mirror of
https://github.com/Theodor-Springmann-Stiftung/musenalm.git
synced 2025-10-29 17:25:32 +00:00
benutzer bearbeiten
This commit is contained in:
Simon Martens
@@ -124,6 +124,11 @@ func (p *LoginPage) POST(engine *templating.Engine, app core.App) HandleFunc {
|
||||
return Unauthorized(engine, e, fmt.Errorf("Benuztername oder Passwort falsch. Bitte versuchen Sie es erneut."), data)
|
||||
}
|
||||
|
||||
user := dbmodels.NewUser(record)
|
||||
if user.Deactivated() {
|
||||
return Unauthorized(engine, e, fmt.Errorf("Ihr Benutzerkonto ist deaktiviert. Bitte kontaktieren Sie den Administrator."), data)
|
||||
}
|
||||
|
||||
duration := time.Minute * 60
|
||||
if formdata.Persistent == "on" {
|
||||
duration = time.Hour * 24 * 90
|
||||
|
||||
@@ -5,6 +5,7 @@ import (
|
||||
|
||||
"github.com/Theodor-Springmann-Stiftung/musenalm/app"
|
||||
"github.com/Theodor-Springmann-Stiftung/musenalm/dbmodels"
|
||||
"github.com/Theodor-Springmann-Stiftung/musenalm/middleware"
|
||||
"github.com/Theodor-Springmann-Stiftung/musenalm/pagemodels"
|
||||
"github.com/Theodor-Springmann-Stiftung/musenalm/templating"
|
||||
"github.com/pocketbase/pocketbase/core"
|
||||
@@ -56,6 +57,8 @@ func Logout(e *core.RequestEvent, app *core.App) {
|
||||
if err == nil && record != nil {
|
||||
app.Delete(record)
|
||||
}
|
||||
|
||||
middleware.SESSION_CACHE.Delete(cookie.Value)
|
||||
}()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -74,6 +74,9 @@ func InvalidSignupResponse(engine *templating.Engine, e *core.RequestEvent, erro
|
||||
|
||||
data["csrf_nonce"] = nonce
|
||||
data["csrf_token"] = token
|
||||
|
||||
SetRedirect(data, e)
|
||||
|
||||
str, err := engine.RenderToString(e, data, TEMPLATE_USER_CREATE, "blank")
|
||||
if err != nil {
|
||||
return engine.Response500(e, err, data)
|
||||
|
||||
203
pages/user_edit.go
Normal file
203
pages/user_edit.go
Normal file
@@ -0,0 +1,203 @@
|
||||
package pages
|
||||
|
||||
import (
|
||||
"github.com/Theodor-Springmann-Stiftung/musenalm/app"
|
||||
"github.com/Theodor-Springmann-Stiftung/musenalm/dbmodels"
|
||||
"github.com/Theodor-Springmann-Stiftung/musenalm/middleware"
|
||||
"github.com/Theodor-Springmann-Stiftung/musenalm/pagemodels"
|
||||
"github.com/Theodor-Springmann-Stiftung/musenalm/templating"
|
||||
"github.com/pocketbase/pocketbase/core"
|
||||
"github.com/pocketbase/pocketbase/tools/router"
|
||||
)
|
||||
|
||||
const (
|
||||
URL_USER_EDIT = "/user/{uid}/edit/"
|
||||
UID_PATH_VALUE = "uid"
|
||||
TEMPLATE_USER_EDIT = "/user/edit/"
|
||||
)
|
||||
|
||||
func init() {
|
||||
ump := &UserEditPage{
|
||||
StaticPage: pagemodels.StaticPage{
|
||||
Name: pagemodels.P_USER_EDIT_NAME,
|
||||
Layout: "blank",
|
||||
Template: TEMPLATE_USER_EDIT,
|
||||
URL: URL_USER_EDIT,
|
||||
},
|
||||
}
|
||||
app.Register(ump)
|
||||
}
|
||||
|
||||
type UserEditPage struct {
|
||||
pagemodels.StaticPage
|
||||
}
|
||||
|
||||
func (p *UserEditPage) Setup(router *router.Router[*core.RequestEvent], app core.App, engine *templating.Engine) error {
|
||||
router.GET(URL_USER_EDIT, p.GET(engine, app))
|
||||
router.POST(URL_USER_EDIT, p.POST(engine, app))
|
||||
return nil
|
||||
}
|
||||
|
||||
func (p *UserEditPage) GET(engine *templating.Engine, app core.App) HandleFunc {
|
||||
return func(e *core.RequestEvent) error {
|
||||
data := make(map[string]any)
|
||||
|
||||
uid := e.Request.PathValue(UID_PATH_VALUE)
|
||||
req := templating.NewRequest(e)
|
||||
user := req.User()
|
||||
|
||||
if user == nil {
|
||||
return engine.Response404(e, nil, nil)
|
||||
}
|
||||
|
||||
if user.Id != uid && user.Role != "Admin" {
|
||||
return engine.Response404(e, nil, nil)
|
||||
}
|
||||
|
||||
u, err := app.FindRecordById(dbmodels.USERS_TABLE, uid)
|
||||
if err != nil {
|
||||
return engine.Response404(e, err, nil)
|
||||
}
|
||||
|
||||
fu := dbmodels.NewUser(u).Fixed()
|
||||
|
||||
data["user"] = &fu
|
||||
|
||||
nonce, token, err := CSRF_CACHE.GenerateTokenBundle()
|
||||
if err != nil {
|
||||
return engine.Response500(e, err, nil)
|
||||
}
|
||||
data["csrf_token"] = token
|
||||
data["csrf_nonce"] = nonce
|
||||
|
||||
SetRedirect(data, e)
|
||||
|
||||
return engine.Response200(e, TEMPLATE_USER_EDIT, data, p.Layout)
|
||||
}
|
||||
}
|
||||
|
||||
func InvalidDataResponse(engine *templating.Engine, e *core.RequestEvent, error string, user *dbmodels.FixedUser) error {
|
||||
data := make(map[string]any)
|
||||
data["error"] = error
|
||||
data["user"] = user
|
||||
|
||||
nonce, token, err := CSRF_CACHE.GenerateTokenBundle()
|
||||
if err != nil {
|
||||
return engine.Response500(e, err, data)
|
||||
}
|
||||
|
||||
data["csrf_nonce"] = nonce
|
||||
data["csrf_token"] = token
|
||||
|
||||
SetRedirect(data, e)
|
||||
|
||||
str, err := engine.RenderToString(e, data, TEMPLATE_USER_EDIT, "blank")
|
||||
if err != nil {
|
||||
return engine.Response500(e, err, data)
|
||||
}
|
||||
|
||||
return e.HTML(400, str)
|
||||
}
|
||||
|
||||
func (p *UserEditPage) POST(engine *templating.Engine, app core.App) HandleFunc {
|
||||
return func(e *core.RequestEvent) error {
|
||||
data := make(map[string]any)
|
||||
|
||||
uid := e.Request.PathValue(UID_PATH_VALUE)
|
||||
req := templating.NewRequest(e)
|
||||
user := req.User()
|
||||
|
||||
if user == nil {
|
||||
return engine.Response404(e, nil, nil)
|
||||
}
|
||||
|
||||
if user.Id != uid && user.Role != "Admin" {
|
||||
return engine.Response404(e, nil, nil)
|
||||
}
|
||||
|
||||
u, err := app.FindRecordById(dbmodels.USERS_TABLE, uid)
|
||||
if err != nil {
|
||||
return engine.Response404(e, err, nil)
|
||||
}
|
||||
user_proxy := dbmodels.NewUser(u)
|
||||
fu := user_proxy.Fixed()
|
||||
|
||||
formdata := struct {
|
||||
Email string `form:"username"`
|
||||
Name string `form:"name"`
|
||||
Role string `form:"role"`
|
||||
CsrfNonce string `form:"csrf_nonce"`
|
||||
CsrfToken string `form:"csrf_token"`
|
||||
Password string `form:"password"`
|
||||
PasswordRepeat string `form:"password_repeat"`
|
||||
OldPassword string `form:"old_password"`
|
||||
}{}
|
||||
|
||||
if err := e.BindBody(&formdata); err != nil {
|
||||
return InvalidDataResponse(engine, e, err.Error(), &fu)
|
||||
}
|
||||
|
||||
if formdata.CsrfNonce != "" && formdata.CsrfToken != "" {
|
||||
if _, err := CSRF_CACHE.ValidateTokenBundle(formdata.CsrfNonce, formdata.CsrfToken); err != nil {
|
||||
return InvalidDataResponse(engine, e, "CSRF ungültig oder abgelaufen", &fu)
|
||||
}
|
||||
} else {
|
||||
return InvalidDataResponse(engine, e, "CSRF ungültig oder abgelaufen", &fu)
|
||||
}
|
||||
|
||||
if formdata.Email == "" || formdata.Name == "" {
|
||||
return InvalidDataResponse(engine, e, "Bitte alle Felder ausfüllen", &fu)
|
||||
}
|
||||
|
||||
// INFO: at this point email and name changes are allowed
|
||||
user_proxy.SetEmail(formdata.Email)
|
||||
user_proxy.SetName(formdata.Name)
|
||||
|
||||
if formdata.Role != "" && formdata.Role != user_proxy.Role() {
|
||||
if user.Role == "Admin" &&
|
||||
(formdata.Role == "User" || formdata.Role == "Editor" || formdata.Role == "Admin") {
|
||||
user_proxy.SetRole(formdata.Role)
|
||||
} else {
|
||||
return InvalidDataResponse(engine, e, "Rolle nicht erlaubt", &fu)
|
||||
}
|
||||
}
|
||||
|
||||
if formdata.Password != "" || formdata.PasswordRepeat != "" || formdata.OldPassword != "" {
|
||||
if user.Role != "Admin" && formdata.OldPassword == "" {
|
||||
return InvalidDataResponse(engine, e, "Altes Passwort erforderlich", &fu)
|
||||
} else if user.Role != "Admin" && !user_proxy.ValidatePassword(formdata.OldPassword) {
|
||||
return InvalidDataResponse(engine, e, "Altes Passwort falsch", &fu)
|
||||
}
|
||||
|
||||
if formdata.Password != formdata.PasswordRepeat {
|
||||
return InvalidDataResponse(engine, e, "Passwörter stimmen nicht überein", &fu)
|
||||
}
|
||||
|
||||
user_proxy.SetPassword(formdata.Password)
|
||||
}
|
||||
|
||||
if err := app.Save(user_proxy); err != nil {
|
||||
return InvalidDataResponse(engine, e, err.Error(), &fu)
|
||||
}
|
||||
|
||||
middleware.SESSION_CACHE.Clear()
|
||||
|
||||
fu = user_proxy.Fixed()
|
||||
data["user"] = &fu
|
||||
if user_proxy.Id == user.Id {
|
||||
e.Set("user", &fu)
|
||||
}
|
||||
|
||||
data["success"] = "Benutzer erfolgreich bearbeitet"
|
||||
|
||||
nonce, token, err := CSRF_CACHE.GenerateTokenBundle()
|
||||
if err != nil {
|
||||
return engine.Response500(e, err, nil)
|
||||
}
|
||||
data["csrf_token"] = token
|
||||
data["csrf_nonce"] = nonce
|
||||
|
||||
SetRedirect(data, e)
|
||||
return engine.Response200(e, TEMPLATE_USER_EDIT, data, p.Layout)
|
||||
}
|
||||
}
|
||||
@@ -76,10 +76,7 @@ func (p *UserManagementAccessPage) GET(engine *templating.Engine, app core.App)
|
||||
data["csrf_nonce"] = nonce
|
||||
data["csrf_token"] = token
|
||||
|
||||
redirect_url := e.Request.URL.Query().Get("redirectTo")
|
||||
if redirect_url != "" {
|
||||
data["redirect_url"] = redirect_url
|
||||
}
|
||||
SetRedirect(data, e)
|
||||
|
||||
return engine.Response200(e, p.Template, data, p.Layout)
|
||||
}
|
||||
@@ -109,11 +106,15 @@ func (p *UserManagementAccessPage) POST(engine *templating.Engine, app core.App)
|
||||
data["relative_url"] = path_access + "?token=" + token.Token()
|
||||
data["validUntil"] = token.Expires().Time().Format("02.01.2006 15:04")
|
||||
|
||||
redirect_url := e.Request.URL.Query().Get("redirectTo")
|
||||
if redirect_url != "" {
|
||||
data["redirect_url"] = redirect_url
|
||||
}
|
||||
SetRedirect(data, e)
|
||||
|
||||
return engine.Response200(e, p.Template, data, p.Layout)
|
||||
}
|
||||
}
|
||||
|
||||
func SetRedirect(data map[string]any, e *core.RequestEvent) {
|
||||
redirect_url := e.Request.URL.Query().Get("redirectTo")
|
||||
if redirect_url != "" {
|
||||
data["redirect_url"] = redirect_url
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user