jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

add manage user permission

Browse Source
This commit is contained in:
Girish Ramakrishnan
2020-02-13 22:06:54 -08:00
parent 11b5304cb9
commit c537dfabb2
17 changed files with 139 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/userdb.js
View File

@@ -27,10 +27,11 @@ var assert = require('assert'),
BoxError = require('./boxerror.js'),
database = require('./database.js'),
debug = require('debug')('box:userdb'),
mysql = require('mysql');
mysql = require('mysql'),
safe = require('safetydance');
var USERS_FIELDS = [ 'id', 'username', 'email', 'fallbackEmail', 'password', 'salt', 'createdAt', 'modifiedAt', 'resetToken', 'displayName',
'twoFactorAuthenticationEnabled', 'twoFactorAuthenticationSecret', 'admin', 'active', 'source' ].join(',');
'twoFactorAuthenticationEnabled', 'twoFactorAuthenticationSecret', 'admin', 'active', 'source', 'permissionsJson' ].join(',');
var APP_PASSWORD_FIELDS = [ 'id', 'name', 'userId', 'identifier', 'hashedPassword', 'creationTime' ].join(',');
@@ -40,6 +41,8 @@ function postProcess(result) {
result.twoFactorAuthenticationEnabled = !!result.twoFactorAuthenticationEnabled;
result.admin = !!result.admin;
result.active = !!result.active;
result.permissions = safe.JSON.parse(result.permissionsJson);
delete result.permissionsJson;
return result;
}
@@ -183,10 +186,13 @@ function add(userId, user, callback) {
assert.strictEqual(typeof user.displayName, 'string');
assert.strictEqual(typeof user.admin, 'boolean');
assert.strictEqual(typeof user.source, 'string');
assert.strictEqual(typeof user.permissions, 'object');
assert.strictEqual(typeof callback, 'function');
const query = 'INSERT INTO users (id, username, password, email, fallbackEmail, salt, createdAt, modifiedAt, resetToken, displayName, admin, source) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)';
const args = [ userId, user.username, user.password, user.email, user.fallbackEmail, user.salt, user.createdAt, user.modifiedAt, user.resetToken, user.displayName, user.admin, user.source ];
const permissionsJson = user.permissions ? JSON.stringify(user.permissions) : null;
const query = 'INSERT INTO users (id, username, password, email, fallbackEmail, salt, createdAt, modifiedAt, resetToken, displayName, admin, source, permissionsJson) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)';
const args = [ userId, user.username, user.password, user.email, user.fallbackEmail, user.salt, user.createdAt, user.modifiedAt, user.resetToken, user.displayName, user.admin, user.source, permissionsJson ];
database.query(query, args, function (error) {
if (error && error.code === 'ER_DUP_ENTRY' && error.sqlMessage.indexOf('users_email') !== -1) return callback(new BoxError(BoxError.ALREADY_EXISTS, 'email already exists'));
@@ -259,6 +265,9 @@ function update(userId, user, callback) {
} else if (k === 'twoFactorAuthenticationEnabled' || k === 'admin' || k === 'active') {
assert.strictEqual(typeof user[k], 'boolean');
args.push(user[k] ? 1 : 0);
} else if (k === 'permissions') {
fields.push(`${k}Json = ?`);
args.push(JSON.stringify(user[k]));
} else {
args.push(user[k]);
}