+        </q-td>
+      </template>
       <template v-slot:body-cell-option="props">
         <q-td :props="props">
-          <q-btn flat dense icon="delete" color="negative" @click="openRemoveDialog(props.row)">
+          <q-btn
+            v-if="user.isPermittedTo('userSettings', 'delete')"
+            :disable="!autorized(props.row)"
+            flat
+            dense
+            icon="delete"
+            color="negative"
+            @click="openRemoveDialog(props.row)"
+          >
             <q-tooltip> {{ $t('delete') }} </q-tooltip>
           </q-btn>
         </q-td>
       </template>
     </q-table>
   </div>
-  <EditOneDialog ref="editOneDialog" v-on:update="updateRoles"></EditOneDialog>
+  <EditOneDialog
+    ref="editOneDialog"
+    endpoint="roles/update"
+    query-id
+    v-on:update="updateRoles"
+  ></EditOneDialog>
   <EditAllDialog ref="editAllDialog" v-on:update="updateRoles"></EditAllDialog>
   <OkDialog
     ref="okDialog"
@@ -101,6 +152,9 @@ import OkDialog from 'src/components/dialog/OkDialog.vue';
 import { useNotify } from 'src/vueLib/general/useNotify';
 import { useRoleTable } from './RoleTable';
 import { useLogin } from 'src/vueLib/login/useLogin';
+import { i18n } from 'src/boot/lang';
+import { QTable } from 'quasar';
+import { useUserStore } from 'src/vueLib/login/userStore';
 
 const { NotifyResponse } = useNotify();
 const editOneDialog = ref();
@@ -110,24 +164,33 @@ const deleteText = ref('');
 const selectOption = ref(false);
 const selected = ref<Roles>([]);
 const openSubmenu = ref(false);
+const currentUser = ref();
 const filter = ref('');
+const user = useUserStore();
 
 const { roles, pagination, loading, columns, updateRoles } = useRoleTable();
 
 //load on mounting page
 onMounted(() => {
   loading.value = true;
-  updateRoles();
+  const login = useLogin();
+  currentUser.value = login.getUser();
+  updateRoles().catch((err) => console.error(err));
 });
 
+function autorized(role: Role): boolean {
+  if (role.id !== 1) return true;
+  return false;
+}
+
 // opens dialog for all role values
 function openSingleValueDialog(label: string, field: string, role: Role) {
   editOneDialog.value?.open(label, field, role);
 }
 
 //opens dialog for one value
-function openAllValueDialog(role: Role | null) {
+function openAllValueDialog(role: Role | null, typ?: 'permissions') {
-  editAllDialog.value?.open(role);
+  editAllDialog.value?.open(role, typ);
 }
 
 //opens remove dialog
@@ -145,18 +208,22 @@ function removeRole(...removeRoles: Roles) {
   const roles: string[] = [];
 
   removeRoles.forEach((role: Role) => {
-    if (role.role) {
+    if (role.role === currentUser.value.role) {
+      NotifyResponse(i18n.global.t('notPossibleToDeleteLoggedInRole'), 'error');
+    } else if (role.role) {
       roles.push(role.role);
     }
   });
 
-  const login = useLogin();
-  const user = login.getUser();
-
   appApi
-    .post('secure/roles/delete?role=' + user?.role, { roles: roles })
+    .post('roles/delete?role=' + currentUser.value.role, { roles: roles })
-    .then(() => {
+    .then((resp) => {
-      updateRoles();
+      updateRoles().catch((err) => console.error(err));
+      if (roles.length === 1) {
+        NotifyResponse("'" + roles[0] + "' " + i18n.global.t('deleted'), 'warning');
+      } else {
+        NotifyResponse(resp.data, 'warning');
+      }
       selected.value = [];
     })
     .catch((err) => NotifyResponse(err, 'error'))
@@ -169,6 +236,7 @@ function getSelected(): Roles {
   if (selected.value.length === 0) return [];
   return selected.value;
 }
+
 defineExpose({
   getSelected,
 });

src/vueLib/tables/users/UserTable.ts

@@ -55,9 +55,8 @@ export function useUserTable() {
   //updates user list from database
   function updateUsers() {
     loading.value = true;
-
     appApi
-      .get('secure/users')
+      .get('users')
       .then((resp) => {
         if (resp.data === null) {
           users.value = [];

src/vueLib/tables/users/UserTable.vue

@@ -23,10 +23,17 @@
     >
       <template v-slot:top-left>
         <q-btn-group push flat style="color: grey">
-          <q-btn dense flat icon="add" @click="openAllValueDialog(null)">
+          <q-btn
+            v-if="user.isPermittedTo('userSettings', 'write')"
+            dense
+            flat
+            icon="add"
+            @click="openAllValueDialog(null)"
+          >
             <q-tooltip>{{ $t('addNewUser') }}</q-tooltip>
           </q-btn>
           <q-btn
+            v-if="user.isPermittedTo('userSettings', 'write')"
             dense
             flat
             style="color: grey"
@@ -61,27 +68,55 @@
       </template>
       <template v-slot:body-cell="props">
         <q-td v-if="props.col.name === 'role'" :props="props">
-          <q-select dense v-model="props.row.role" :options="localRoles"></q-select>
+          <q-select
+            :readonly="!user.isPermittedTo('userSettings', 'write') || !autorized(props.row)"
+            dense
+            v-model="props.row.role"
+            :options="localRoles"
+            @update:model-value="updateUser(props.row)"
+          ></q-select>
         </q-td>
         <q-td
           v-else
           :props="props"
-          @click="openSingleValueDialog(props.col.label, props.col.name, props.row)"
+          :style="
+            autorized(props.row) && user.isPermittedTo('userSettings', 'write')
+              ? 'cursor: pointer'
+              : ''
+          "
+          @click="
+            autorized(props.row) && user.isPermittedTo('userSettings', 'write')
+              ? openSingleValueDialog(props.col.label, props.col.name, props.row)
+              : ''
+          "
         >
           {{ props.value }}
         </q-td>
       </template>
       <template v-slot:body-cell-option="props">
         <q-td :props="props">
-          <q-btn flat dense icon="delete" color="negative" @click="openRemoveDialog(props.row)">
+          <q-btn
+            v-if="user.isPermittedTo('userSettings', 'delete')"
+            :disable="!autorized(props.row)"
+            flat
+            dense
+            icon="delete"
+            color="negative"
+            @click="openRemoveDialog(props.row)"
+          >
             <q-tooltip> {{ $t('delete') }} </q-tooltip>
           </q-btn>
         </q-td>
       </template>
     </q-table>
   </div>
-  <EditOneDialog ref="editOneDialog" v-on:update="updateUsers"></EditOneDialog>
+  <EditOneDialog
-  <EditAllDialog ref="editAllDialog" v-on:update="updateUsers"></EditAllDialog>
+    ref="editOneDialog"
+    endpoint="users/edit"
+    query-id
+    v-on:update="updateUsers"
+  ></EditOneDialog>
+  <EditAllDialog ref="editAllDialog" :roles="localRoles" v-on:update="updateUsers"></EditAllDialog>
   <OkDialog
     ref="okDialog"
     :dialog-label="$t('delete')"
@@ -105,27 +140,42 @@ import OkDialog from 'src/components/dialog/OkDialog.vue';
 import { useNotify } from 'src/vueLib/general/useNotify';
 import { useUserTable } from './UserTable';
 import { useLogin } from 'src/vueLib/login/useLogin';
-import { roles } from '../roles/RoleTable';
+import { roles, useRoleTable } from '../roles/RoleTable';
+import { i18n } from 'src/boot/lang';
+import { useUserStore } from 'src/vueLib/login/userStore';
 
 const { NotifyResponse } = useNotify();
 const editOneDialog = ref();
 const editAllDialog = ref();
 const okDialog = ref();
 const deleteText = ref('');
-const localRoles = computed(() => roles.value.map((role) => role.role));
+const localRoles = computed(() => {
+  return roles.value.map((role) => role.role);
+});
 const selectOption = ref(false);
 const selected = ref<Users>([]);
 const openSubmenu = ref(false);
 const filter = ref('');
-
+const currentUser = ref();
 const { users, pagination, loading, columns, updateUsers } = useUserTable();
+const { updateRoles } = useRoleTable();
+const user = useUserStore();
 
 //load on mounting page
 onMounted(() => {
   loading.value = true;
+  const login = useLogin();
+  currentUser.value = login.getUser();
   updateUsers();
+  updateRoles().catch((err) => console.error(err));
 });
 
+//check authorization
+function autorized(user: User): boolean {
+  if (user.id !== 1) return true;
+  return false;
+}
+
 // opens dialog for all user values
 function openSingleValueDialog(label: string, field: string, user: User) {
   editOneDialog.value?.open(label, field, user);
@@ -151,16 +201,15 @@ function removeUser(...removeUsers: Users) {
   const userIds: number[] = [];
 
   removeUsers.forEach((user: User) => {
-    if (user.id) {
+    if (user.id === currentUser.value.id) {
+      NotifyResponse(i18n.global.t('notPossibleToDeleteLoggedInUser'), 'error');
+    } else if (user.id) {
       userIds.push(user.id);
     }
   });
 
-  const login = useLogin();
-  const user = login.getUser();
-
   appApi
-    .post('secure/users/delete?id=' + user?.id, { ids: userIds })
+    .post('users/delete?id=' + currentUser.value.id, { ids: userIds })
     .then(() => {
       updateUsers();
       selected.value = [];
@@ -171,10 +220,19 @@ function removeUser(...removeUsers: Users) {
     });
 }
 
+// update role select
+function updateUser(user: User) {
+  appApi
+    .post('/users/update', user)
+    .then((resp) => console.log(100, resp))
+    .catch((err) => console.log(101, err));
+}
+
 function getSelected(): Users {
   if (selected.value.length === 0) return [];
   return selected.value;
 }
+
 defineExpose({
   getSelected,
 });

src/vueLib/utils/validation.ts

@@ -0,0 +1,21 @@
+import type { QForm } from 'quasar';
+import { nextTick } from 'vue';
+
+export async function validateQForm(formRef: QForm | null | undefined): Promise<boolean> {
+  await nextTick(); // wait until all inputs are rendered
+  const components = formRef?.getValidationComponents?.();
+
+  if (!components) {
+    console.warn('No validation components found in form');
+    return true;
+  }
+
+  let allValid = true;
+
+  for (const comp of components) {
+    const valid = await comp.validate();
+    if (!valid) allValid = false;
+  }
+
+  return allValid;
+}