zeitbild/backend
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: zeitbild:78729c611134d02496d899c522929f4797a20655
Branches Tags
zeitbild:main
zeitbild:task-416
zeitbild:task-192
zeitbild:dev-oidc_adjust_1
zeitbild:dev-publicity_calendars
zeitbild:dev-publicity_event
zeitbild:dev-event_actions
..
compare: zeitbild:24322588d706c725ce790282013a5d3016f713cc
Branches Tags
zeitbild:main
zeitbild:task-416
zeitbild:task-192
zeitbild:dev-oidc_adjust_1
zeitbild:dev-publicity_calendars
zeitbild:dev-publicity_event
zeitbild:dev-event_actions

3 commits
78729c6111 ... 24322588d7

Author SHA1 Message Date
fenris 24322588d7 [fix] tools:deploy 2025-10-23 13:19:04 +02:00
fenris 2eed983131 [task-416] [mod] oidc group handling [mod] calendar overview query handling (PostgreSQL specific) 2025-10-23 13:18:51 +02:00
fenris 3c49c744b3 [task-416] [upd] plankton 2025-10-23 13:17:10 +02:00
6 changed files with 129 additions and 80 deletions
Show stats Expand all files Collapse all files

6
lib/plankton/plankton.js
View file

@ -16240,11 +16240,7 @@ var lib_plankton;
"name": (data["preferred_username"] ?? null), "name": (data["preferred_username"] ?? null),
"label": (data["name"] ?? null), "label": (data["name"] ?? null),
"email": (data["email"] ?? null), "email": (data["email"] ?? null),
"groups": (((data["groups"] === undefined) || (data["groups"] === null)) "groups": (data["groups"] ?? null),
?
null
:
data["groups"].split(",")),
}); });
} }
/** /**

62
source/api/actions/session_oidc.ts
View file

@ -122,8 +122,6 @@ namespace _zeitbild.api
); );
} }
else else
{
try
{ {
// groups // groups
const group_ids : Array<_zeitbild.type_group_id> = await Promise.all<_zeitbild.type_group_id>( const group_ids : Array<_zeitbild.type_group_id> = await Promise.all<_zeitbild.type_group_id>(
@ -131,19 +129,13 @@ namespace _zeitbild.api
.map( .map(
async (group_name_raw) => { async (group_name_raw) => {
const group_name : string = get_group_name(group_name_raw); const group_name : string = get_group_name(group_name_raw);
let group_id : (null | _zeitbild.type_group_id) = await (() => { const group_id_raw : (null | _zeitbild.type_group_id) = await (
try _zeitbild.repository.group.identify(group_name)
.catch(() => Promise.resolve(null))
);
if (group_id_raw === null)
{ {
return _zeitbild.repository.group.identify(group_name); const group_id : _zeitbild.type_group_id = await _zeitbild.service.group.add(
}
catch (error)
{
return Promise.resolve(null);
}
}) ();
if (group_id === null)
{
group_id = await _zeitbild.service.group.add(
{ {
"name": group_name, "name": group_name,
"label": get_group_label(group_name_raw), "label": get_group_label(group_name_raw),
@ -153,6 +145,7 @@ namespace _zeitbild.api
} }
else else
{ {
const group_id : _zeitbild.type_group_id = group_id_raw;
await _zeitbild.service.group.change( await _zeitbild.service.group.change(
group_id, group_id,
{ {
@ -165,25 +158,52 @@ namespace _zeitbild.api
} }
) )
); );
await _zeitbild.service.user.add(
{ const user_id : _zeitbild.type_user_id = await (async () => {
"name": data.userinfo.name, const user_object : _zeitbild.type_user_object = {
"name": (data.userinfo.name as string),
"groups": group_ids, "groups": group_ids,
"email_address": data.userinfo.email, "email_address": data.userinfo.email,
"dav_token": null, "dav_token": null,
} };
const user_id_raw : (null | _zeitbild.type_user_id) = await (
_zeitbild.service.user.identify(data.userinfo.name as string)
.catch(() => Promise.resolve(null))
);
if (user_id_raw === null)
{
// provision
const user_id : _zeitbild.type_user_id = await _zeitbild.service.user.add(
user_object
); );
lib_plankton.log.info( lib_plankton.log.info(
"user_provisioned", "user_provisioned",
{ {
"name": data.userinfo.name, "id": user_id,
"name": user_object.name,
} }
); );
return user_id;
} }
catch (error) else
{ {
// do nothing const user_id : _zeitbild.type_user_id = user_id_raw;
// update
await _zeitbild.service.user.change(
user_id,
user_object
);
lib_plankton.log.info(
"user_updated",
{
"id": user_id,
"name": user_object.name,
} }
);
return user_id;
}
}) ();
const session_key : string = await lib_plankton.session.begin( const session_key : string = await lib_plankton.session.begin(
data.userinfo.name, data.userinfo.name,
{ {

1
source/auth.ts
View file

@ -100,6 +100,7 @@ namespace _zeitbild.auth
"openid", "openid",
"profile", "profile",
"email", "email",
"groups",
], ],
"label": _zeitbild.conf.get().authentication.data.label, "label": _zeitbild.conf.get().authentication.data.label,
} }

55
source/repositories/calendar.ts
View file

@ -639,31 +639,62 @@ namespace _zeitbild.repository.calendar
(x : Array<Record<string, any>>) => x.map( (x : Array<Record<string, any>>) => x.map(
(row : Record<string, any>) => ({ (row : Record<string, any>) => ({
"id": row["id"], "id": row["id"],
"name": row["name"], "name": lib_plankton.call.convey(
"hue": (row["hue"] / hue_scaling), row["name"],
[
// JSON.parse,
(x : Array<string>) => x[0],
]
),
"hue": lib_plankton.call.convey(
row["hue"],
[
// JSON.parse,
(x : Array<int>) => x[0],
(x : int) => (x / hue_scaling),
]
),
/** /**
* @todo use _zeitbild.access_level_determine * @todo use _zeitbild.access_level_determine
*/ */
"access_level": _zeitbild.access_level_determine_raw( "access_level": _zeitbild.access_level_determine_raw(
lib_plankton.call.convey(
row["access_public"], row["access_public"],
[
// JSON.parse,
(x : Array<boolean>) => x[0],
]
),
( (
(user_id === null) (user_id === null)
? ?
null null
: :
{ {
"default": decode_access_level(row["access_level_default"]), "default": lib_plankton.call.convey(
"group": ( row["access_level_default"],
lib_plankton.call.null_prop<string, Array<_zeitbild.enum_access_level>>( [
row["access_level_attributed_group"], // JSON.parse,
x => x.split(",").map(parseInt).map(decode_access_level) (x : Array<int>) => x[0],
) decode_access_level,
?? ]
[]
), ),
"user": lib_plankton.call.null_prop<int, _zeitbild.enum_access_level>( "group": lib_plankton.call.convey(
row["access_level_attributed_group"],
[
// JSON.parse,
(x : Array<(null | int)>) => x.filter(y => (y !== null)),
(x : Array<int>) => x.map(decode_access_level),
]
),
"user": lib_plankton.call.convey(
row["access_level_attributed_user"], row["access_level_attributed_user"],
decode_access_level [
// JSON.parse,
(x : Array<(null | int)>) => x.filter(y => (y !== null)),
(x : Array<int>) => x.map(decode_access_level),
(x : Array<_zeitbild.enum_access_level>) => ((x.length > 0) ? x[0] : null),
]
), ),
} }
) )

12
source/repositories/sql/calendar_overview.sql
View file

@ -1,11 +1,11 @@
SELECT SELECT
x.id AS id, x.id AS id,
MAX(x.name) AS name, JSON_AGG(x.name) AS name,
MAX(x.hue) AS hue, JSON_AGG(x.hue) AS hue,
MAX(x.access_public) AS access_public, JSON_AGG(x.access_public) AS access_public,
MAX(x.access_level_default) AS access_level_default, JSON_AGG(x.access_level_default) AS access_level_default,
GROUP_CONCAT(y1.level, ',') AS access_level_attributed_group, JSON_AGG(y1.level) AS access_level_attributed_group,
GROUP_CONCAT(y2.level, ',') AS access_level_attributed_user JSON_AGG(y2.level) AS access_level_attributed_user
FROM FROM
calendars AS x calendars AS x
LEFT OUTER JOIN calendar_access_attributed_group AS y1 ON ((x.id = y1.calendar_id) AND (y1.group_id IN (SELECT group_id FROM user_groups WHERE (user_id = $user_id)))) LEFT OUTER JOIN calendar_access_attributed_group AS y1 ON ((x.id = y1.calendar_id) AND (y1.group_id IN (SELECT group_id FROM user_groups WHERE (user_id = $user_id))))

1
tools/deploy
View file

@ -47,6 +47,7 @@ def main():
"--verbose", "--verbose",
"--exclude='conf.json'", "--exclude='conf.json'",
"--exclude='data.sqlite'", "--exclude='data.sqlite'",
"--exclude='log.jsonl'",
("%s/" % args.build_directory), ("%s/" % args.build_directory),
( (
("%s" % args.target_directory) ("%s" % args.target_directory)