devops/encoach_frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated the entities roles to disallow users from updating their own role

Browse Source
This commit is contained in:
Tiago Ribeiro
2024-11-23 18:57:05 +00:00
parent a6bd3a9f3b
commit 593d349617
1 changed files with 30 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
src/pages/entities/[id]/roles/[role].tsx
View File

@@ -11,6 +11,7 @@ import { requestUser } from "@/utils/api";
import { getEntityWithRoles } from "@/utils/entities.be"; import { getEntityWithRoles } from "@/utils/entities.be";
import { shouldRedirectHome } from "@/utils/navigation.disabled"; import { shouldRedirectHome } from "@/utils/navigation.disabled";
import { doesEntityAllow } from "@/utils/permissions"; import { doesEntityAllow } from "@/utils/permissions";
import { isAdmin } from "@/utils/users";
import { countEntityUsers } from "@/utils/users.be"; import { countEntityUsers } from "@/utils/users.be";
import axios from "axios"; import axios from "axios";
import { withIronSessionSsr } from "iron-session/next"; import { withIronSessionSsr } from "iron-session/next";
@@ -111,6 +112,7 @@ export const getServerSideProps = withIronSessionSsr(async ({ req, res, params }
if (!entityRole) return redirect(`/entities/${id}/roles`) if (!entityRole) return redirect(`/entities/${id}/roles`)
if (!doesEntityAllow(user, entity, "view_entity_roles")) return redirect(`/entities/${id}`) if (!doesEntityAllow(user, entity, "view_entity_roles")) return redirect(`/entities/${id}`)
const disableEdit = !isAdmin(user) && findBy(user.entities, 'id', entity.id)?.role === entityRole.id
const userCount = await countEntityUsers(id, { "entities.role": role }); const userCount = await countEntityUsers(id, { "entities.role": role });
@@ -120,6 +122,7 @@ export const getServerSideProps = withIronSessionSsr(async ({ req, res, params }
entity, entity,
role: entityRole, role: entityRole,
userCount, userCount,
disableEdit
}), }),
}; };
}, sessionOptions); }, sessionOptions);
@@ -129,9 +132,10 @@ interface Props {
entity: EntityWithRoles; entity: EntityWithRoles;
role: Role; role: Role;
userCount: number; userCount: number;
disableEdit?: boolean
} }
export default function Role({ user, entity, role, userCount }: Props) { export default function Role({ user, entity, role, userCount, disableEdit }: Props) {
const [permissions, setPermissions] = useState(role.permissions) const [permissions, setPermissions] = useState(role.permissions)
const [isLoading, setIsLoading] = useState(false); const [isLoading, setIsLoading] = useState(false);
@@ -141,8 +145,9 @@ export default function Role({ user, entity, role, userCount }: Props) {
const canRenameRole = useEntityPermission(user, entity, "rename_entity_role") const canRenameRole = useEntityPermission(user, entity, "rename_entity_role")
const canDeleteRole = useEntityPermission(user, entity, "delete_entity_role") const canDeleteRole = useEntityPermission(user, entity, "delete_entity_role")
const renameRole = () => { const renameRole = () => {
if (!canRenameRole) return; if (!canRenameRole || disableEdit) return;
const label = prompt("Rename this role:", role.label); const label = prompt("Rename this role:", role.label);
if (!label) return; if (!label) return;
@@ -162,7 +167,7 @@ export default function Role({ user, entity, role, userCount }: Props) {
}; };
const deleteRole = () => { const deleteRole = () => {
if (!canDeleteRole || role.isDefault) return; if (!canDeleteRole || role.isDefault || disableEdit) return;
if (!confirm("Are you sure you want to delete this role?")) return; if (!confirm("Are you sure you want to delete this role?")) return;
setIsLoading(true); setIsLoading(true);
@@ -181,7 +186,7 @@ export default function Role({ user, entity, role, userCount }: Props) {
}; };
const editPermissions = () => { const editPermissions = () => {
if (!canEditPermissions) return if (!canEditPermissions || disableEdit) return
setIsLoading(true); setIsLoading(true);
@@ -198,6 +203,13 @@ export default function Role({ user, entity, role, userCount }: Props) {
.finally(() => setIsLoading(false)); .finally(() => setIsLoading(false));
} }
const disableCheckbox = (permission: RolePermission) => {
if (!canEditPermissions) return false
if (disableEdit) return false
return doesEntityAllow(user, entity, permission)
}
const togglePermissions = (p: RolePermission) => setPermissions(prev => prev.includes(p) ? prev.filter(x => x !== p) : [...prev, p]) const togglePermissions = (p: RolePermission) => setPermissions(prev => prev.includes(p) ? prev.filter(x => x !== p) : [...prev, p])
return ( return (
@@ -257,6 +269,7 @@ export default function Role({ user, entity, role, userCount }: Props) {
<div className="w-full flex items-center justify-between"> <div className="w-full flex items-center justify-between">
<b>User Management</b> <b>User Management</b>
<Checkbox <Checkbox
disabled={!canEditPermissions || disableEdit}
isChecked={mapBy(USER_MANAGEMENT, 'key').every(k => permissions.includes(k))} isChecked={mapBy(USER_MANAGEMENT, 'key').every(k => permissions.includes(k))}
onChange={() => mapBy(USER_MANAGEMENT, 'key').forEach(togglePermissions)} onChange={() => mapBy(USER_MANAGEMENT, 'key').forEach(togglePermissions)}
> >
@@ -266,7 +279,7 @@ export default function Role({ user, entity, role, userCount }: Props) {
<Separator /> <Separator />
<div className="grid grid-cols-2 gap-4"> <div className="grid grid-cols-2 gap-4">
{USER_MANAGEMENT.map(({ label, key }) => ( {USER_MANAGEMENT.map(({ label, key }) => (
<Checkbox disabled={!canEditPermissions} key={key} isChecked={permissions.includes(key)} onChange={() => togglePermissions(key)}> <Checkbox disabled={disableCheckbox(key)} key={key} isChecked={permissions.includes(key)} onChange={() => togglePermissions(key)}>
{label} {label}
</Checkbox> </Checkbox>
))} ))}
@@ -277,8 +290,9 @@ export default function Role({ user, entity, role, userCount }: Props) {
<div className="w-full flex items-center justify-between"> <div className="w-full flex items-center justify-between">
<b>Exam Management</b> <b>Exam Management</b>
<Checkbox <Checkbox
disabled={!canEditPermissions || disableEdit}
isChecked={mapBy(EXAM_MANAGEMENT, 'key').every(k => permissions.includes(k))} isChecked={mapBy(EXAM_MANAGEMENT, 'key').every(k => permissions.includes(k))}
onChange={() => mapBy(EXAM_MANAGEMENT, 'key').forEach(togglePermissions)} onChange={() => mapBy(EXAM_MANAGEMENT, 'key').filter(disableCheckbox).forEach(togglePermissions)}
> >
Select all Select all
</Checkbox> </Checkbox>
@@ -286,7 +300,7 @@ export default function Role({ user, entity, role, userCount }: Props) {
<Separator /> <Separator />
<div className="grid grid-cols-3 gap-4"> <div className="grid grid-cols-3 gap-4">
{EXAM_MANAGEMENT.map(({ label, key }) => ( {EXAM_MANAGEMENT.map(({ label, key }) => (
<Checkbox disabled={!canEditPermissions} key={key} isChecked={permissions.includes(key)} onChange={() => togglePermissions(key)}> <Checkbox disabled={disableCheckbox(key)} key={key} isChecked={permissions.includes(key)} onChange={() => togglePermissions(key)}>
{label} {label}
</Checkbox> </Checkbox>
))} ))}
@@ -297,8 +311,9 @@ export default function Role({ user, entity, role, userCount }: Props) {
<div className="w-full flex items-center justify-between"> <div className="w-full flex items-center justify-between">
<b>Clasroom Management</b> <b>Clasroom Management</b>
<Checkbox <Checkbox
disabled={!canEditPermissions || disableEdit}
isChecked={mapBy(CLASSROOM_MANAGEMENT, 'key').every(k => permissions.includes(k))} isChecked={mapBy(CLASSROOM_MANAGEMENT, 'key').every(k => permissions.includes(k))}
onChange={() => mapBy(CLASSROOM_MANAGEMENT, 'key').forEach(togglePermissions)} onChange={() => mapBy(CLASSROOM_MANAGEMENT, 'key').filter(disableCheckbox).forEach(togglePermissions)}
> >
Select all Select all
</Checkbox> </Checkbox>
@@ -306,7 +321,7 @@ export default function Role({ user, entity, role, userCount }: Props) {
<Separator /> <Separator />
<div className="grid grid-cols-2 gap-4"> <div className="grid grid-cols-2 gap-4">
{CLASSROOM_MANAGEMENT.map(({ label, key }) => ( {CLASSROOM_MANAGEMENT.map(({ label, key }) => (
<Checkbox disabled={!canEditPermissions} key={key} isChecked={permissions.includes(key)} onChange={() => togglePermissions(key)}> <Checkbox disabled={disableCheckbox(key)} key={key} isChecked={permissions.includes(key)} onChange={() => togglePermissions(key)}>
{label} {label}
</Checkbox> </Checkbox>
))} ))}
@@ -317,8 +332,9 @@ export default function Role({ user, entity, role, userCount }: Props) {
<div className="w-full flex items-center justify-between"> <div className="w-full flex items-center justify-between">
<b>Entity Management</b> <b>Entity Management</b>
<Checkbox <Checkbox
disabled={!canEditPermissions || disableEdit}
isChecked={mapBy(ENTITY_MANAGEMENT, 'key').every(k => permissions.includes(k))} isChecked={mapBy(ENTITY_MANAGEMENT, 'key').every(k => permissions.includes(k))}
onChange={() => mapBy(ENTITY_MANAGEMENT, 'key').forEach(togglePermissions)} onChange={() => mapBy(ENTITY_MANAGEMENT, 'key').filter(disableCheckbox).forEach(togglePermissions)}
> >
Select all Select all
</Checkbox> </Checkbox>
@@ -326,7 +342,7 @@ export default function Role({ user, entity, role, userCount }: Props) {
<Separator /> <Separator />
<div className="grid grid-cols-2 gap-4"> <div className="grid grid-cols-2 gap-4">
{ENTITY_MANAGEMENT.map(({ label, key }) => ( {ENTITY_MANAGEMENT.map(({ label, key }) => (
<Checkbox disabled={!canEditPermissions} key={key} isChecked={permissions.includes(key)} onChange={() => togglePermissions(key)}> <Checkbox disabled={disableCheckbox(key)} key={key} isChecked={permissions.includes(key)} onChange={() => togglePermissions(key)}>
{label} {label}
</Checkbox> </Checkbox>
))} ))}
@@ -337,8 +353,9 @@ export default function Role({ user, entity, role, userCount }: Props) {
<div className="w-full flex items-center justify-between"> <div className="w-full flex items-center justify-between">
<b>Assignment Management</b> <b>Assignment Management</b>
<Checkbox <Checkbox
disabled={!canEditPermissions || disableEdit}
isChecked={mapBy(ASSIGNMENT_MANAGEMENT, 'key').every(k => permissions.includes(k))} isChecked={mapBy(ASSIGNMENT_MANAGEMENT, 'key').every(k => permissions.includes(k))}
onChange={() => mapBy(ASSIGNMENT_MANAGEMENT, 'key').forEach(togglePermissions)} onChange={() => mapBy(ASSIGNMENT_MANAGEMENT, 'key').filter(disableCheckbox).forEach(togglePermissions)}
> >
Select all Select all
</Checkbox> </Checkbox>
@@ -346,7 +363,7 @@ export default function Role({ user, entity, role, userCount }: Props) {
<Separator /> <Separator />
<div className="grid grid-cols-2 gap-4"> <div className="grid grid-cols-2 gap-4">
{ASSIGNMENT_MANAGEMENT.map(({ label, key }) => ( {ASSIGNMENT_MANAGEMENT.map(({ label, key }) => (
<Checkbox disabled={!canEditPermissions} key={key} isChecked={permissions.includes(key)} onChange={() => togglePermissions(key)}> <Checkbox disabled={disableCheckbox(key)} key={key} isChecked={permissions.includes(key)} onChange={() => togglePermissions(key)}>
{label} {label}
</Checkbox> </Checkbox>
))} ))}