zeitbild/backend
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Gruppen-Steuerung #2

Merged
fenris merged 6 commits from task-416 into main 2025-10-23 19:16:29 +02:00
Conversation 0 Commits 6 Files changed 24 +127 -75
4 changed files with 127 additions and 75 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 2eed983131 - Show all commits

62
source/api/actions/session_oidc.ts
View file

@ -122,8 +122,6 @@ namespace _zeitbild.api
);
}
else
{
try
{
// groups
const group_ids : Array<_zeitbild.type_group_id> = await Promise.all<_zeitbild.type_group_id>(
@ -131,19 +129,13 @@ namespace _zeitbild.api
.map(
async (group_name_raw) => {
const group_name : string = get_group_name(group_name_raw);
let group_id : (null | _zeitbild.type_group_id) = await (() => {
try
const group_id_raw : (null | _zeitbild.type_group_id) = await (
_zeitbild.repository.group.identify(group_name)
.catch(() => Promise.resolve(null))
);
if (group_id_raw === null)
{
return _zeitbild.repository.group.identify(group_name);
}
catch (error)
{
return Promise.resolve(null);
}
}) ();
if (group_id === null)
{
group_id = await _zeitbild.service.group.add(
const group_id : _zeitbild.type_group_id = await _zeitbild.service.group.add(
{
"name": group_name,
"label": get_group_label(group_name_raw),
@ -153,6 +145,7 @@ namespace _zeitbild.api
}
else
{
const group_id : _zeitbild.type_group_id = group_id_raw;
await _zeitbild.service.group.change(
group_id,
{
@ -165,25 +158,52 @@ namespace _zeitbild.api
}
)
);
await _zeitbild.service.user.add(
{
"name": data.userinfo.name,
const user_id : _zeitbild.type_user_id = await (async () => {
const user_object : _zeitbild.type_user_object = {
"name": (data.userinfo.name as string),
"groups": group_ids,
"email_address": data.userinfo.email,
"dav_token": null,
}
};
const user_id_raw : (null | _zeitbild.type_user_id) = await (
_zeitbild.service.user.identify(data.userinfo.name as string)
.catch(() => Promise.resolve(null))
);
if (user_id_raw === null)
{
// provision
const user_id : _zeitbild.type_user_id = await _zeitbild.service.user.add(
user_object
);
lib_plankton.log.info(
"user_provisioned",
{
"name": data.userinfo.name,
"id": user_id,
"name": user_object.name,
}
);
return user_id;
}
catch (error)
else
{
// do nothing
const user_id : _zeitbild.type_user_id = user_id_raw;
// update
await _zeitbild.service.user.change(
user_id,
user_object
);
lib_plankton.log.info(
"user_updated",
{
"id": user_id,
"name": user_object.name,
}
);
return user_id;
}
}) ();
const session_key : string = await lib_plankton.session.begin(
data.userinfo.name,
{

1
source/auth.ts
View file

@ -100,6 +100,7 @@ namespace _zeitbild.auth
"openid",
"profile",
"email",
"groups",
],
"label": _zeitbild.conf.get().authentication.data.label,
}

55
source/repositories/calendar.ts
View file

@ -639,31 +639,62 @@ namespace _zeitbild.repository.calendar
(x : Array<Record<string, any>>) => x.map(
(row : Record<string, any>) => ({
"id": row["id"],
"name": row["name"],
"hue": (row["hue"] / hue_scaling),
"name": lib_plankton.call.convey(
row["name"],
[
// JSON.parse,
(x : Array<string>) => x[0],
]
),
"hue": lib_plankton.call.convey(
row["hue"],
[
// JSON.parse,
(x : Array<int>) => x[0],
(x : int) => (x / hue_scaling),
]
),
/**
* @todo use _zeitbild.access_level_determine
*/
"access_level": _zeitbild.access_level_determine_raw(
lib_plankton.call.convey(
row["access_public"],
[
// JSON.parse,
(x : Array<boolean>) => x[0],
]
),
(
(user_id === null)
?
null
:
{
"default": decode_access_level(row["access_level_default"]),
"group": (
lib_plankton.call.null_prop<string, Array<_zeitbild.enum_access_level>>(
row["access_level_attributed_group"],
x => x.split(",").map(parseInt).map(decode_access_level)
)
??
[]
"default": lib_plankton.call.convey(
row["access_level_default"],
[
// JSON.parse,
(x : Array<int>) => x[0],
decode_access_level,
]
),
"user": lib_plankton.call.null_prop<int, _zeitbild.enum_access_level>(
"group": lib_plankton.call.convey(
row["access_level_attributed_group"],
[
// JSON.parse,
(x : Array<(null | int)>) => x.filter(y => (y !== null)),
(x : Array<int>) => x.map(decode_access_level),
]
),
"user": lib_plankton.call.convey(
row["access_level_attributed_user"],
decode_access_level
[
// JSON.parse,
(x : Array<(null | int)>) => x.filter(y => (y !== null)),
(x : Array<int>) => x.map(decode_access_level),
(x : Array<_zeitbild.enum_access_level>) => ((x.length > 0) ? x[0] : null),
]
),
}
)

12
source/repositories/sql/calendar_overview.sql
View file

@ -1,11 +1,11 @@
SELECT
x.id AS id,
MAX(x.name) AS name,
MAX(x.hue) AS hue,
MAX(x.access_public) AS access_public,
MAX(x.access_level_default) AS access_level_default,
GROUP_CONCAT(y1.level, ',') AS access_level_attributed_group,
GROUP_CONCAT(y2.level, ',') AS access_level_attributed_user
JSON_AGG(x.name) AS name,
JSON_AGG(x.hue) AS hue,
JSON_AGG(x.access_public) AS access_public,
JSON_AGG(x.access_level_default) AS access_level_default,
JSON_AGG(y1.level) AS access_level_attributed_group,
JSON_AGG(y2.level) AS access_level_attributed_user
FROM
calendars AS x
LEFT OUTER JOIN calendar_access_attributed_group AS y1 ON ((x.id = y1.calendar_id) AND (y1.group_id IN (SELECT group_id FROM user_groups WHERE (user_id = $user_id))))