Mirrors/astuto
1
0
Fork 0
mirror of https://github.com/astuto/astuto.git synced 2025-12-16 03:37:56 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add role 'owner' to users (#185)

Browse Source
This commit is contained in:
Riccardo Graziosi
2023-01-18 21:11:27 +01:00
committed by GitHub
parent e86748edca
commit 0e96ff7ad4
25 changed files with 482 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/site_settings_controller.rb
View File

@@ -4,7 +4,7 @@ class SiteSettingsController < ApplicationController
before_action :authenticate_admin,
only: [:general, :boards, :post_statuses, :roadmap, :authentication]
before_action :authenticate_power_user,
before_action :authenticate_moderator,
only: [:users]
def general

3
app/controllers/users_controller.rb
View File

@@ -17,6 +17,9 @@ class UsersController < ApplicationController
@user.assign_attributes user_update_params
# Handle special case: trying to set user role to 'owner'
raise Pundit::NotAuthorizedError if @user.owner?
if @user.save
render json: @user
else

4
app/helpers/application_helper.rb
View File

@@ -18,10 +18,10 @@ module ApplicationHelper
end
end
def authenticate_power_user
def authenticate_moderator
return if check_user_signed_in == false
unless current_user.admin? or current_user.moderator?
unless current_user.moderator?
flash[:alert] = t('errors.not_enough_privileges')
redirect_to root_path
return

15
app/javascript/components/SiteSettings/Users/UserEditable.tsx
View File

@@ -2,7 +2,7 @@ import * as React from "react";
import Gravatar from 'react-gravatar';
import I18n from 'i18n-js';
import IUser, { UserRoles, USER_ROLE_ADMIN, USER_ROLE_USER, USER_STATUS_ACTIVE, USER_STATUS_BLOCKED, USER_STATUS_DELETED } from "../../../interfaces/IUser";
import IUser, { UserRoles, USER_ROLE_ADMIN, USER_ROLE_MODERATOR, USER_ROLE_OWNER, USER_ROLE_USER, USER_STATUS_ACTIVE, USER_STATUS_BLOCKED, USER_STATUS_DELETED } from "../../../interfaces/IUser";
import Separator from "../../common/Separator";
import UserForm from "./UserForm";
import { MutedText } from "../../common/CustomTexts";
@@ -79,15 +79,14 @@ class UserEditable extends React.Component<Props, State> {
const { user, currentUserRole, currentUserEmail } = this.props;
const { editMode } = this.state;
const editEnabled =
user.status === USER_STATUS_ACTIVE &&
currentUserRole === USER_ROLE_ADMIN &&
const hasPrivilege = user.role !== USER_ROLE_OWNER &&
(currentUserRole === USER_ROLE_OWNER ||
(currentUserRole === USER_ROLE_ADMIN && (user.role === USER_ROLE_MODERATOR || user.role === USER_ROLE_USER)) ||
(currentUserRole === USER_ROLE_MODERATOR && user.role === USER_ROLE_USER)) &&
currentUserEmail !== user.email;
const blockEnabled =
user.status !== USER_STATUS_DELETED &&
(currentUserRole === USER_ROLE_ADMIN || user.role === USER_ROLE_USER) &&
currentUserEmail !== user.email;
const editEnabled = hasPrivilege && user.status === USER_STATUS_ACTIVE;
const blockEnabled = hasPrivilege && user.status !== USER_STATUS_DELETED;
return (
<li className="userEditable">

11
app/javascript/components/SiteSettings/Users/UserForm.tsx
View File

@@ -23,12 +23,15 @@ class UserForm extends React.Component<Props, State> {
this._handleUpdateUserRole = this._handleUpdateUserRole.bind(this);
}
_handleUpdateUserRole(selectedRole: UserRoles) {
_handleUpdateUserRole(selectedRole: UserRoles, currentRole: UserRoles) {
const { user, updateUserRole } = this.props;
let confirmation = true;
if (selectedRole === 'admin') {
confirmation = confirm(I18n.t('site_settings.users.role_to_admin_confirmation', { name: user.fullName }));
if (selectedRole !== currentRole) {
if (selectedRole === 'moderator')
confirmation = confirm(I18n.t('site_settings.users.role_to_moderator_confirmation', { name: user.fullName }));
else if (selectedRole === 'admin')
confirmation = confirm(I18n.t('site_settings.users.role_to_admin_confirmation', { name: user.fullName }));
}
if (confirmation) updateUserRole(selectedRole);
@@ -68,7 +71,7 @@ class UserForm extends React.Component<Props, State> {
</select>
</div>
<Button onClick={() => this._handleUpdateUserRole(selectedRole)} className="updateUserButton">
<Button onClick={() => this._handleUpdateUserRole(selectedRole, user.role)} className="updateUserButton">
{ I18n.t('common.buttons.update') }
</Button>
</div>

4
app/javascript/interfaces/IUser.ts
View File

@@ -2,11 +2,13 @@
export const USER_ROLE_USER = 'user';
export const USER_ROLE_MODERATOR = 'moderator';
export const USER_ROLE_ADMIN = 'admin';
export const USER_ROLE_OWNER = 'owner';
export type UserRoles =
typeof USER_ROLE_USER |
typeof USER_ROLE_MODERATOR |
typeof USER_ROLE_ADMIN;
typeof USER_ROLE_ADMIN |
typeof USER_ROLE_OWNER;
// Statuses
export const USER_STATUS_ACTIVE = 'active';

14
app/models/user.rb
View File

@@ -8,7 +8,7 @@ class User < ApplicationRecord
has_many :likes, dependent: :destroy
has_many :comments, dependent: :destroy
enum role: [:user, :moderator, :admin]
enum role: [:user, :moderator, :admin, :owner]
enum status: [:active, :blocked, :deleted]
after_initialize :set_default_role, if: :new_record?
@@ -63,20 +63,16 @@ class User < ApplicationRecord
"https://secure.gravatar.com/avatar/#{gravatar_id}"
end
def power_user?
role == 'admin' || role == 'moderator'
def owner?
role == 'owner'
end
def admin?
role == 'admin'
owner? || role == 'admin'
end
def moderator?
role == 'moderator'
end
def user?
role == 'user'
admin? || role == 'moderator'
end
def active?

8
app/policies/comment_policy.rb
View File

@@ -1,6 +1,6 @@
class CommentPolicy < ApplicationPolicy
def permitted_attributes_for_create
if user.power_user?
if user.moderator?
[:body, :parent_id, :is_post_update]
else
[:body, :parent_id]
@@ -8,7 +8,7 @@ class CommentPolicy < ApplicationPolicy
end
def permitted_attributes_for_update
if user.power_user?
if user.moderator?
[:body, :is_post_update]
else
[:body]
@@ -16,10 +16,10 @@ class CommentPolicy < ApplicationPolicy
end
def update?
user == record.user or user.power_user?
user == record.user or user.moderator?
end
def destroy?
user == record.user or user.power_user?
user == record.user or user.moderator?
end
end

4
app/policies/o_auth_policy.rb
View File

@@ -28,10 +28,10 @@ class OAuthPolicy < ApplicationPolicy
end
def update?
user.admin? and user.tenant_id == record.tenant_id
user.admin?
end
def destroy?
user.admin? and user.tenant_id == record.tenant_id
user.admin?
end
end

6
app/policies/post_policy.rb
View File

@@ -4,7 +4,7 @@ class PostPolicy < ApplicationPolicy
end
def permitted_attributes_for_update
if user.power_user?
if user.moderator?
[:title, :description, :board_id, :post_status_id]
else
[:title, :description]
@@ -12,10 +12,10 @@ class PostPolicy < ApplicationPolicy
end
def update?
user == record.user or user.power_user?
user == record.user or user.moderator?
end
def destroy?
user == record.user or user.power_user?
user == record.user or user.moderator?
end
end

10
app/policies/user_policy.rb
View File

@@ -10,14 +10,16 @@ class UserPolicy < ApplicationPolicy
end
def index?
user.power_user?
user.moderator?
end
def update?
if user.admin?
record.id != user.id
if user.owner?
true
elsif user.admin?
record.role == 'moderator' || record.role == 'user'
elsif user.moderator?
record.user?
record.role == 'user'
else
false
end

2
app/views/layouts/_header.html.erb
View File

@@ -40,7 +40,7 @@
<span class="fullname"><%= current_user.full_name %></span>
</a>
<div class="dropdown-menu" aria-labelledby="navbarDropdown">
<% if current_user.power_user? %>
<% if current_user.moderator? %>
<%=
link_to t('header.menu.site_settings'),
current_user.admin? ? site_settings_general_path : site_settings_users_path,

2
app/views/posts/show.html.erb
View File

@@ -6,7 +6,7 @@
boards: @boards,
postStatuses: @post_statuses,
isLoggedIn: user_signed_in?,
isPowerUser: user_signed_in? ? current_user.power_user? : false,
isPowerUser: user_signed_in? ? current_user.moderator? : false,
currentUserFullName: user_signed_in? ? current_user.full_name : nil,
currentUserEmail: user_signed_in? ? current_user.email : nil,
authenticityToken: form_authenticity_token,