paadi/memberApp
1
0
Fork 0
Code Issues 6 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: paadi:v1.0.3
Branches Tags
paadi:main
paadi:v1.2.0 paadi:v1.1.1 paadi:v1.1.0 paadi:v1.0.8 paadi:v1.0.7 paadi:v1.0.6 paadi:v1.0.5 paadi:v1.0.4 paadi:v1.0.3 paadi:v1.0.1 paadi:v1.0.0
..
compare: paadi:v1.0.4
Branches Tags
paadi:main
paadi:v1.2.0 paadi:v1.1.1 paadi:v1.1.0 paadi:v1.0.8 paadi:v1.0.7 paadi:v1.0.6 paadi:v1.0.5 paadi:v1.0.4 paadi:v1.0.3 paadi:v1.0.1 paadi:v1.0.0

1 Commits
v1.0.3 ... v1.0.4

Author SHA1 Message Date
Adrian Zürcher
cc3a547961 new package dbHandler accesscontrol memeberdb and login with rights
All checks were successful
Build Quasar SPA and Go Backend for memberApp / build-spa (push) Successful in 2m20s
Details
Build Quasar SPA and Go Backend for memberApp / build-backend (amd64, .exe, windows) (push) Successful in 5m27s
Details
Build Quasar SPA and Go Backend for memberApp / build-backend (amd64, , linux) (push) Successful in 5m32s
Details
Build Quasar SPA and Go Backend for memberApp / build-backend (arm, 6, , linux) (push) Successful in 5m28s
Details
Build Quasar SPA and Go Backend for memberApp / build-backend (arm64, , linux) (push) Successful in 5m29s
Details
2025-10-31 14:54:05 +01:00
60 changed files with 1062 additions and 1162 deletions
Expand all files Collapse all files

BIN
backend/bin/memberApp.exe
View File

Binary file not shown.

BIN
backend/bin/server-arm64
View File

Binary file not shown.

45
backend/dbRequest/dbRequest.go
View File

@@ -1,45 +0,0 @@
package dbRequest
import (
"backend/models"
"fmt"
"net/http"
"github.com/gin-gonic/gin"
)
var CreateUserTable string = `CREATE TABLE IF NOT EXISTS users (
id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT NOT NULL,
email TEXT NOT NULL,
role TEXT NOT NULL,
password TEXT NOT NULL,
settings TEXT NOT NULL
);`
var CreateRoleTable string = `CREATE TABLE IF NOT EXISTS roles (
id INTEGER PRIMARY KEY AUTOINCREMENT,
role TEXT NOT NULL,
rights TEXT NOT NULL
);`
var NewUser string = `INSERT INTO users (username, email, role, password, settings) VALUES (?, ?, ?, ?, ?)`
var NewRole = `INSERT INTO roles (role, rights) VALUES (?, ?)`
var DBQueryPassword string = `SELECT id, role, password, settings FROM users WHERE username = ?`
var DBUserLookup string = `SELECT EXISTS(SELECT 1 FROM users WHERE username = ?)`
var DBRoleLookup string = `SELECT EXISTS(SELECT 1 FROM roles WHERE role = ?)`
var DBRemoveUser string = `DELETE FROM users WHERE username = $1`
var DBUpdateSettings string = `UPDATE users SET settings = ? WHERE username = ?`
var DBUpdateRole string = `UPDATE roles SET rights = ? WHERE role = ?`
func CheckDBError(c *gin.Context, username string, err error) bool {
if err != nil {
if err.Error() == "sql: no rows in result set" {
c.JSON(http.StatusBadRequest, models.NewJsonErrorMessageResponse(fmt.Sprintf("no user '%s' found", username)))
return true
}
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return true
}
return false
}

27
backend/go.mod
View File

@@ -3,29 +3,34 @@ module backend
go 1.24.5
require (
gitea.tecamino.com/paadi/memberDB v1.0.1
gitea.tecamino.com/paadi/access-handler v1.0.12
gitea.tecamino.com/paadi/memberDB v1.0.4
gitea.tecamino.com/paadi/tecamino-dbm v0.1.1
gitea.tecamino.com/paadi/tecamino-logger v0.2.1
github.com/gin-contrib/cors v1.7.6
github.com/gin-gonic/gin v1.11.0
github.com/golang-jwt/jwt/v5 v5.2.2
golang.org/x/crypto v0.40.0
modernc.org/sqlite v1.39.0
golang.org/x/crypto v0.43.0
)
require (
gitea.tecamino.com/paadi/dbHandler v1.0.4 // indirect
github.com/bytedance/sonic v1.14.0 // indirect
github.com/bytedance/sonic/loader v0.3.0 // indirect
github.com/cloudwego/base64x v0.1.6 // indirect
github.com/dustin/go-humanize v1.0.1 // indirect
github.com/gabriel-vasile/mimetype v1.4.9 // indirect
github.com/gin-contrib/sse v1.1.0 // indirect
github.com/glebarez/go-sqlite v1.21.2 // indirect
github.com/glebarez/sqlite v1.11.0 // indirect
github.com/go-playground/locales v0.14.1 // indirect
github.com/go-playground/universal-translator v0.18.1 // indirect
github.com/go-playground/validator/v10 v10.27.0 // indirect
github.com/goccy/go-json v0.10.5 // indirect
github.com/goccy/go-yaml v1.18.0 // indirect
github.com/golang-jwt/jwt/v5 v5.3.0 // indirect
github.com/google/uuid v1.6.0 // indirect
github.com/jinzhu/inflection v1.0.0 // indirect
github.com/jinzhu/now v1.1.5 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/klauspost/cpuid/v2 v2.3.0 // indirect
github.com/leodido/go-urn v1.4.0 // indirect
@@ -45,15 +50,17 @@ require (
go.uber.org/zap v1.27.0 // indirect
golang.org/x/arch v0.20.0 // indirect
golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b // indirect
golang.org/x/mod v0.25.0 // indirect
golang.org/x/net v0.42.0 // indirect
golang.org/x/sync v0.16.0 // indirect
golang.org/x/sys v0.35.0 // indirect
golang.org/x/text v0.27.0 // indirect
golang.org/x/tools v0.34.0 // indirect
golang.org/x/mod v0.28.0 // indirect
golang.org/x/net v0.45.0 // indirect
golang.org/x/sync v0.17.0 // indirect
golang.org/x/sys v0.37.0 // indirect
golang.org/x/text v0.30.0 // indirect
golang.org/x/tools v0.37.0 // indirect
google.golang.org/protobuf v1.36.9 // indirect
gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
gorm.io/gorm v1.31.0 // indirect
modernc.org/libc v1.66.3 // indirect
modernc.org/mathutil v1.7.1 // indirect
modernc.org/memory v1.11.0 // indirect
modernc.org/sqlite v1.39.0 // indirect
)

50
backend/go.sum
View File

@@ -1,5 +1,9 @@
gitea.tecamino.com/paadi/memberDB v1.0.1 h1:hNnnoCeFRBEOQ+QmizF9nzvrQ8bNed8YrDln5jeRy2Y=
gitea.tecamino.com/paadi/memberDB v1.0.1/go.mod h1:4tgbjrSZ2FZeJL68R2TFHPH34+aGxx5wtZxRmu6nZv4=
gitea.tecamino.com/paadi/access-handler v1.0.12 h1:lSmW0YrBJJvCqCg0ukTJHlFUNwd7q6hFYtNd2rfztrE=
gitea.tecamino.com/paadi/access-handler v1.0.12/go.mod h1:w71lpnuu5MgAWG3oiI9vsY2dWi4njF/iPrM/xV/dbBQ=
gitea.tecamino.com/paadi/dbHandler v1.0.4 h1:ctnaec0GDdtw3gRQdUISVDYLJ9x+vt50VW41OemfhD4=
gitea.tecamino.com/paadi/dbHandler v1.0.4/go.mod h1:y/xn/POJg1DO++67uKvnO23lJQgh+XFQq7HZCS9Getw=
gitea.tecamino.com/paadi/memberDB v1.0.4 h1:2H7obSoMq4dW+VN8PsDOv1UK75hCtlF+NymU5NBGuw4=
gitea.tecamino.com/paadi/memberDB v1.0.4/go.mod h1:iLm7nunVRzqJK8CV4PJVuWIhgPlQjNIaeOkmtfK5fMg=
gitea.tecamino.com/paadi/tecamino-dbm v0.1.1 h1:vAq7mwUxlxJuLzCQSDMrZCwo8ky5usWi9Qz+UP+WnkI=
gitea.tecamino.com/paadi/tecamino-dbm v0.1.1/go.mod h1:+tmf1rjPaKEoNeUcr1vdtoFIFweNG3aUGevDAl3NMBk=
gitea.tecamino.com/paadi/tecamino-logger v0.2.1 h1:sQTBKYPdzn9mmWX2JXZBtGBvNQH7cuXIwsl4TD0aMgE=
@@ -23,6 +27,10 @@ github.com/gin-contrib/sse v1.1.0 h1:n0w2GMuUpWDVp7qSpvze6fAu9iRxJY4Hmj6AmBOU05w
github.com/gin-contrib/sse v1.1.0/go.mod h1:hxRZ5gVpWMT7Z0B0gSNYqqsSCNIJMjzvm6fqCz9vjwM=
github.com/gin-gonic/gin v1.11.0 h1:OW/6PLjyusp2PPXtyxKHU0RbX6I/l28FTdDlae5ueWk=
github.com/gin-gonic/gin v1.11.0/go.mod h1:+iq/FyxlGzII0KHiBGjuNn4UNENUlKbGlNmc+W50Dls=
github.com/glebarez/go-sqlite v1.21.2 h1:3a6LFC4sKahUunAmynQKLZceZCOzUthkRkEAl9gAXWo=
github.com/glebarez/go-sqlite v1.21.2/go.mod h1:sfxdZyhQjTM2Wry3gVYWaW072Ri1WMdWJi0k6+3382k=
github.com/glebarez/sqlite v1.11.0 h1:wSG0irqzP6VurnMEpFGer5Li19RpIRi2qvQz++w0GMw=
github.com/glebarez/sqlite v1.11.0/go.mod h1:h8/o8j5wiAsqSPoWELDUdJXhjAhsVliSn7bWZjOhrgQ=
github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
@@ -35,8 +43,8 @@ github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4=
github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
github.com/goccy/go-yaml v1.18.0 h1:8W7wMFS12Pcas7KU+VVkaiCng+kG8QiFeFwzFb+rwuw=
github.com/goccy/go-yaml v1.18.0/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA=
github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8=
github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@@ -44,6 +52,10 @@ github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e h1:ijClszYn+mADRFY17k
github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
github.com/klauspost/cpuid/v2 v2.3.0 h1:S4CRMLnYUhGeDFDqkGriYKdfoFlDnMtqTiI/sFzhA9Y=
@@ -94,23 +106,23 @@ go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
golang.org/x/arch v0.20.0 h1:dx1zTU0MAE98U+TQ8BLl7XsJbgze2WnNKF/8tGp/Q6c=
golang.org/x/arch v0.20.0/go.mod h1:bdwinDaKcfZUGpH09BB7ZmOfhalA8lQdzl62l8gGWsk=
golang.org/x/crypto v0.40.0 h1:r4x+VvoG5Fm+eJcxMaY8CQM7Lb0l1lsmjGBQ6s8BfKM=
golang.org/x/crypto v0.40.0/go.mod h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY=
golang.org/x/crypto v0.43.0 h1:dduJYIi3A3KOfdGOHX8AVZ/jGiyPa3IbBozJ5kNuE04=
golang.org/x/crypto v0.43.0/go.mod h1:BFbav4mRNlXJL4wNeejLpWxB7wMbc79PdRGhWKncxR0=
golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b h1:M2rDM6z3Fhozi9O7NWsxAkg/yqS/lQJ6PmkyIV3YP+o=
golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b/go.mod h1:3//PLf8L/X+8b4vuAfHzxeRUl04Adcb341+IGKfnqS8=
golang.org/x/mod v0.25.0 h1:n7a+ZbQKQA/Ysbyb0/6IbB1H/X41mKgbhfv7AfG/44w=
golang.org/x/mod v0.25.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
golang.org/x/net v0.42.0 h1:jzkYrhi3YQWD6MLBJcsklgQsoAcw89EcZbJw8Z614hs=
golang.org/x/net v0.42.0/go.mod h1:FF1RA5d3u7nAYA4z2TkclSCKh68eSXtiFwcWQpPXdt8=
golang.org/x/sync v0.16.0 h1:ycBJEhp9p4vXvUZNszeOq0kGTPghopOL8q0fq3vstxw=
golang.org/x/sync v0.16.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
golang.org/x/mod v0.28.0 h1:gQBtGhjxykdjY9YhZpSlZIsbnaE2+PgjfLWUQTnoZ1U=
golang.org/x/mod v0.28.0/go.mod h1:yfB/L0NOf/kmEbXjzCPOx1iK1fRutOydrCMsqRhEBxI=
golang.org/x/net v0.45.0 h1:RLBg5JKixCy82FtLJpeNlVM0nrSqpCRYzVU1n8kj0tM=
golang.org/x/net v0.45.0/go.mod h1:ECOoLqd5U3Lhyeyo/QDCEVQ4sNgYsqvCZ722XogGieY=
golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug=
golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI=
golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
golang.org/x/text v0.27.0 h1:4fGWRpyh641NLlecmyl4LOe6yDdfaYNrGb2zdfo4JV4=
golang.org/x/text v0.27.0/go.mod h1:1D28KMCvyooCX9hBiosv5Tz/+YLxj0j7XhWjpSUF7CU=
golang.org/x/tools v0.34.0 h1:qIpSLOxeCYGg9TrcJokLBG4KFA6d795g0xkBkiESGlo=
golang.org/x/tools v0.34.0/go.mod h1:pAP9OwEaY1CAW3HOmg3hLZC5Z0CCmzjAF2UQMSqNARg=
golang.org/x/sys v0.37.0 h1:fdNQudmxPjkdUTPnLn5mdQv7Zwvbvpaxqs831goi9kQ=
golang.org/x/sys v0.37.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
golang.org/x/text v0.30.0 h1:yznKA/E9zq54KzlzBEAWn1NXSQ8DIp/NYMy88xJjl4k=
golang.org/x/text v0.30.0/go.mod h1:yDdHFIX9t+tORqspjENWgzaCVXgk0yYnYuSZ8UzzBVM=
golang.org/x/tools v0.37.0 h1:DVSRzp7FwePZW356yEAChSdNcQo6Nsp+fex1SUW09lE=
golang.org/x/tools v0.37.0/go.mod h1:MBN5QPQtLMHVdvsbtarmTNukZDdgwdwlO5qGacAzF0w=
google.golang.org/protobuf v1.36.9 h1:w2gp2mA27hUeUzj9Ex9FBjsBm40zfaDtEWow293U7Iw=
google.golang.org/protobuf v1.36.9/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -119,6 +131,8 @@ gopkg.in/natefinch/lumberjack.v2 v2.2.1/go.mod h1:YD8tP3GAjkrDg1eZH7EGmyESg/lsYs
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gorm.io/gorm v1.31.0 h1:0VlycGreVhK7RF/Bwt51Fk8v0xLiiiFdbGDPIZQ7mJY=
gorm.io/gorm v1.31.0/go.mod h1:XyQVbO2k6YkOis7C2437jSit3SsDK72s7n7rsSHd+Gs=
modernc.org/cc/v4 v4.26.2 h1:991HMkLjJzYBIfha6ECZdjrIYz2/1ayr+FL8GN+CNzM=
modernc.org/cc/v4 v4.26.2/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0=
modernc.org/ccgo/v4 v4.28.0 h1:rjznn6WWehKq7dG4JtLRKxb52Ecv8OUGah8+Z/SfpNU=

60
backend/main.go
View File

@@ -3,7 +3,6 @@ package main
import (
"backend/models"
"backend/server"
"backend/user"
"backend/utils"
"flag"
"fmt"
@@ -14,9 +13,10 @@ import (
"strings"
"time"
AccessHandler "gitea.tecamino.com/paadi/access-handler"
dbApi "gitea.tecamino.com/paadi/memberDB/api"
"gitea.tecamino.com/paadi/tecamino-dbm/cert"
dbApi "gitea.tecamino.com/paadi/memberDB/api"
"gitea.tecamino.com/paadi/tecamino-logger/logging"
"github.com/gin-contrib/cors"
"github.com/gin-gonic/gin"
@@ -59,14 +59,14 @@ func main() {
TerminalOut: true,
})
if err != nil {
logger.Error("main new logger", err.Error())
logger.Error("main new logger", err)
panic(err)
}
//new login manager
userManager, err := user.NewUserManager(".")
accessHandler, err := AccessHandler.NewAccessHandler(".", logger)
if err != nil {
logger.Error("main login manager", err.Error())
logger.Error("main login manager", err)
panic(err)
}
@@ -74,7 +74,11 @@ func main() {
s := server.NewServer()
// initiate Database handler
dbHandler := dbApi.NewAPIHandler()
dbHandler, err := dbApi.NewAPIHandler(logger)
if err != nil {
logger.Error("main login manager", err)
panic(err)
}
//get local ip
httpString := "http://"
@@ -82,17 +86,18 @@ func main() {
httpString = "https://"
}
allowOrigins = append(allowOrigins, httpString+"localhost:9000", httpString+"localhost:9500", httpString+"127.0.0.1:9500")
allowOrigins = append(allowOrigins, httpString+"localhost:9000", httpString+"localhost:9500", httpString+"127.0.0.1:9500", httpString+"0.0.0.0:9500")
localIP, err := utils.GetLocalIP()
if err != nil {
logger.Error("main", fmt.Sprintf("get local ip : %s", err.Error()))
logger.Error("main", fmt.Sprintf("get local ip : %s", err))
} else {
allowOrigins = append(allowOrigins, fmt.Sprintf("%s%s:9000", httpString, localIP), fmt.Sprintf("%s%s:9500", httpString, localIP))
}
s.Routes.Use(cors.New(cors.Config{
AllowOrigins: allowOrigins,
AllowOrigins: allowOrigins,
//AllowOrigins: []string{"*"},
AllowMethods: []string{"POST", "GET", "DELETE", "OPTIONS"},
AllowHeaders: []string{"Origin", "Content-Type"},
ExposeHeaders: []string{"Content-Length"},
@@ -100,21 +105,25 @@ func main() {
MaxAge: 12 * time.Hour,
}))
//set logger for AuthMiddleware
accessHandler.SetMiddlewareLogger(s.Routes)
api := s.Routes.Group("/api")
//set routes
//public
api.GET("/logout", userManager.Logout)
api.GET("/login/me", userManager.Me)
api.GET("/logout", accessHandler.Logout)
api.GET("/login/me", accessHandler.Me)
api.POST("/login", userManager.Login)
api.POST("/login", accessHandler.Login)
//private
auth := api.Group("/secure", user.AuthMiddleware())
auth := api.Group("", accessHandler.AuthMiddleware())
auth.GET("/users", userManager.GetUserById)
auth.GET("/members", dbHandler.GetMemberById)
auth.GET("/roles", userManager.GetRoleById)
role := auth.Group("", accessHandler.AuthorizeRole("/api"))
role.GET("/members", dbHandler.GetMember)
auth.GET("/users", accessHandler.GetUser)
auth.GET("/roles", accessHandler.GetRole)
auth.POST("database/open", dbHandler.OpenDatabase)
auth.POST("/members/add", dbHandler.AddNewMember)
@@ -122,23 +131,22 @@ func main() {
auth.POST("/members/delete", dbHandler.DeleteMember)
auth.POST("/members/import/csv", dbHandler.ImportCSV)
auth.POST("/settings/update", userManager.UpdateSettings)
auth.POST("/roles/add", accessHandler.AddRole)
auth.POST("/roles/update", accessHandler.UpdateRole)
auth.POST("/roles/delete", accessHandler.DeleteRole)
auth.POST("/roles/add", userManager.AddRole)
auth.POST("/roles/update", userManager.UpdateRole)
auth.POST("/roles/delete", userManager.DeleteRole)
auth.POST("/users/add", accessHandler.AddUser)
auth.POST("/users/update", accessHandler.UpdateUser)
auth.POST("/users/delete", accessHandler.DeleteUser)
auth.POST("/users/add", userManager.AddUser)
auth.POST("/users/delete", userManager.DeleteUser)
auth.POST("/login/refresh", userManager.Refresh)
api.POST("/login/refresh", accessHandler.Refresh)
// Serve static files
s.Routes.StaticFS("/assets", gin.Dir(filepath.Join(*spa, "assets"), true))
s.Routes.NoRoute(func(c *gin.Context) {
// Disallow fallback for /api paths
if strings.HasPrefix(c.Request.URL.Path, "/api") {
c.JSON(http.StatusNotFound, models.NewJsonErrorMessageResponse("API endpoint not found"))
c.JSON(http.StatusNotFound, models.NewJsonMessageResponse("API endpoint not found"))
return
}
// Try to serve file from SPA directory
@@ -155,7 +163,7 @@ func main() {
go func() {
time.Sleep(500 * time.Millisecond)
if err := utils.OpenBrowser(fmt.Sprintf("%slocalhost:%d", httpString, *port), logger); err != nil {
logger.Error("main", fmt.Sprintf("starting browser error : %s", err.Error()))
logger.Error("main", fmt.Sprintf("starting browser error : %s", err))
}
}()

BIN
backend/members.dba
View File

Binary file not shown.

4
backend/models/jsonResponse.go
View File

@@ -5,16 +5,14 @@ type JsonResponse struct {
Message string `json:"message,omitempty"`
}
func NewJsonErrorMessageResponse(msg string) JsonResponse {
func NewJsonMessageResponse(msg string) JsonResponse {
return JsonResponse{
Error: true,
Message: msg,
}
}
func NewJsonErrorResponse(err error) JsonResponse {
return JsonResponse{
Error: true,
Message: err.Error(),
}
}

10
backend/models/rights.go
View File

@@ -1,8 +1,6 @@
package models
type Rights struct {
Name string `json:"name,omitempty"`
Read bool `json:"read,omitempty"`
Write bool `json:"write,omitempty"`
Delete bool `json:"delete,omitempty"`
}
// type Rights struct {
// Name string `json:"name"`
// Rights int `json:"rights"`
// }

16
backend/models/role.go
View File

@@ -1,11 +1,11 @@
package models
type Role struct {
Id int `json:"id"`
Role string `json:"role"`
Rights []Rights `json:"rights"`
}
// type Role struct {
// Id int `json:"id"`
// Role string `json:"role"`
// Rights []Rights `json:"rights"`
// }
func (r *Role) IsValid() bool {
return r.Role != ""
}
// func (r *Role) IsValid() bool {
// return r.Role != ""
// }

16
backend/models/settings.go
View File

@@ -1,9 +1,11 @@
package models
type Settings struct {
PrimaryColor string `json:"primaryColor,omitempty"`
SecondaryColor string `json:"secondaryColor,omitempty"`
Icon string `json:"icon,omitempty"`
DatabaseName string `json:"databaseName,omitempty"`
DatabaseToken string `json:"databaseToken,omitempty"`
}
// type Settings struct {
// PrimaryColor string `json:"primaryColor,omitempty"`
// PrimaryColorText string `json:"primaryColorText,omitempty"`
// SecondaryColor string `json:"secondaryColor,omitempty"`
// SecondaryColorText string `json:"secondaryColorText,omitempty"`
// Icon string `json:"icon,omitempty"`
// DatabaseName string `json:"databaseName,omitempty"`
// DatabaseToken string `json:"databaseToken,omitempty"`
// }

22
backend/models/user.go
View File

@@ -1,14 +1,14 @@
package models
type User struct {
Id int `json:"id"`
Name string `json:"user"`
Email string `json:"email"`
Role string `json:"role"`
Password string `json:"password,omitempty"`
Settings Settings `json:"settings"`
}
// type User struct {
// Id int `json:"id"`
// Name string `json:"user"`
// Email string `json:"email"`
// Role string `json:"role"`
// Password string `json:"password,omitempty"`
// Settings Settings `json:"settings"`
// }
func (u *User) IsValid() bool {
return u.Name != ""
}
// func (u *User) IsValid() bool {
// return u.Name != ""
// }

41
backend/user/Middleware.go
View File

@@ -1,41 +0,0 @@
package user
import (
"net/http"
"github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v5"
)
func AuthMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
// Read access token from cookie
cookie, err := c.Cookie("access_token")
if err != nil {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"message": "not logged in"})
return
}
token, err := jwt.Parse(cookie, func(t *jwt.Token) (any, error) {
return JWT_SECRET, nil
})
if err != nil || !token.Valid {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"message": "invalid token"})
return
}
c.Next()
}
}
func AuthorizeRole(roles ...string) gin.HandlerFunc {
return func(c *gin.Context) {
userRole := c.GetString("role")
for _, role := range roles {
if userRole == role {
c.Next()
return
}
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"message": "Forbidden"})
}
}
}

181
backend/user/login.go
View File

@@ -1,181 +0,0 @@
package user
import (
"backend/dbRequest"
"backend/models"
"backend/utils"
"encoding/json"
"io"
"net/http"
"time"
"github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v5"
_ "modernc.org/sqlite"
)
var JWT_SECRET = []byte("4h5Jza1Fn_zuzu&417%8nH*UH100+55-")
var DOMAIN = "localhost"
var ACCESS_TOKEN_TIME = 15 * time.Minute
var REFRESH_TOKEN_TIME = 72 * time.Hour
func (um *UserManager) Login(c *gin.Context) {
if !um.databaseOpened(c) {
return
}
body, err := io.ReadAll(c.Request.Body)
if err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
user := models.User{}
err = json.Unmarshal(body, &user)
if err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
if !user.IsValid() {
c.JSON(http.StatusBadRequest, models.NewJsonErrorMessageResponse("user empty"))
return
}
var storedPassword, settingsJsonString string
if err := um.database.QueryRow(dbRequest.DBQueryPassword, user.Name).Scan(&user.Id, &user.Role, &storedPassword, &settingsJsonString); dbRequest.CheckDBError(c, user.Name, err) {
return
}
err = json.Unmarshal([]byte(settingsJsonString), &user.Settings)
if err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorMessageResponse(err.Error()))
return
}
if !utils.CheckPassword(user.Password, storedPassword) {
c.JSON(http.StatusBadRequest, models.NewJsonErrorMessageResponse("wrong password"))
return
}
// ---- Create JWT tokens ----
accessTokenExp := time.Now().Add(ACCESS_TOKEN_TIME)
refreshTokenExp := time.Now().Add(REFRESH_TOKEN_TIME)
// Create token
accessToken := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
"id": user.Id,
"username": user.Name,
"role": user.Role,
"type": "access",
"exp": accessTokenExp.Unix(),
})
refreshToken := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
"id": user.Id,
"username": user.Name,
"role": user.Role,
"type": "refresh",
"exp": refreshTokenExp.Unix(),
})
accessString, err := accessToken.SignedString(JWT_SECRET)
if err != nil {
c.JSON(http.StatusInternalServerError, models.NewJsonErrorMessageResponse("could not create access token"))
return
}
refreshString, err := refreshToken.SignedString(JWT_SECRET)
if err != nil {
c.JSON(http.StatusInternalServerError, models.NewJsonErrorMessageResponse("could not create refresh token"))
return
}
// ---- Set secure cookies ----
secure := gin.Mode() == gin.ReleaseMode
c.SetCookie("access_token", accessString, int(time.Until(accessTokenExp).Seconds()),
"/", "", secure, true) // Path=/, Secure=true (only HTTPS), HttpOnly=true
c.SetCookie("refresh_token", refreshString, int(time.Until(refreshTokenExp).Seconds()),
"/", "", secure, true)
c.JSON(http.StatusOK, gin.H{
"message": "login successful",
"id": user.Id,
"user": user.Name,
"role": user.Role,
"settings": user.Settings,
})
}
func (um *UserManager) Refresh(c *gin.Context) {
refreshCookie, err := c.Cookie("refresh_token")
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{"message": "no refresh token"})
return
}
token, err := jwt.Parse(refreshCookie, func(token *jwt.Token) (any, error) {
return JWT_SECRET, nil
})
if err != nil || !token.Valid {
c.JSON(http.StatusUnauthorized, gin.H{"message": "invalid refresh token"})
return
}
claims, ok := token.Claims.(jwt.MapClaims)
if !ok || claims["type"] != "refresh" {
c.JSON(http.StatusUnauthorized, gin.H{"message": "invalid token type"})
return
}
username := claims["username"].(string)
id := claims["id"].(float64)
role := claims["role"].(string)
// new access token
accessExp := time.Now().Add(ACCESS_TOKEN_TIME)
newAccess := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
"id": id,
"username": username,
"role": role,
"exp": accessExp.Unix(),
})
accessString, _ := newAccess.SignedString(JWT_SECRET)
c.SetCookie("access_token", accessString, int(time.Until(accessExp).Seconds()), "/", DOMAIN, gin.Mode() == gin.ReleaseMode, true)
c.JSON(http.StatusOK, gin.H{"message": "token refreshed"})
}
func (um *UserManager) Me(c *gin.Context) {
// Read access token from cookie
cookie, err := c.Cookie("access_token")
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{"message": "not logged in"})
return
}
// Verify token
token, err := jwt.Parse(cookie, func(t *jwt.Token) (any, error) {
return JWT_SECRET, nil
})
if err != nil || !token.Valid {
c.JSON(http.StatusUnauthorized, gin.H{"message": "invalid token"})
return
}
claims := token.Claims.(jwt.MapClaims)
c.JSON(http.StatusOK, gin.H{
"id": claims["id"],
"user": claims["username"],
"role": claims["role"],
})
}
func (um *UserManager) Logout(c *gin.Context) {
secure := gin.Mode() == gin.ReleaseMode
c.SetCookie("access_token", "", -1, "/", DOMAIN, secure, true)
c.SetCookie("refresh_token", "", -1, "/", DOMAIN, secure, true)
c.JSON(http.StatusOK, gin.H{"message": "logged out"})
}

261
backend/user/manager.go
View File

@@ -1,261 +0,0 @@
package user
import (
"backend/dbRequest"
"backend/models"
"backend/utils"
"database/sql"
"encoding/json"
"errors"
"fmt"
"io"
"net/http"
"os"
"strconv"
"strings"
"github.com/gin-gonic/gin"
)
type UserManager struct {
database *sql.DB
}
func NewUserManager(dir string) (*UserManager, error) {
if dir == "" {
dir = "."
}
var err error
var um UserManager
file := fmt.Sprintf("%s/user.db", dir)
um.database, err = sql.Open("sqlite", file)
if err != nil {
return nil, err
}
if _, err := os.Stat(file); err != nil {
_, err = um.database.Exec(dbRequest.CreateUserTable)
if err != nil {
return nil, err
}
hash, err := utils.HashPassword("tecamino@2025")
if err != nil {
return nil, err
}
_, err = um.database.Exec(dbRequest.NewUser, "admin", "", "admin", hash, `{"databaseName":"members.dba","primaryColor":"#1976d2", "secondaryColor":"#26a69a"}`)
if err != nil {
return nil, err
}
}
return &um, nil
}
func (um *UserManager) databaseOpened(c *gin.Context) bool {
if um.database == nil {
c.JSON(http.StatusBadRequest, gin.H{
"message": "no database opened",
})
return false
}
return true
}
func (um *UserManager) AddUser(c *gin.Context) {
if !um.databaseOpened(c) {
return
}
body, err := io.ReadAll(c.Request.Body)
if err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
user := models.User{}
err = json.Unmarshal(body, &user)
if err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
if !user.IsValid() {
c.JSON(http.StatusBadRequest, models.NewJsonErrorMessageResponse("user empty"))
return
}
var exists bool
if err := um.database.QueryRow(dbRequest.DBUserLookup, user.Name).Scan(&exists); dbRequest.CheckDBError(c, user.Name, err) {
return
}
if exists {
c.JSON(http.StatusOK, models.NewJsonErrorMessageResponse(fmt.Sprintf("user '%s' exists already", user.Name)))
return
}
hash, err := utils.HashPassword(user.Password)
if err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
if !utils.IsValidEmail(user.Email) {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(errors.New("not valid email address")))
return
}
if _, err := um.database.Exec(dbRequest.NewUser, user.Name, user.Email, user.Role, hash, "{}"); dbRequest.CheckDBError(c, user.Name, err) {
return
}
c.JSON(http.StatusOK, gin.H{
"message": fmt.Sprintf("user '%s' successfully added", user.Name),
})
}
func (um *UserManager) GetUserById(c *gin.Context) {
if !um.databaseOpened(c) {
return
}
var i int
var err error
id := c.Query("id")
if id != "" {
i, err = strconv.Atoi(id)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"message": err.Error(),
})
return
}
}
query := `SELECT id, username, email, role, settings FROM users`
var args any
if i > 0 {
query = `
SELECT id, username, email, role, settings FROM users
WHERE id = ?
`
args = i
}
rows, err := um.database.Query(query, args)
if err != nil {
return
}
defer rows.Close()
var users []models.User
for rows.Next() {
var id int
var name, email, role, settingsString string
if err = rows.Scan(&id, &name, &email, &role, &settingsString); err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"message": err.Error(),
})
return
}
var settings models.Settings
err := json.Unmarshal([]byte(settingsString), &settings)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"message": err.Error(),
})
return
}
users = append(users, models.User{
Id: id,
Name: name,
Email: email,
Role: role,
Settings: settings,
})
}
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"message": err.Error(),
})
return
}
c.JSON(http.StatusOK, users)
}
func (um *UserManager) DeleteUser(c *gin.Context) {
if !um.databaseOpened(c) {
return
}
queryId := c.Query("id")
if queryId == "" || queryId == "null" || queryId == "undefined" {
c.JSON(http.StatusBadRequest, gin.H{
"message": "id query missing or wrong value: " + queryId,
})
return
}
var request struct {
Ids []int `json:"ids"`
}
err := c.BindJSON(&request)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"message": err.Error(),
})
return
}
if len(request.Ids) == 0 {
c.JSON(http.StatusBadRequest, gin.H{
"message": "no ids given to be deleted",
})
return
}
var ownId string
placeholders := make([]string, len(request.Ids))
args := make([]any, len(request.Ids))
for i, id := range request.Ids {
if queryId == fmt.Sprint(id) {
ownId = queryId
continue
}
placeholders[i] = "?"
args[i] = id
}
query := fmt.Sprintf("DELETE FROM users WHERE id IN (%s)", strings.Join(placeholders, ","))
_, err = um.database.Exec(query, args...)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"message": err.Error(),
})
return
}
if ownId != "" {
c.JSON(http.StatusBadRequest, gin.H{
"message": "can not delete logged in member id: " + queryId,
"id": queryId,
})
return
}
c.JSON(http.StatusOK, gin.H{
"message": "member(s) deleted",
})
}

245
backend/user/roles.go
View File

@@ -1,245 +0,0 @@
package user
import (
"backend/dbRequest"
"backend/models"
"encoding/json"
"fmt"
"io"
"net/http"
"strconv"
"strings"
"github.com/gin-gonic/gin"
)
func (um *UserManager) AddRole(c *gin.Context) {
if !um.databaseOpened(c) {
return
}
body, err := io.ReadAll(c.Request.Body)
if err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
role := models.Role{}
err = json.Unmarshal(body, &role)
if err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
if !role.IsValid() {
c.JSON(http.StatusBadRequest, models.NewJsonErrorMessageResponse("user empty"))
return
}
var exists bool
if err := um.database.QueryRow(dbRequest.DBRoleLookup, role.Role).Scan(&exists); dbRequest.CheckDBError(c, role.Role, err) {
return
}
if exists {
c.JSON(http.StatusOK, models.NewJsonErrorMessageResponse(fmt.Sprintf("role '%s' exists already", role.Role)))
return
}
jsonBytes, err := json.Marshal(role.Rights)
if err != nil {
c.JSON(http.StatusOK, models.NewJsonErrorMessageResponse(err.Error()))
return
}
if _, err := um.database.Exec(dbRequest.NewRole, role.Role, string(jsonBytes)); dbRequest.CheckDBError(c, role.Role, err) {
return
}
c.JSON(http.StatusOK, gin.H{
"message": fmt.Sprintf("role '%s' successfully added", role.Role),
})
}
func (um *UserManager) GetRoleById(c *gin.Context) {
if !um.databaseOpened(c) {
return
}
if _, err := um.database.Exec(dbRequest.CreateRoleTable); err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
var i int
var err error
id := c.Query("id")
if id != "" {
i, err = strconv.Atoi(id)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"message": err.Error(),
})
return
}
}
query := `SELECT id, role, rights FROM roles`
var args any
if i > 0 {
query = `
SELECT id, role, rights FROM users
WHERE id = ?
`
args = i
}
rows, err := um.database.Query(query, args)
if err != nil {
return
}
defer rows.Close()
var roles []models.Role
for rows.Next() {
var id int
var role, rightsString string
if err = rows.Scan(&id, &role, &rightsString); err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"message": err.Error(),
})
return
}
var data struct {
Rights []models.Rights `json:"rights"`
}
err := json.Unmarshal([]byte(rightsString), &data)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"message": err.Error(),
})
return
}
roles = append(roles, models.Role{
Id: id,
Role: role,
Rights: data.Rights,
})
}
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"message": err.Error(),
})
return
}
c.JSON(http.StatusOK, roles)
}
func (um *UserManager) UpdateRole(c *gin.Context) {
if !um.databaseOpened(c) {
return
}
body, err := io.ReadAll(c.Request.Body)
if err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
role := models.Role{}
err = json.Unmarshal(body, &role)
if err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
jsonBytes, err := json.Marshal(role)
if err != nil {
c.JSON(http.StatusOK, models.NewJsonErrorMessageResponse(err.Error()))
return
}
if _, err := um.database.Exec(dbRequest.DBUpdateRole, string(jsonBytes), role.Role); err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
c.JSON(http.StatusOK, gin.H{
"message": fmt.Sprintf("role rights '%s' successfully updated", role.Role),
})
}
func (um *UserManager) DeleteRole(c *gin.Context) {
if !um.databaseOpened(c) {
return
}
queryRole := c.Query("role")
if queryRole == "" || queryRole == "null" || queryRole == "undefined" {
c.JSON(http.StatusBadRequest, gin.H{
"message": "role query missing or wrong value: " + queryRole,
})
return
}
var request struct {
Roles []string `json:"roles"`
}
err := c.BindJSON(&request)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"message": err.Error(),
})
return
}
if len(request.Roles) == 0 {
c.JSON(http.StatusBadRequest, gin.H{
"message": "no roles given to be deleted",
})
return
}
var ownRole string
placeholders := make([]string, len(request.Roles))
args := make([]any, len(request.Roles))
for i, role := range request.Roles {
if ownRole == role {
ownRole = queryRole
continue
}
placeholders[i] = "?"
args[i] = role
}
query := fmt.Sprintf("DELETE FROM roles WHERE role IN (%s)", strings.Join(placeholders, ","))
_, err = um.database.Exec(query, args...)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"message": err.Error(),
})
return
}
if ownRole != "" {
c.JSON(http.StatusBadRequest, gin.H{
"message": "can not delete logged in role id: " + ownRole,
"role": ownRole,
})
return
}
c.JSON(http.StatusOK, gin.H{
"message": "role(s) deleted",
})
}

46
backend/user/settings.go
View File

@@ -1,46 +0,0 @@
package user
import (
"backend/dbRequest"
"backend/models"
"encoding/json"
"fmt"
"io"
"net/http"
"github.com/gin-gonic/gin"
)
func (um *UserManager) UpdateSettings(c *gin.Context) {
if !um.databaseOpened(c) {
return
}
body, err := io.ReadAll(c.Request.Body)
if err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
user := models.User{}
err = json.Unmarshal(body, &user)
if err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
jsonBytes, err := json.Marshal(user.Settings)
if err != nil {
c.JSON(http.StatusOK, models.NewJsonErrorMessageResponse(err.Error()))
return
}
if _, err := um.database.Exec(dbRequest.DBUpdateSettings, string(jsonBytes), user.Name); err != nil {
c.JSON(http.StatusBadRequest, models.NewJsonErrorResponse(err))
return
}
c.JSON(http.StatusOK, gin.H{
"message": fmt.Sprintf("user settings '%s' successfully updated", user.Name),
})
}

6
backend/utils/utils.go
View File

@@ -6,7 +6,6 @@ import (
"os"
"os/exec"
"path/filepath"
"regexp"
"runtime"
"gitea.tecamino.com/paadi/tecamino-logger/logging"
@@ -64,8 +63,3 @@ func FindAllFiles(rootDir, fileExtention string) (files []string, err error) {
})
return
}
func IsValidEmail(email string) bool {
re := regexp.MustCompile(`^[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}$`)
return re.MatchString(email)
}

31
package-lock.json generated
View File

@@ -1,12 +1,12 @@
{
"name": "lightcontrol",
"version": "1.0.0",
"version": "1.0.1",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "lightcontrol",
"version": "1.0.0",
"version": "1.0.1",
"hasInstallScript": true,
"dependencies": {
"@capacitor-community/sqlite": "^7.0.1",
@@ -19,12 +19,15 @@
"vue": "^3.4.18",
"vue-i18n": "^11.1.12",
"vue-router": "^4.0.12",
"vuedraggable": "^4.1.0"
"vue3-touch-events": "^5.0.13",
"vuedraggable": "^4.1.0",
"zxcvbn": "^4.4.2"
},
"devDependencies": {
"@eslint/js": "^9.14.0",
"@quasar/app-vite": "^2.1.0",
"@types/node": "^20.5.9",
"@types/zxcvbn": "^4.4.5",
"@vue/eslint-config-prettier": "^10.1.0",
"@vue/eslint-config-typescript": "^14.4.0",
"autoprefixer": "^10.4.2",
@@ -1883,6 +1886,13 @@
"@types/send": "*"
}
},
"node_modules/@types/zxcvbn": {
"version": "4.4.5",
"resolved": "https://registry.npmjs.org/@types/zxcvbn/-/zxcvbn-4.4.5.tgz",
"integrity": "sha512-FZJgC5Bxuqg7Rhsm/bx6gAruHHhDQ55r+s0JhDh8CQ16fD7NsJJ+p8YMMQDhSQoIrSmjpqqYWA96oQVMNkjRyA==",
"dev": true,
"license": "MIT"
},
"node_modules/@typescript-eslint/eslint-plugin": {
"version": "8.31.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.31.1.tgz",
@@ -8222,6 +8232,15 @@
"typescript": ">=5.0.0"
}
},
"node_modules/vue3-touch-events": {
"version": "5.0.13",
"resolved": "https://registry.npmjs.org/vue3-touch-events/-/vue3-touch-events-5.0.13.tgz",
"integrity": "sha512-VOprVhKsL5DaistDFU0+oLJz/LaFzVENeUzs4Hp3PeD0TVx1vNEgNgS/9WehUHlUIUuCdnmLm0TkmITjwVmUBQ==",
"license": "MIT",
"peerDependencies": {
"vue": "^3.0.0"
}
},
"node_modules/vuedraggable": {
"version": "4.1.0",
"resolved": "https://registry.npmjs.org/vuedraggable/-/vuedraggable-4.1.0.tgz",
@@ -8415,6 +8434,12 @@
"engines": {
"node": ">= 14"
}
},
"node_modules/zxcvbn": {
"version": "4.4.2",
"resolved": "https://registry.npmjs.org/zxcvbn/-/zxcvbn-4.4.2.tgz",
"integrity": "sha512-Bq0B+ixT/DMyG8kgX2xWcI5jUvCwqrMxSFam7m0lAf78nf04hv6lNCsyLYdyYTrCVMqNDY/206K7eExYCeSyUQ==",
"license": "MIT"
}
}
}

7
package.json
View File

@@ -1,6 +1,6 @@
{
"name": "lightcontrol",
"version": "1.0.1",
"version": "1.0.4",
"description": "A Tecamino App",
"productName": "Member Database",
"author": "A. Zuercher",
@@ -25,12 +25,15 @@
"vue": "^3.4.18",
"vue-i18n": "^11.1.12",
"vue-router": "^4.0.12",
"vuedraggable": "^4.1.0"
"vue3-touch-events": "^5.0.13",
"vuedraggable": "^4.1.0",
"zxcvbn": "^4.4.2"
},
"devDependencies": {
"@eslint/js": "^9.14.0",
"@quasar/app-vite": "^2.1.0",
"@types/node": "^20.5.9",
"@types/zxcvbn": "^4.4.5",
"@vue/eslint-config-prettier": "^10.1.0",
"@vue/eslint-config-typescript": "^14.4.0",
"autoprefixer": "^10.4.2",

2
quasar.config.ts
View File

@@ -109,7 +109,7 @@ export default defineConfig((/* ctx */) => {
// you can manually specify Quasar components/directives to be available everywhere:
//
// components: [],
// directives: [],
//directives: [],
// Quasar plugins
plugins: ['Notify', 'Dialog'],

35
src/assets/lang/de-CH.yaml
View File

@@ -37,7 +37,9 @@ password: Passwort
isRequired: isch erforderlich
colors: Farbe
primaryColor: Primär Farb
primaryColorText: Primär Text Farb
secondaryColor: Sekondär Farb
secondaryColorText: Sekondär Text Farb
database: Datebank
general: Augemein
setColors: Setz Farbe
@@ -51,12 +53,31 @@ role: Rolle
addNewUser: Füeg neue Benutzer hinzue
expires: Ablouf
selectUserOptions: Wähle Benutzer Optione
prenameIsRequired: Vorname ist erforderlich
lastNameIsRequired: Nachname ist erforderlich
birthdayIsRequired: Geburtstag ist erforderlich
userIsRequired: Benutzer ist erforderlich
emailIsRequired: Email ist erforderlich
roleIsRequired: Rolle ist erforderlich
rights: Recht
prenameIsRequired: Vorname isch erforderlich
lastNameIsRequired: Nachname isch erforderlich
birthdayIsRequired: Geburtstag isch erforderlich
userIsRequired: Benutzer isch erforderlich
emailIsRequired: Email isch erforderlich
roleIsRequired: Rolle isch erforderlich
permissions: Recht
selectRoleOptions: Wähle Roue Optione
addNewRole: Füeg neui Roue hinzue
veryWeak: sehr Schwach
weak: Schwach
fair: So so
good: Guet
strong: Stark
passwordIsRequired: Password isch erforderlich
passwordTooShort: Ds Passwort mues mindestens 8 Zeiche läng si
passwordNeedsUppercase: Ds Passwort mues mindestens ei Grossbuechstabe enthaute
passwordNeedsLowercase: Ds Passwort mues mindestens ei Chlibuechstabe enthaute
passwordNeedsNumber: Ds Passwort mues mindestens ei Zau enthaute
passwordNeedsSpecial: Ds Passwort mues mindestens eis Sonderzeiche enthaute
passwordDoNotMatch: Passwörter stimme nid überei
read: Lese
write: Schribe
userSettings: Benutzer Istellige
members: Mitglider
attendanceTable: Anweseheits Tabelle
excursionTable: Usflugs Tabelle
updated: aktualisiert

23
src/assets/lang/de-DE.yaml
View File

@@ -37,7 +37,9 @@ password: Passwort
isRequired: ist erforderlich
colors: Farben
primaryColor: Primär Farbe
primaryColorText: Primär Text Farbe
secondaryColor: Sekondär Farbe
secondaryColorText: Sekondär Text Farbe
database: Datenbank
general: Allgemein
setColors: Setze Farben
@@ -57,6 +59,25 @@ birthdayIsRequired: Geburtstag ist erforderlich
userIsRequired: Benutzer ist erforderlich
emailIsRequired: Email ist erforderlich
roleIsRequired: Rolle ist erforderlich
rights: Rechte
permissions: Rechte
selectRoleOptions: Wähle Rollen Option
addNewRole: Füge neue Rolle hinzu
veryWeak: sehr Schwach
weak: Schwach
fair: Ausreichend
good: Gut
strong:
passwordIsRequired: Password ist erforderlich
passwordTooShort: Das Passwort muss mindestens 8 Zeichen lang sein
passwordNeedsUppercase: Das Passwort muss mindestens einen Großbuchstaben enthalten
passwordNeedsLowercase: Das Passwort muss mindestens einen Kleinbuchstaben enthalten
passwordNeedsNumber: Das Passwort muss mindestens eine Zahl enthalten
passwordNeedsSpecial: Das Passwort muss mindestens ein Sonderzeichen enthalten
passwordDoNotMatch: Passwörter stimmen nicht überein
read: Lesen
write: Schreiben
userSettings: Benutzer Einstellungen
members: Mitglieder
attendanceTable: Anwesenheits Tabelle
excursionTable: Ausflugs Tabelle
updated: aktualisiert

23
src/assets/lang/en-US.yaml
View File

@@ -37,7 +37,9 @@ password: Password
isRequired: is required
colors: Colors
primaryColor: Primary Color
primaryColorText: Primary Text Color
secondaryColor: Secondary Color
secondaryColorText: Secondary Text Color
database: Database
general: General
setColors: Set Colors
@@ -57,6 +59,25 @@ birthdayIsRequired: Birthday is required
userIsRequired: User is required
emailIsRequired: Email is required
roleIsRequired: Role is required
rights: Rights
permissions: Permissions
selectRoleOptions: Select Role Options
addNewRole: Add new Role
veryWeak: very Weak
weak: Weak
fair: Fair
good: Good
strong: Strong
passwordIsRequired: Password is required
passwordTooShort: Password must be at least 8 characters long
passwordNeedsUppercase: Password must contain at least one uppercase letter
passwordNeedsLowercase: Password must contain at least one lowercase letter
passwordNeedsNumber: Password must contain at least one number
passwordNeedsSpecial: Password must contain at least one special character
passwordDoNotMatch: Password do not match
read: Read
write: Write
userSettings: User Settings
members: Members
attendanceTable: Attendance Table
excursionTable: Excursion Table
updated: updated

4
src/boot/auth.ts
View File

@@ -14,7 +14,9 @@ export default boot(async ({ app }) => {
await appApi
.get('/login/me')
.then((resp) => {
useStore.setUser({ id: resp.data.id, username: resp.data.username, role: resp.data.role });
useStore
.setUser({ id: resp.data.id, username: resp.data.username, role: resp.data.role })
.catch((err) => console.log(err));
login.refresh().catch((err) => console.error(err));
})
.catch(() => {

2
src/boot/axios.ts
View File

@@ -17,7 +17,7 @@ interface RetryRequestConfig extends AxiosRequestConfig {
_retry?: boolean;
}
const noRefreshEndpoints = ['/login', '/secure/login/refresh', '/logout'];
const noRefreshEndpoints = ['/login', '/login/refresh', '/logout'];
// ========= Refresh Queue Handling ========= //
let isRefreshing = false;

22
src/boot/quasar-global.ts
View File

@@ -1,6 +1,6 @@
import { boot } from 'quasar/wrappers';
import { setQuasarInstance } from 'src/utils/globalQ';
import { setRouterInstance } from 'src/utils/globalRouter';
import { setQuasarInstance } from 'src/vueLib/utils/globalQ';
import { setRouterInstance } from 'src/vueLib/utils/globalRouter';
import { databaseName } from 'src/vueLib/tables/members/MembersTable';
import { Logo } from 'src/vueLib/models/logo';
@@ -15,11 +15,29 @@ export default boot(({ app, router }) => {
if (primaryColor == null || primaryColor === 'undefined' || primaryColor.trim() === '') {
primaryColor = null;
}
let primaryColorText = localStorage.getItem('primaryColorText');
if (
primaryColorText == null ||
primaryColorText === 'undefined' ||
primaryColorText.trim() === ''
) {
primaryColorText = null;
}
let secondaryColor = localStorage.getItem('secondaryColor');
if (secondaryColor == null || secondaryColor === 'undefined' || secondaryColor.trim() === '') {
secondaryColor = null;
}
let secondaryColorText = localStorage.getItem('secondaryColorText');
if (
secondaryColorText == null ||
secondaryColorText === 'undefined' ||
secondaryColorText.trim() === ''
) {
secondaryColorText = null;
}
document.documentElement.style.setProperty('--q-primary', primaryColor ?? '#1976d2');
document.documentElement.style.setProperty('--q-primary-text', primaryColorText ?? '#ffffff');
document.documentElement.style.setProperty('--q-secondary', secondaryColor ?? '#26a69a');
document.documentElement.style.setProperty('--q-secondary-text', secondaryColorText ?? '#ffffff');
});

21
src/components/EditOneDialog.vue
View File

@@ -29,6 +29,16 @@ const localTitle = ref('');
const localField = ref('');
const value = ref('');
const props = defineProps({
endpoint: {
type: String,
required: true,
},
queryId: {
type: Boolean,
},
});
const emit = defineEmits(['update']);
const { NotifyResponse } = useNotify();
@@ -42,7 +52,10 @@ function open(label: string, field: string, member: Member) {
}
function save() {
const query = 'secure/members/edit?id=' + localMember.value.id;
let query = props.endpoint;
if (props.queryId) {
query += '?id=' + localMember.value.id;
}
let payload = {};
if (value.value === localMember.value[localField.value]) {
@@ -50,13 +63,15 @@ function save() {
return;
}
payload = {
id: localMember.value.id,
[localField.value]: value.value,
};
appApi
.post(query, payload)
.then(() => {
emit('update', '');
.then((resp) => {
emit('update');
NotifyResponse(resp.data);
dialog.value.close();
})
.catch((err) => {

4
src/components/MemberEditAllDialog.vue
View File

@@ -161,9 +161,9 @@ async function save() {
if (!valid) return;
let query = 'secure/members/edit?id=' + localMember.value.id;
let query = 'members/edit?id=' + localMember.value.id;
if (newMember.value) {
query = 'secure/members/add';
query = 'members/add';
}
appApi

45
src/components/RoleEditAllDialog.vue
View File

@@ -2,18 +2,29 @@
<DialogFrame
ref="dialog"
:header-title="newRole ? $t('addNewRole') : 'Edit ' + localRole.role"
:height="600"
:height="700"
:width="500"
>
<div class="row justify-center q-gutter-md">
<div class="row justify-center">
<q-input
class="q-ml-md col-5 required"
v-if="showRoleField"
class="q-my-lg col-5 required"
:label="$t('role')"
filled
:rules="[(val) => !!val || $t('roleIsRequired')]"
v-model="localRole.role"
autofocus
></q-input>
<q-card>
<q-card-section class="text-h5 text-bold text-primary flex justify-center">{{
$t('permissions')
}}</q-card-section>
<q-separator color="black" />
<PermissionsCheckBoxGroup
:permissions="localRole.permissions || []"
v-on:update="(val) => (localRole.permissions = val)"
/>
</q-card>
</div>
<div class="row justify-center">
<q-btn class="q-ma-md" color="primary" no-caps @click="save">Save</q-btn>
@@ -27,29 +38,35 @@ import { ref } from 'vue';
import { appApi } from 'src/boot/axios';
import type { Role } from 'src/vueLib/models/roles';
import { useNotify } from 'src/vueLib/general/useNotify';
import PermissionsCheckBoxGroup from 'src/vueLib/checkboxes/CheckBoxGroupPermissions.vue';
import { defaultPermissions } from 'src/vueLib/checkboxes/permissions';
import { i18n } from 'src/boot/lang';
const { NotifyResponse } = useNotify();
const dialog = ref();
const newRole = ref(false);
const showRoleField = ref(true);
const localRole = ref<Role>({
role: '',
rights: null,
permissions: [],
});
const emit = defineEmits(['update-role']);
const emit = defineEmits(['update']);
function open(role: Role | null) {
function open(role: Role | null, typ?: 'permissions') {
if (role === undefined) {
return;
}
showRoleField.value = typ !== 'permissions';
if (role !== null) {
localRole.value = role;
localRole.value.permissions = role.permissions || defaultPermissions;
newRole.value = false;
} else {
localRole.value = {
role: '',
rights: null,
permissions: defaultPermissions,
};
newRole.value = true;
}
@@ -58,15 +75,23 @@ function open(role: Role | null) {
}
function save() {
let query = 'secure/roles/edit?id=' + localRole.value.id;
let query = 'roles/update?id=' + localRole.value.id;
let update = true;
if (newRole.value) {
query = 'secure/roles/add';
query = 'roles/add';
update = false;
localRole.value.permissions = defaultPermissions;
}
appApi
.post(query, JSON.stringify(localRole.value))
.then(() => {
emit('update-role');
if (update) {
NotifyResponse(
i18n.global.t('role') + " '" + localRole.value.role + "' " + i18n.global.t('updated'),
);
}
emit('update');
dialog.value.close();
})
.catch((err) => NotifyResponse(err, 'error'));

1
src/components/UploadDialog.vue
View File

@@ -7,6 +7,7 @@
:url="`https://0.0.0.0:` + portApp + `/api/members/import/csv`"
label="Import CSV"
multiple
:with-credentials="true"
accept=".csv"
field-name="file"
method="POST"

204
src/components/UserEditAllDialog.vue
View File

@@ -5,36 +5,100 @@
:height="600"
:width="500"
>
<div class="row justify-center q-gutter-md">
<q-input
class="q-ml-md col-5 required"
:label="$t('user')"
filled
:rules="[(val) => !!val || $t('userIsRequired')]"
v-model="localUser.user"
autofocus
></q-input>
<q-input
class="q-ml-md col-5 required"
:label="$t('email')"
filled
:rules="[(val) => !!val || $t('emailIsRequired')]"
v-model="localUser.email"
></q-input>
<q-input
class="q-ml-md col-5 required"
:label="$t('role')"
filled
:rules="[(val) => !!val || $t('roleIsRequired')]"
v-model="localUser.role"
></q-input>
<q-input
class="q-ml-md col-5"
:label="$t('expires')"
filled
v-model="localUser.expires"
></q-input>
</div>
<q-form ref="form">
<div class="row justify-center q-gutter-md">
<q-input
class="col-5 required"
:label="$t('user')"
filled
:lazy-rules="false"
:rules="[(val) => !!val || $t('userIsRequired')]"
v-model="localUser.user"
autofocus
></q-input>
<q-input
class="col-5 required"
:label="$t('email')"
filled
:lazy-rules="false"
:rules="[(val) => !!val || $t('emailIsRequired')]"
v-model="localUser.email"
></q-input>
<div class="col-5">
<q-input
class="col-5 required"
:label="$t('password')"
filled
:lazy-rules="false"
:rules="[validatePassword]"
v-model="localUser.password"
@update:model-value="checkStrength"
:type="showPassword1 ? 'text' : 'password'"
>
<template v-slot:append>
<q-btn
flat
dense
:icon="showPassword1 ? 'visibility_off' : 'visibility'"
@mousedown.prevent="showPassword1 = true"
@mouseup.prevent="showPassword1 = false"
@mouseleave.prevent="showPassword1 = false"
@touchstart.prevent="showPassword1 = true"
@touchend.prevent="showPassword1 = false"
@touchcancel.prevent="showPassword1 = false"
></q-btn>
<q-icon :name="strengthIcon" :color="strengthColor"></q-icon>
</template>
</q-input>
<div class="q-mt-md q-px-xl">
<q-linear-progress :value="strengthValue" :color="strengthColor" size="8px" rounded />
<div class="text-caption text-center q-mt-xs">
{{ strengthLabel }}
</div>
</div>
<q-input
class="col-5 required"
:label="$t('password')"
filled
:type="showPassword2 ? 'text' : 'password'"
:rules="[checkSamePassword]"
v-model="passwordCheck"
>
<template v-slot:append>
<q-btn
flat
dense
:icon="showPassword2 ? 'visibility_off' : 'visibility'"
@mousedown.prevent="showPassword2 = true"
@mouseup.prevent="showPassword2 = false"
@mouseleave.prevent="showPassword2 = false"
@touchstart.prevent="showPassword2 = true"
@touchend.prevent="showPassword2 = false"
@touchcancel.prevent="showPassword2 = false"
></q-btn>
</template>
</q-input>
</div>
<div class="col-5">
<q-select
class="col-5 required"
:label="$t('role')"
filled
:options="props.roles"
:rules="[(val) => !!val || $t('roleIsRequired')]"
v-model="localUser.role"
></q-select>
<q-input
class="col-5"
:label="$t('expires')"
filled
v-model="localUser.expires"
></q-input>
</div>
</div>
</q-form>
<div class="row justify-center">
<q-btn class="q-ma-md" color="primary" no-caps @click="save">Save</q-btn>
</div>
@@ -44,13 +108,25 @@
<script setup lang="ts">
import DialogFrame from 'src/vueLib/dialog/DialogFrame.vue';
import { ref } from 'vue';
import zxcvbn from 'zxcvbn';
import { appApi } from 'src/boot/axios';
import type { User } from 'src/vueLib/models/users';
import { useNotify } from 'src/vueLib/general/useNotify';
import { validateQForm } from 'src/vueLib/utils/validation';
import { i18n } from 'src/boot/lang';
import { DefaultSettings } from 'src/vueLib/models/settings';
const { NotifyResponse } = useNotify();
const dialog = ref();
const form = ref();
const newUser = ref(false);
const showPassword1 = ref(false);
const showPassword2 = ref(false);
const passwordCheck = ref('');
const strengthValue = ref(0);
const strengthLabel = ref('Enter a password');
const strengthColor = ref('grey');
const strengthIcon = ref('lock');
const localUser = ref<User>({
user: '',
email: '',
@@ -58,9 +134,16 @@ const localUser = ref<User>({
expires: '',
});
const emit = defineEmits(['update-user']);
const props = defineProps({
roles: {
type: Array,
required: true,
},
});
function open(user: User | null) {
const emit = defineEmits(['update']);
async function open(user: User | null) {
if (user === undefined) {
return;
}
@@ -78,19 +161,66 @@ function open(user: User | null) {
newUser.value = true;
}
dialog.value?.open();
await dialog.value?.open();
await validateQForm(form.value);
}
function save() {
let query = 'secure/users/edit?id=' + localUser.value.id;
function checkStrength() {
const result = zxcvbn(localUser.value.password || '');
strengthValue.value = (result.score + 1) / 5;
const levels = [
i18n.global.t('veryWeak'),
i18n.global.t('weak'),
i18n.global.t('fair'),
i18n.global.t('good'),
i18n.global.t('strong'),
];
const colors = ['red', 'orange', 'yellow', 'light-green', 'green'];
const icon = ['lock', 'warning', 'error_outline', 'check_circle_outline', 'verified_user'];
strengthLabel.value = levels[result.score] || i18n.global.t('veryWeak');
strengthColor.value = colors[result.score] || 'grey';
strengthIcon.value = icon[result.score] || 'lock';
}
function validatePassword(): string | boolean {
if (!localUser.value.password) return i18n.global.t('passwordIsRequired');
if (localUser.value.password.length < 8) {
return i18n.global.t('passwordTooShort');
} else if (!/[A-Z]/.test(localUser.value.password)) {
return i18n.global.t('passwordNeedsUppercase');
} else if (!/[a-z]/.test(localUser.value.password)) {
return i18n.global.t('passwordNeedsLowercase');
} else if (!/[0-9]/.test(localUser.value.password)) {
return i18n.global.t('passwordNeedsNumber');
} else if (!/[!@#$%^&*(),.?":{}|<>]/.test(localUser.value.password)) {
return i18n.global.t('passwordNeedsSpecial');
}
return true;
}
function checkSamePassword(): string | boolean {
if (localUser.value.password === passwordCheck.value) return true;
return i18n.global.t('passwordDoNotMatch');
}
async function save() {
if (!(await validateQForm(form.value))) {
NotifyResponse(i18n.global.t('notAllRequiredFieldsFilled'), 'error');
return;
}
let query = 'users/edit?id=' + localUser.value.id;
if (newUser.value) {
query = 'secure/users/add';
query = 'users/add';
localUser.value.settings = DefaultSettings();
}
appApi
.post(query, JSON.stringify(localUser.value))
.then(() => {
emit('update-user');
emit('update');
dialog.value.close();
})
.catch((err) => NotifyResponse(err, 'error'));

15
src/css/quasar.variables.scss
View File

@@ -13,7 +13,9 @@
// Tip: Use the "Theme Builder" on Quasar's documentation website.
$primary: #1976d2;
$primary-text: #ffffff;
$secondary: #26a69a;
$secondary-text: #ffffff;
$accent: #9c27b0;
$dark: #1d1d1d;
@@ -23,3 +25,16 @@ $positive: #21ba45;
$negative: #c10015;
$info: #31ccec;
$warning: #f2c037;
:root {
--q-primary-text: #ffffff;
--q-secondary-text: #ffffff;
}
.text-primary-text {
color: var(--q-primary-text) !important;
}
.text-secondary-text {
color: var(--q-secondary-text) !important;
}

15
src/layouts/MainLayout.vue
View File

@@ -10,7 +10,7 @@
/>
<q-btn flat dense round icon="menu" aria-label="Menu" @click="toggleLeftDrawer" />
<q-toolbar-title> {{ productName }} </q-toolbar-title>
<q-toolbar-title class="text-primary-text"> {{ productName }} </q-toolbar-title>
<div>Version {{ version }}</div>
<q-btn dense icon="refresh" square class="q-px-md q-ml-md" @click="refresh" />
@@ -23,7 +23,14 @@
<q-item v-if="!autorized" to="/login" exact clickable v-ripple @click="closeDrawer">
<q-item-section>{{ $t('login') }}</q-item-section>
</q-item>
<q-item v-if="autorized" to="/members" exact clickable v-ripple @click="closeDrawer">
<q-item
v-if="autorized || user.isPermittedTo('members', 'read')"
to="/members"
exact
clickable
v-ripple
@click="closeDrawer"
>
<q-item-section>Members</q-item-section>
</q-item>
</q-list>
@@ -45,7 +52,9 @@ const localLogo = ref(Logo);
const leftDrawerOpen = ref(false);
const user = useUserStore();
const autorized = computed(() => !!user.isAuthorizedAs(['admin']));
const autorized = computed(
() => user.isAuthorizedAs(['admin']) || user.isPermittedTo('settings', 'read'),
);
function toggleLeftDrawer() {
leftDrawerOpen.value = !leftDrawerOpen.value;

10
src/pages/LoginPage.vue
View File

@@ -7,18 +7,20 @@
<script setup lang="ts">
import LoginForm from 'src/vueLib/login/LoginForm.vue';
import { useUserStore } from 'src/vueLib/login/userStore';
import { onMounted } from 'vue';
import { nextTick, onMounted } from 'vue';
import { useRouter } from 'vue-router';
const router = useRouter();
const userStore = useUserStore();
onMounted(() => {
const user = userStore.getUser();
if (user?.username !== '' && user?.role !== '') {
if (userStore.user?.username !== '' && userStore.user?.role !== '') {
forwardToPage().catch((err) => console.error(err));
}
});
const forwardToPage = () => router.push('/members');
const forwardToPage = async () => {
await nextTick();
await router.push('/members');
};
</script>

84
src/pages/SettingsPage.vue
View File

@@ -8,6 +8,7 @@
<p class="text-bold text-h6 text-primary q-pa-md">{{ $t('general') }}</p>
<div class="row">
<q-input
:readonly="!user.isPermittedTo('userSettings', 'write')"
:class="[
colorGroup ? 'col-md-4' : 'col-md-3',
colorGroup ? 'col-md-6' : 'col-md-6',
@@ -24,6 +25,7 @@
<p class="text-bold text-h6 text-primary q-pa-md">{{ $t('database') }}</p>
<div class="row">
<q-input
:readonly="!user.isPermittedTo('userSettings', 'write')"
:class="[
colorGroup ? 'col-md-4' : 'col-md-3',
colorGroup ? 'col-md-6' : 'col-md-6',
@@ -52,18 +54,72 @@
<div class="row">
<div class="col-12 col-sm-6 col-md-3 q-px-md">
<p class="text-center text-bold text-h6 text-primary">{{ $t('primaryColor') }}</p>
<q-color bordered class="q-mx-md" v-model="settings.primaryColor"></q-color>
<q-color
:disable="!user.isPermittedTo('userSettings', 'write')"
bordered
class="q-mx-md"
v-model="settings.primaryColor"
></q-color>
</div>
<div class="col-12 col-sm-6 col-md-3 q-px-md">
<p
:class="[
'text-center',
'text-bold',
'text-h6',
'text-primary-text',
settings.primaryColorText === '#ffffff' ? 'bg-black' : '',
]"
:style="settings.primaryColorText === '#ffffff' ? 'opacity: 0.2;' : ''"
>
{{ $t('primaryColorText') }}
</p>
<q-color
:disable="!user.isPermittedTo('userSettings', 'write')"
bordered
class="q-mx-md"
v-model="settings.primaryColorText"
></q-color>
</div>
<div class="col-12 col-sm-6 col-md-3 q-px-md">
<p class="text-center text-bold text-h6 text-secondary">
{{ $t('secondaryColor') }}
</p>
<q-color class="q-mx-md" v-model="settings.secondaryColor"></q-color>
<q-color
:disable="!user.isPermittedTo('userSettings', 'write')"
class="q-mx-md"
v-model="settings.secondaryColor"
></q-color>
</div>
<div class="col-12 col-sm-6 col-md-3 q-px-md">
<p
:class="[
'text-center',
'text-bold',
'text-h6',
'text-secondary-text',
settings.secondaryColorText === '#ffffff' ? 'bg-black' : '',
]"
:style="settings.secondaryColorText === '#ffffff' ? 'opacity: 0.2;' : ''"
>
{{ $t('secondaryColorText') }}
</p>
<q-color
:disable="!user.isPermittedTo('userSettings', 'write')"
class="q-mx-md"
v-model="settings.secondaryColorText"
></q-color>
</div>
</div>
<q-btn class="q-my-md q-mx-md" color="secondary" dense no-caps @click="resetColors">{{
$t('resetColors')
}}</q-btn>
<q-btn
:disable="!user.isPermittedTo('userSettings', 'write')"
class="q-my-md q-mx-md"
color="secondary"
dense
no-caps
@click="resetColors"
>{{ $t('resetColors') }}</q-btn
>
</div>
</q-card>
<div class="row justify-end">
@@ -83,15 +139,21 @@ import { reactive, ref, watch } from 'vue';
import { appApi } from 'src/boot/axios';
import { useNotify } from 'src/vueLib/general/useNotify';
import { type Settings } from 'src/vueLib/models/settings';
import { useLogin } from 'src/vueLib/login/useLogin';
import { useUserStore } from 'src/vueLib/login/userStore';
const { NotifyResponse } = useNotify();
const { getUser } = useLogin();
const colorGroup = ref(false);
const user = useUserStore();
const settings = reactive<Settings>({
icon: Logo.value,
databaseName: databaseName.value,
primaryColor: document.documentElement.style.getPropertyValue('--q-primary'),
primaryColorText: document.documentElement.style.getPropertyValue('--q-primary-text'),
secondaryColor: document.documentElement.style.getPropertyValue('--q-secondary'),
secondaryColorText: document.documentElement.style.getPropertyValue('--q-secondary-text'),
});
watch(settings, (newSettings) => {
@@ -101,20 +163,30 @@ watch(settings, (newSettings) => {
function resetColors() {
document.documentElement.style.setProperty('--q-primary', '#1976d2');
settings.primaryColor = '#1976d2';
document.documentElement.style.setProperty('--q-primary-text', '#ffffff');
settings.primaryColorText = '#ffffff';
document.documentElement.style.setProperty('--q-secondary', '#26a69a');
settings.secondaryColor = '#26a69a';
document.documentElement.style.setProperty('--q-secondary-text', '#ffffff');
settings.secondaryColorText = '#ffffff';
}
function save() {
document.documentElement.style.setProperty('--q-primary', settings.primaryColor);
document.documentElement.style.setProperty('--q-primary-text', settings.primaryColorText);
document.documentElement.style.setProperty('--q-secondary', settings.secondaryColor);
document.documentElement.style.setProperty('--q-secondary-text', settings.secondaryColorText);
Logo.value = settings.icon;
localStorage.setItem('icon', settings.icon);
localStorage.setItem('databaseName', settings.databaseName);
localStorage.setItem('primaryColor', settings.primaryColor);
localStorage.setItem('primaryColorText', settings.primaryColorText);
localStorage.setItem('secondaryColor', settings.secondaryColor);
localStorage.setItem('secondaryColorText', settings.secondaryColorText);
appApi
.post('secure/settings/update', { user: 'admin', settings })
.post('settings/update', { user: getUser()?.username, settings })
.then((resp) => NotifyResponse(resp.data.message))
.catch((err) => NotifyResponse(err, 'error'));
}

8
src/router/index.ts
View File

@@ -36,13 +36,13 @@ export default defineRouter(function (/* { store, ssrContext } */) {
Router.beforeEach((to, from, next) => {
const userStore = useUserStore();
const isLoggedIn = userStore.isAuthenticated;
const isAdmin = userStore.user?.role === 'admin';
if (to.meta.requiresAuth && !isLoggedIn) {
next('/login');
} else if (to.meta.requiresAdmin && !isAdmin) {
} else if (
to.meta.requiresAdmin &&
!userStore.isPermittedTo(to.path.replace('/', ''), 'read')
) {
next('/');
} else {
next();

8
src/router/routes.ts
View File

@@ -10,21 +10,21 @@ const routes: RouteRecordRaw[] = [
component: () => import('pages/LoginPage.vue'),
},
{
path: '/login',
path: 'login',
component: () => import('pages/LoginPage.vue'),
},
{
path: '/members',
path: 'members',
component: () => import('pages/MembersTable.vue'),
meta: { requiresAuth: true, requiresAdmin: true },
},
{
path: '/settings',
path: 'settings',
component: () => import('pages/SettingsPage.vue'),
meta: { requiresAuth: true, requiresAdmin: true },
},
{
path: '/usersSettings',
path: 'userSettings',
component: () => import('pages/UserSettings.vue'),
meta: { requiresAuth: true, requiresAdmin: true },
},

67
src/vueLib/checkboxes/CheckBoxGroupPermissions.vue Normal file
View File

@@ -0,0 +1,67 @@
<template>
<q-card>
<q-card bordered v-for="(permission, index) in localPermission" v-bind:key="index">
<q-card-section class="text-center">
<div class="text-h7 text-bold text-primary">{{ $t(permission.name) }}</div>
</q-card-section>
<q-separator></q-separator>
<div class="flex justify-center">
<q-checkbox
class="q-mx-md"
:model-value="isFlagSet(permission.permission, 1 << 0)"
@update:model-value="(val) => toggleBit(index, 0, val)"
>{{ i18n.global.t('read') }}</q-checkbox
>
<q-checkbox
class="q-mx-md"
:model-value="isFlagSet(permission.permission, 1 << 1)"
@update:model-value="(val) => toggleBit(index, 1, val)"
>{{ i18n.global.t('write') }}</q-checkbox
>
<q-checkbox
class="q-mx-md"
:model-value="isFlagSet(permission.permission, 1 << 2)"
@update:model-value="(val) => toggleBit(index, 2, val)"
>{{ i18n.global.t('delete') }}</q-checkbox
>
</div>
</q-card>
</q-card>
</template>
<script setup lang="ts">
import { ref, type PropType } from 'vue';
import type { Permissions } from './permissions';
import { i18n } from 'src/boot/lang';
const props = defineProps({
permissions: {
type: Object as PropType<Permissions>,
required: true,
},
});
const emit = defineEmits(['update']);
const localPermission = ref(
props.permissions.map((e) => ({
name: e.name,
permission: e.permission ?? 0,
})),
);
function isFlagSet(mask: number, flag: number) {
return (mask & flag) !== 0;
}
function toggleBit(index: number, bit: number, value: boolean) {
const item = localPermission.value[index];
if (!item) return; // guard against undefined index
const mask = 1 << bit;
const current = item.permission ?? 0;
item.permission = value ? current | mask : current & ~mask;
emit('update', localPermission.value);
}
</script>

40
src/vueLib/checkboxes/permissions.ts Normal file
View File

@@ -0,0 +1,40 @@
import { i18n } from 'src/boot/lang';
import { ref } from 'vue';
export interface Permission {
name: string;
label: string;
permission: number;
}
export type Permissions = Permission[];
export const defaultPermissions = [
{
name: 'settings',
label: i18n.global.t('settings'),
permission: 0,
},
{
name: 'userSettings',
label: i18n.global.t('userSettings'),
permission: 0,
},
{
name: 'members',
label: i18n.global.t('members'),
permission: 0,
},
{
name: 'attendanceTable',
label: i18n.global.t('attendanceTable'),
permission: 0,
},
{
name: 'excursionTable',
label: i18n.global.t('excursionTable'),
permission: 0,
},
];
export const permissions = ref<Permissions>(defaultPermissions);

49
src/vueLib/db/db.ts
View File

@@ -1,49 +0,0 @@
import { CapacitorSQLite, SQLiteConnection } from '@capacitor-community/sqlite';
import type { Settings } from '../models/settings';
const sqlite = new SQLiteConnection(CapacitorSQLite);
export async function initDB() {
const db = await sqlite.createConnection('membersDB', true, 'secreto_passwordo', 1, false);
await db.open();
await db.execute(`CREATE TABLE IF NOT EXISTS users (
id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT NOT NULL,
role TEXT NOT NULL,
password TEXT NOT NULL,
settings TEXT NOT NULL
);`);
const result = await db.query(`SELECT * FROM users WHERE username = ?`, ['admin']);
if (result.values?.length === 0) {
await db.run(`INSERT INTO users (username, role, password, settings) VALUES (?, ?, ?, ?)`, [
'admin',
'admin',
'tecamino@2023',
{},
]);
}
return db;
}
export async function addUser(user: string, role: string, password: string, settings: Settings) {
const db = await initDB();
await db.run(`INSERT INTO users (username, role, password, settings) VALUES (?, ?, ?, ?)`, [
user,
role,
password,
settings,
]);
}
export async function getUsers() {
const db = await initDB();
const resp = await db.query(`SELECT * FROM users`);
return resp.values;
}
export async function getUser(user: string) {
const db = await initDB();
const resp = await db.query(`SELECT EXISTS(SELECT 1 FROM users WHERE username = ?)`, [user]);
return resp.values;
}

50
src/vueLib/login/LoginForm.vue
View File

@@ -8,6 +8,7 @@
ref="refUserInput"
dense
filled
autocomplete="username"
type="text"
:label="$t('user')"
v-model="user"
@@ -16,6 +17,7 @@
<q-input
dense
filled
autocomplete="current-password"
:type="showPassword ? 'text' : 'password'"
:label="$t('password')"
v-model="password"
@@ -27,14 +29,17 @@
flat
dense
:icon="showPassword ? 'visibility_off' : 'visibility'"
@mousedown.left="showPassword = true"
@mouseup.left="showPassword = false"
@mouseleave="showPassword = false"
@mousedown.prevent="showPassword = true"
@mouseup.prevent="showPassword = false"
@mouseleave.prevent="showPassword = false"
@touchstart.prevent="showPassword = true"
@touchend.prevent="showPassword = false"
@touchcancel.prevent="showPassword = false"
></q-btn>
</template>
</q-input>
<div class="q-pt-sm q-mr-md row justify-end">
<q-btn color="primary" :label="$t('login')" @click="onSubmit"></q-btn>
<q-btn no-caps color="primary" :label="$t('login')" @click="onSubmit"></q-btn>
</div>
</q-card>
</q-item-section>
@@ -59,25 +64,24 @@ const { login } = useLogin();
const emit = defineEmits(['update-close']);
const onSubmit = () => {
refForm.value?.validate().then((success: boolean) => {
if (success) {
login(user.value, password.value)
.then(() => {
NotifyResponse("logged in as '" + user.value + "'");
emit('update-close');
})
.catch((err) => {
NotifyResponse(err, 'error');
shake.value = true;
setTimeout(() => {
shake.value = false;
}, 500);
});
} else {
NotifyResponse('error submitting login form', 'error');
}
});
const onSubmit = async () => {
const valid = refForm.value?.validate();
if (!valid) {
NotifyResponse('error submitting login form', 'error');
return;
}
await login(user.value, password.value)
.then(() => {
NotifyResponse("logged in as '" + user.value + "'");
})
.catch((err) => {
NotifyResponse(err, 'error');
shake.value = true;
setTimeout(() => {
shake.value = false;
}, 500);
});
emit('update-close');
};
</script>

19
src/vueLib/login/LoginMenu.vue
View File

@@ -9,6 +9,9 @@
<q-item v-if="showLogin" clickable v-close-popup @click="openLogin">
<q-item-section class="text-primary">{{ loginText }}</q-item-section>
</q-item>
<q-item>
<q-btn flat :icon="Dark.mode ? 'light_mode' : 'dark_mode'" @click="Dark.toggle"></q-btn>
</q-item>
<q-item>
<q-select
:label="$t('language')"
@@ -19,11 +22,20 @@
:options="langSelection"
></q-select>
</q-item>
<q-item v-if="autorized">
<q-item
v-if="
(autorized || user.isPermittedTo('settings', 'read')) && route.path !== '/settings'
"
>
<q-btn flat color="secondary" icon="settings" to="/settings"></q-btn>
</q-item>
<q-item v-if="autorized">
<q-btn flat color="secondary" icon="group" to="/usersSettings"></q-btn>
<q-item
v-if="
(autorized || user.isPermittedTo('userSettings', 'read')) &&
route.path !== '/userSettings'
"
>
<q-btn flat color="secondary" icon="group" to="/userSettings"></q-btn>
</q-item>
</q-list>
</q-menu>
@@ -40,6 +52,7 @@ import { useNotify } from '../general/useNotify';
import { lang, i18n } from 'src/boot/lang';
import { useUserStore } from './userStore';
import { useRoute } from 'vue-router';
import { Dark } from 'quasar';
const route = useRoute();
const showLogin = computed(

16
src/vueLib/login/useLogin.ts
View File

@@ -18,15 +18,21 @@ export function useLogin() {
Logo.value = sets.icon;
document.documentElement.style.setProperty('--q-primary', sets.primaryColor);
document.documentElement.style.setProperty('--q-primary-text', sets.primaryColorText);
document.documentElement.style.setProperty('--q-secondary', sets.secondaryColor);
document.documentElement.style.setProperty('--q-secondary-text', sets.secondaryColorText);
localStorage.setItem('icon', sets.icon);
localStorage.setItem('databaseName', sets.databaseName);
localStorage.setItem('primaryColor', sets.primaryColor);
localStorage.setItem('primaryColorText', sets.primaryColorText);
localStorage.setItem('secondaryColor', sets.secondaryColor);
localStorage.setItem('secondaryColorText', sets.secondaryColorText);
});
const resp = await appApi.get('/login/me');
userStore.setUser({ id: resp.data.id, username: resp.data.user, role: resp.data.role });
await userStore
.setUser({ id: resp.data.id, username: resp.data.user, role: resp.data.role })
.catch((err) => console.log(err));
startRefreshInterval();
return true;
@@ -47,12 +53,14 @@ export function useLogin() {
async function refresh() {
await appApi
.post('secure/login/refresh', {}, { withCredentials: true })
.post('login/refresh', {}, { withCredentials: true })
.then(() => {
appApi
.get('/login/me')
.then((resp) => {
userStore.setUser({ id: resp.data.id, username: resp.data.user, role: resp.data.role });
userStore
.setUser({ id: resp.data.id, username: resp.data.user, role: resp.data.role })
.catch((err) => console.error(err));
if (!intervalId) {
startRefreshInterval();
}
@@ -67,7 +75,7 @@ export function useLogin() {
return false;
}
function getUser() {
return userStore.getUser();
return userStore.user;
}
function startRefreshInterval() {

60
src/vueLib/login/userStore.ts
View File

@@ -1,30 +1,52 @@
import { defineStore } from 'pinia';
import { useGlobalRouter } from 'src/utils/globalRouter';
import { useGlobalQ } from 'src/utils/globalQ';
import { useGlobalRouter } from 'src/vueLib/utils/globalRouter';
import { useGlobalQ } from 'src/vueLib/utils/globalQ';
import { appApi } from 'src/boot/axios';
import { useNotify } from '../general/useNotify';
import type { Role } from '../models/roles';
import type { UserState, User } from '../models/user';
import type { Permission } from '../checkboxes/permissions';
interface User {
id: number;
username: string;
role: string;
}
interface UserState {
user: User | null;
}
const { NotifyResponse } = useNotify();
export const useUserStore = defineStore('user', {
state: (): UserState => ({
user: null,
}),
getters: {
isAuthenticated: (state): boolean => !!state.user,
isAuthenticated: (state: UserState): boolean => {
return !!state.user;
},
isAuthorizedAs: (state: UserState) => {
return (roles: string[]) => {
return state.user !== null && roles.includes(state.user.role);
};
},
isPermittedTo: (state: UserState) => {
return (name: string, type: 'read' | 'write' | 'delete'): boolean => {
const permission = state.user?.permissions?.find((r: Permission) => r.name === name);
switch (type) {
case 'read':
return permission?.permission ? (permission.permission & (1 << 0)) === 1 : false;
case 'write':
return permission?.permission ? (permission.permission & (1 << 1)) === 2 : false;
case 'delete':
return permission?.permission ? (permission.permission & (1 << 2)) === 4 : false;
}
};
},
},
actions: {
setUser(user: User) {
this.user = user;
},
getUser() {
return this.user;
async setUser(user: User) {
await appApi
.get('roles?role=' + user.role)
.then((resp) => {
const roleData = resp.data.find((role: Role) => role.role === user.role);
user.permissions = roleData?.permissions || [];
this.user = user;
})
.catch((err) => NotifyResponse(err, 'error'));
},
clearUser() {
const $q = useGlobalQ();
@@ -60,9 +82,5 @@ export const useUserStore = defineStore('user', {
}
});
},
isAuthorizedAs(roles: string[]) {
return this.user !== null && roles.includes(this.user.role);
},
},
});

8
src/vueLib/models/rights.ts
View File

@@ -1,8 +0,0 @@
export interface Right {
name: string;
read: boolean;
write: boolean;
delete: boolean;
}
export type Rights = Right[];

4
src/vueLib/models/roles.ts
View File

@@ -1,9 +1,9 @@
import type { Rights } from './rights';
import type { Permissions } from '../checkboxes/permissions';
export interface Role {
id?: number;
role: string;
rights: Rights | null;
permissions: Permissions;
}
export type Roles = Role[];

13
src/vueLib/models/settings.ts
View File

@@ -2,5 +2,18 @@ export type Settings = {
icon: string;
databaseName: string;
primaryColor: string;
primaryColorText: string;
secondaryColor: string;
secondaryColorText: string;
};
export function DefaultSettings(): Settings {
return {
icon: '',
databaseName: 'members.dba',
primaryColor: document.documentElement.style.getPropertyValue('--q-primary-text'),
primaryColorText: document.documentElement.style.getPropertyValue('--q-primary'),
secondaryColor: document.documentElement.style.getPropertyValue('--q-secondary'),
secondaryColorText: document.documentElement.style.getPropertyValue('--q-secondary-text'),
};
}

12
src/vueLib/models/user.ts Normal file
View File

@@ -0,0 +1,12 @@
import type { Permissions } from '../checkboxes/permissions';
export interface User {
id: number;
username: string;
role: string;
permissions?: Permissions;
}
export interface UserState {
user: User | null;
}

4
src/vueLib/models/users.ts
View File

@@ -1,9 +1,13 @@
import type { Settings } from './settings';
export interface User {
id?: number;
user: string;
email: string;
role: string;
expires: string;
password?: string;
settings?: Settings;
}
export type Users = User[];

4
src/vueLib/tables/members/MembersTable.ts
View File

@@ -13,7 +13,7 @@ export function useMemberTable() {
sortBy: 'firstName',
descending: false,
page: 1,
rowsPerPage: 10,
rowsPerPage: 20,
});
const columns = computed(() => [
@@ -171,7 +171,7 @@ export function useMemberTable() {
loading.value = true;
appApi
.get('secure/members')
.get('members')
.then((resp) => {
if (resp.data === null) {
members.value = [];

49
src/vueLib/tables/members/MembersTable.vue
View File

@@ -23,10 +23,17 @@
>
<template v-slot:top-left>
<q-btn-group push flat style="color: grey">
<q-btn dense flat icon="add" @click="openAllValueDialog(null)">
<q-btn
v-if="user.isPermittedTo('userSettings', 'write')"
dense
flat
icon="add"
@click="openAllValueDialog(null)"
>
<q-tooltip>{{ $t('addNewMember') }}</q-tooltip>
</q-btn>
<q-btn
v-if="user.isPermittedTo('userSettings', 'write')"
dense
flat
style="color: grey"
@@ -35,7 +42,13 @@
>
<q-tooltip>{{ $t('selectMemberOptions') }}</q-tooltip>
</q-btn>
<q-btn dense flat icon="upload" @click="openUploadDialog">
<q-btn
v-if="user.isPermittedTo('userSettings', 'write')"
dense
flat
icon="upload"
@click="openUploadDialog"
>
<q-tooltip>{{ $t('importCSV') }}</q-tooltip>
</q-btn>
</q-btn-group>
@@ -66,7 +79,11 @@
<q-td
:props="props"
:class="getRowClass(props.row)"
@click="openSingleValueDialog(props.col.label, props.col.name, props.row)"
:style="user.isPermittedTo('userSettings', 'write') ? 'cursor: pointer' : ''"
@click="
user.isPermittedTo('userSettings', 'write') &&
openSingleValueDialog(props.col.label, props.col.name, props.row)
"
>
{{ props.value }}
</q-td>
@@ -82,9 +99,19 @@
</template>
<template v-slot:body-cell-option="props">
<q-td :props="props">
<q-btn flat dense icon="more_vert" @click="openSubmenu = true" />
<q-btn
v-if="
user.isPermittedTo('userSettings', 'write') ||
user.isPermittedTo('userSettings', 'delete')
"
flat
dense
icon="more_vert"
@click="openSubmenu = true"
/>
<q-menu v-if="openSubmenu" anchor="top right" self="top left">
<q-item
v-if="user.isPermittedTo('userSettings', 'write')"
clickable
v-close-popup
@click="openAllValueDialog(props.row)"
@@ -92,6 +119,7 @@
>{{ $t('edit') }}</q-item
>
<q-item
v-if="user.isPermittedTo('userSettings', 'delete')"
clickable
v-close-popup
@click="openRemoveDialog(props.row)"
@@ -104,7 +132,12 @@
</template>
</q-table>
</div>
<EditOneDialog ref="editOneDialog" v-on:update="updateMembers"></EditOneDialog>
<EditOneDialog
ref="editOneDialog"
endpoint="members/edit"
query-id
v-on:update="updateMembers"
></EditOneDialog>
<EditAllDialog ref="editAllDialog" v-on:update="updateMembers"></EditAllDialog>
<OkDialog
ref="okDialog"
@@ -131,6 +164,7 @@ import { useNotify } from 'src/vueLib/general/useNotify';
import { useMemberTable } from './MembersTable';
import UploadDialog from 'src/components/UploadDialog.vue';
import { databaseName } from './MembersTable';
import { useUserStore } from 'src/vueLib/login/userStore';
export interface MemberDialog {
getSelected: () => Members;
@@ -146,6 +180,7 @@ const selectOption = ref(false);
const selected = ref<Members>([]);
const openSubmenu = ref(false);
const filter = ref('');
const user = useUserStore();
const {
members,
@@ -162,7 +197,7 @@ onMounted(() => {
loading.value = true;
appApi
.post('secure/database/open', { dbPath: databaseName.value, create: true })
.post('database/open', { dbPath: databaseName.value, create: true })
.then(() => {
updateMembers();
})
@@ -214,7 +249,7 @@ function removeMember(...removeMembers: Members) {
});
appApi
.post('secure/members/delete', { ids: memberIds })
.post('members/delete', { ids: memberIds })
.then(() => {
updateMembers();
selected.value = [];

29
src/vueLib/tables/roles/RoleTable.ts
View File

@@ -3,6 +3,8 @@ import { ref, computed } from 'vue';
import { useNotify } from 'src/vueLib/general/useNotify';
import { i18n } from 'boot/lang';
import type { Roles } from 'src/vueLib/models/roles';
import { useUserStore } from 'src/vueLib/login/userStore';
import { useLogin } from 'src/vueLib/login/useLogin';
export const roles = ref<Roles>([]);
@@ -31,11 +33,10 @@ export function useRoleTable() {
sortable: true,
},
{
name: 'rights',
name: 'permissions',
align: 'left' as const,
label: i18n.global.t('rights'),
field: 'rights',
sortable: true,
label: i18n.global.t('permissions'),
field: '',
style: 'width: 120px; max-width: 120px;',
},
{ name: 'option', align: 'center' as const, label: '', field: 'option', icon: 'option' },
@@ -44,18 +45,21 @@ export function useRoleTable() {
const { NotifyResponse } = useNotify();
const loading = ref(false);
const userStore = useUserStore();
const login = useLogin();
//updates user list from database
function updateRoles() {
async function updateRoles() {
loading.value = true;
appApi
.get('secure/roles')
await appApi
.get('roles?id=0')
.then((resp) => {
if (resp.data === null) {
roles.value = [];
return;
}
roles.value = resp.data as Roles;
if (roles.value === null) {
roles.value = [];
return;
@@ -68,6 +72,17 @@ export function useRoleTable() {
.finally(() => {
loading.value = false;
});
await appApi
.get('/login/me')
.then((resp) => {
userStore
.setUser({ id: resp.data.id, username: resp.data.username, role: resp.data.role })
.catch((err) => console.log(err));
login.refresh().catch((err) => console.error(err));
})
.catch(() => {
login.logout().catch((err) => console.error(err));
});
}
return {
roles,

96
src/vueLib/tables/roles/RoleTable.vue
View File

@@ -23,10 +23,17 @@
>
<template v-slot:top-left>
<q-btn-group push flat style="color: grey">
<q-btn dense flat icon="add" @click="openAllValueDialog(null)">
<q-btn
v-if="user.isPermittedTo('userSettings', 'write')"
dense
flat
icon="add"
@click="openAllValueDialog(null)"
>
<q-tooltip>{{ $t('addNewRole') }}</q-tooltip>
</q-btn>
<q-btn
v-if="user.isPermittedTo('userSettings', 'write')"
dense
flat
style="color: grey"
@@ -62,21 +69,65 @@
<template v-slot:body-cell="props">
<q-td
:props="props"
@click="openSingleValueDialog(props.col.label, props.col.name, props.row)"
:disable="!autorized(props.row)"
:style="
autorized(props.row) && user.isPermittedTo('userSettings', 'write')
? 'cursor: pointer'
: ''
"
@click="
autorized(props.row) && user.isPermittedTo('userSettings', 'write')
? openSingleValueDialog(props.col.label, props.col.name, props.row)
: ''
"
>
{{ props.value }}
</q-td>
</template>
<template v-slot:body-cell-permissions="props">
<q-td :props="props">
<q-btn
:disable="!autorized(props.row) || !user.isPermittedTo('userSettings', 'write')"
flat
dense
icon="rule"
:color="
autorized(props.row) && user.isPermittedTo('userSettings', 'write')
? 'secondary'
: 'grey'
"
@click="
user.isPermittedTo('userSettings', 'write') &&
openAllValueDialog(props.row, 'permissions')
"
>
<q-tooltip> {{ $t('permissions') }} </q-tooltip>
</q-btn>
</q-td>
</template>
<template v-slot:body-cell-option="props">
<q-td :props="props">
<q-btn flat dense icon="delete" color="negative" @click="openRemoveDialog(props.row)">
<q-btn
v-if="user.isPermittedTo('userSettings', 'delete')"
:disable="!autorized(props.row)"
flat
dense
icon="delete"
color="negative"
@click="openRemoveDialog(props.row)"
>
<q-tooltip> {{ $t('delete') }} </q-tooltip>
</q-btn>
</q-td>
</template>
</q-table>
</div>
<EditOneDialog ref="editOneDialog" v-on:update="updateRoles"></EditOneDialog>
<EditOneDialog
ref="editOneDialog"
endpoint="roles/update"
query-id
v-on:update="updateRoles"
></EditOneDialog>
<EditAllDialog ref="editAllDialog" v-on:update="updateRoles"></EditAllDialog>
<OkDialog
ref="okDialog"
@@ -101,6 +152,9 @@ import OkDialog from 'src/components/dialog/OkDialog.vue';
import { useNotify } from 'src/vueLib/general/useNotify';
import { useRoleTable } from './RoleTable';
import { useLogin } from 'src/vueLib/login/useLogin';
import { i18n } from 'src/boot/lang';
import { QTable } from 'quasar';
import { useUserStore } from 'src/vueLib/login/userStore';
const { NotifyResponse } = useNotify();
const editOneDialog = ref();
@@ -110,24 +164,33 @@ const deleteText = ref('');
const selectOption = ref(false);
const selected = ref<Roles>([]);
const openSubmenu = ref(false);
const currentUser = ref();
const filter = ref('');
const user = useUserStore();
const { roles, pagination, loading, columns, updateRoles } = useRoleTable();
//load on mounting page
onMounted(() => {
loading.value = true;
updateRoles();
const login = useLogin();
currentUser.value = login.getUser();
updateRoles().catch((err) => console.error(err));
});
function autorized(role: Role): boolean {
if (role.id !== 1) return true;
return false;
}
// opens dialog for all role values
function openSingleValueDialog(label: string, field: string, role: Role) {
editOneDialog.value?.open(label, field, role);
}
//opens dialog for one value
function openAllValueDialog(role: Role | null) {
editAllDialog.value?.open(role);
function openAllValueDialog(role: Role | null, typ?: 'permissions') {
editAllDialog.value?.open(role, typ);
}
//opens remove dialog
@@ -145,18 +208,22 @@ function removeRole(...removeRoles: Roles) {
const roles: string[] = [];
removeRoles.forEach((role: Role) => {
if (role.role) {
if (role.role === currentUser.value.role) {
NotifyResponse(i18n.global.t('notPossibleToDeleteLoggedInRole'), 'error');
} else if (role.role) {
roles.push(role.role);
}
});
const login = useLogin();
const user = login.getUser();
appApi
.post('secure/roles/delete?role=' + user?.role, { roles: roles })
.then(() => {
updateRoles();
.post('roles/delete?role=' + currentUser.value.role, { roles: roles })
.then((resp) => {
updateRoles().catch((err) => console.error(err));
if (roles.length === 1) {
NotifyResponse("'" + roles[0] + "' " + i18n.global.t('deleted'), 'warning');
} else {
NotifyResponse(resp.data, 'warning');
}
selected.value = [];
})
.catch((err) => NotifyResponse(err, 'error'))
@@ -169,6 +236,7 @@ function getSelected(): Roles {
if (selected.value.length === 0) return [];
return selected.value;
}
defineExpose({
getSelected,
});

3
src/vueLib/tables/users/UserTable.ts
View File

@@ -55,9 +55,8 @@ export function useUserTable() {
//updates user list from database
function updateUsers() {
loading.value = true;
appApi
.get('secure/users')
.get('users')
.then((resp) => {
if (resp.data === null) {
users.value = [];

86
src/vueLib/tables/users/UserTable.vue
View File

@@ -23,10 +23,17 @@
>
<template v-slot:top-left>
<q-btn-group push flat style="color: grey">
<q-btn dense flat icon="add" @click="openAllValueDialog(null)">
<q-btn
v-if="user.isPermittedTo('userSettings', 'write')"
dense
flat
icon="add"
@click="openAllValueDialog(null)"
>
<q-tooltip>{{ $t('addNewUser') }}</q-tooltip>
</q-btn>
<q-btn
v-if="user.isPermittedTo('userSettings', 'write')"
dense
flat
style="color: grey"
@@ -61,27 +68,55 @@
</template>
<template v-slot:body-cell="props">
<q-td v-if="props.col.name === 'role'" :props="props">
<q-select dense v-model="props.row.role" :options="localRoles"></q-select>
<q-select
:readonly="!user.isPermittedTo('userSettings', 'write') || !autorized(props.row)"
dense
v-model="props.row.role"
:options="localRoles"
@update:model-value="updateUser(props.row)"
></q-select>
</q-td>
<q-td
v-else
:props="props"
@click="openSingleValueDialog(props.col.label, props.col.name, props.row)"
:style="
autorized(props.row) && user.isPermittedTo('userSettings', 'write')
? 'cursor: pointer'
: ''
"
@click="
autorized(props.row) && user.isPermittedTo('userSettings', 'write')
? openSingleValueDialog(props.col.label, props.col.name, props.row)
: ''
"
>
{{ props.value }}
</q-td>
</template>
<template v-slot:body-cell-option="props">
<q-td :props="props">
<q-btn flat dense icon="delete" color="negative" @click="openRemoveDialog(props.row)">
<q-btn
v-if="user.isPermittedTo('userSettings', 'delete')"
:disable="!autorized(props.row)"
flat
dense
icon="delete"
color="negative"
@click="openRemoveDialog(props.row)"
>
<q-tooltip> {{ $t('delete') }} </q-tooltip>
</q-btn>
</q-td>
</template>
</q-table>
</div>
<EditOneDialog ref="editOneDialog" v-on:update="updateUsers"></EditOneDialog>
<EditAllDialog ref="editAllDialog" v-on:update="updateUsers"></EditAllDialog>
<EditOneDialog
ref="editOneDialog"
endpoint="users/edit"
query-id
v-on:update="updateUsers"
></EditOneDialog>
<EditAllDialog ref="editAllDialog" :roles="localRoles" v-on:update="updateUsers"></EditAllDialog>
<OkDialog
ref="okDialog"
:dialog-label="$t('delete')"
@@ -105,27 +140,42 @@ import OkDialog from 'src/components/dialog/OkDialog.vue';
import { useNotify } from 'src/vueLib/general/useNotify';
import { useUserTable } from './UserTable';
import { useLogin } from 'src/vueLib/login/useLogin';
import { roles } from '../roles/RoleTable';
import { roles, useRoleTable } from '../roles/RoleTable';
import { i18n } from 'src/boot/lang';
import { useUserStore } from 'src/vueLib/login/userStore';
const { NotifyResponse } = useNotify();
const editOneDialog = ref();
const editAllDialog = ref();
const okDialog = ref();
const deleteText = ref('');
const localRoles = computed(() => roles.value.map((role) => role.role));
const localRoles = computed(() => {
return roles.value.map((role) => role.role);
});
const selectOption = ref(false);
const selected = ref<Users>([]);
const openSubmenu = ref(false);
const filter = ref('');
const currentUser = ref();
const { users, pagination, loading, columns, updateUsers } = useUserTable();
const { updateRoles } = useRoleTable();
const user = useUserStore();
//load on mounting page
onMounted(() => {
loading.value = true;
const login = useLogin();
currentUser.value = login.getUser();
updateUsers();
updateRoles().catch((err) => console.error(err));
});
//check authorization
function autorized(user: User): boolean {
if (user.id !== 1) return true;
return false;
}
// opens dialog for all user values
function openSingleValueDialog(label: string, field: string, user: User) {
editOneDialog.value?.open(label, field, user);
@@ -151,16 +201,15 @@ function removeUser(...removeUsers: Users) {
const userIds: number[] = [];
removeUsers.forEach((user: User) => {
if (user.id) {
if (user.id === currentUser.value.id) {
NotifyResponse(i18n.global.t('notPossibleToDeleteLoggedInUser'), 'error');
} else if (user.id) {
userIds.push(user.id);
}
});
const login = useLogin();
const user = login.getUser();
appApi
.post('secure/users/delete?id=' + user?.id, { ids: userIds })
.post('users/delete?id=' + currentUser.value.id, { ids: userIds })
.then(() => {
updateUsers();
selected.value = [];
@@ -171,10 +220,19 @@ function removeUser(...removeUsers: Users) {
});
}
// update role select
function updateUser(user: User) {
appApi
.post('/users/update', user)
.then((resp) => console.log(100, resp))
.catch((err) => console.log(101, err));
}
function getSelected(): Users {
if (selected.value.length === 0) return [];
return selected.value;
}
defineExpose({
getSelected,
});

0
src/utils/globalQ.ts → src/vueLib/utils/globalQ.ts
View File

0
src/utils/globalRouter.ts → src/vueLib/utils/globalRouter.ts
View File

0
src/utils/number-helpers.ts → src/vueLib/utils/number-helpers.ts
View File

21
src/vueLib/utils/validation.ts Normal file
View File

@@ -0,0 +1,21 @@
import type { QForm } from 'quasar';
import { nextTick } from 'vue';
export async function validateQForm(formRef: QForm | null | undefined): Promise<boolean> {
await nextTick(); // wait until all inputs are rendered
const components = formRef?.getValidationComponents?.();
if (!components) {
console.warn('No validation components found in form');
return true;
}
let allValid = true;
for (const comp of components) {
const valid = await comp.validate();
if (!valid) allValid = false;
}
return allValid;
}