Support for non-chief
This commit is contained in:
parent
9aab14f646
commit
f8f015ed1f
|
@ -48,7 +48,11 @@ function apiRouter (FastRoute\RouteCollector $r) {
|
|||
global $db, $users;
|
||||
requireLogin() || accessDenied();
|
||||
$users->online_time_update();
|
||||
$response = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` ORDER BY available DESC, chief DESC, services ASC, availability_minutes ASC, name ASC");
|
||||
if($users->hasRole(Role::FULL_VIEWER)) {
|
||||
$response = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` ORDER BY available DESC, chief DESC, services ASC, availability_minutes ASC, name ASC");
|
||||
} else {
|
||||
$response = $db->select("SELECT `id`, `chief`, `online_time`, `available`, `name` FROM `".DB_PREFIX."_profiles` ORDER BY available DESC, chief DESC, services ASC, availability_minutes ASC, name ASC");
|
||||
}
|
||||
apiResponse(
|
||||
!is_null($response) ? $response : []
|
||||
);
|
||||
|
@ -126,6 +130,9 @@ function apiRouter (FastRoute\RouteCollector $r) {
|
|||
function ($vars) {
|
||||
global $users;
|
||||
requireLogin() || accessDenied();
|
||||
if(!$users->hasRole(Role::FULL_VIEWER) && $_POST["id"] !== $users->auth->getUserId()){
|
||||
exit;
|
||||
}
|
||||
apiResponse(["userId" => $users->add_user($_POST["email"], $_POST["name"], $_POST["username"], $_POST["password"], $_POST["phone_number"], $_POST["birthday"], $_POST["chief"], $_POST["driver"], $_POST["hidden"], $_POST["disabled"], "unknown")]);
|
||||
}
|
||||
);
|
||||
|
@ -135,6 +142,9 @@ function apiRouter (FastRoute\RouteCollector $r) {
|
|||
function ($vars) {
|
||||
global $users;
|
||||
requireLogin() || accessDenied();
|
||||
if(!$users->hasRole(Role::FULL_VIEWER) && $_POST["id"] !== $users->auth->getUserId()){
|
||||
exit;
|
||||
}
|
||||
apiResponse($users->get_user($vars["userId"]));
|
||||
}
|
||||
);
|
||||
|
@ -144,6 +154,9 @@ function apiRouter (FastRoute\RouteCollector $r) {
|
|||
function ($vars) {
|
||||
global $users;
|
||||
requireLogin() || accessDenied();
|
||||
if(!$users->hasRole(Role::FULL_VIEWER) && $_POST["id"] !== $users->auth->getUserId()){
|
||||
exit;
|
||||
}
|
||||
$users->remove_user($vars["userId"], "unknown");
|
||||
apiResponse(["status" => "success"]);
|
||||
}
|
||||
|
@ -171,7 +184,10 @@ function apiRouter (FastRoute\RouteCollector $r) {
|
|||
global $users, $db;
|
||||
requireLogin() || accessDenied();
|
||||
$users->online_time_update();
|
||||
logger("Disponibilità cambiata in ".($_POST["available"] ? '"disponibile"' : '"non disponibile"'), is_numeric($_POST["id"]) ? $_POST["id"] : $users->auth->getUserId());
|
||||
if(!$users->hasRole(Role::FULL_VIEWER) && $_POST["id"] !== $users->auth->getUserId()){
|
||||
exit;
|
||||
}
|
||||
logger("Disponibilità cambiata in ".($_POST["available"] ? '"disponibile"' : '"non disponibile"'), is_numeric($_POST["id"]) ? $_POST["id"] : $users->auth->getUserId(), $users->auth->getUserId());
|
||||
apiResponse([
|
||||
"response" => $db->update(
|
||||
DB_PREFIX.'_profiles',
|
||||
|
|
|
@ -207,12 +207,12 @@
|
|||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/allerta-vvf/PHP-Auth-JWT",
|
||||
"reference": "ddb3236ae79fcd0e706d108332dbad9dcdffc2c6"
|
||||
"reference": "3ea0aa3d7e74528c57932872bbda339e995a9d9a"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/allerta-vvf/PHP-Auth-JWT/zipball/ddb3236ae79fcd0e706d108332dbad9dcdffc2c6",
|
||||
"reference": "ddb3236ae79fcd0e706d108332dbad9dcdffc2c6",
|
||||
"url": "https://api.github.com/repos/allerta-vvf/PHP-Auth-JWT/zipball/3ea0aa3d7e74528c57932872bbda339e995a9d9a",
|
||||
"reference": "3ea0aa3d7e74528c57932872bbda339e995a9d9a",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
|
@ -240,7 +240,7 @@
|
|||
"login",
|
||||
"security"
|
||||
],
|
||||
"time": "2021-12-24T14:07:13+00:00"
|
||||
"time": "2021-12-27T18:35:45+00:00"
|
||||
},
|
||||
{
|
||||
"name": "delight-im/base64",
|
||||
|
@ -3263,5 +3263,5 @@
|
|||
"prefer-lowest": false,
|
||||
"platform": [],
|
||||
"platform-dev": [],
|
||||
"plugin-api-version": "2.2.0"
|
||||
"plugin-api-version": "2.1.0"
|
||||
}
|
||||
|
|
|
@ -155,21 +155,31 @@ class Users
|
|||
public function loginAndReturnToken($username, $password)
|
||||
{
|
||||
$this->auth->loginWithUsername($username, $password);
|
||||
$token = $this->auth->generateJWTtoken();
|
||||
$token = $this->auth->generateJWTtoken([
|
||||
"chief" => $this->auth->hasRole(Role::FULL_VIEWER),
|
||||
"name" => $this->getName(),
|
||||
]);
|
||||
return $token;
|
||||
}
|
||||
|
||||
public function isHidden($id)
|
||||
public function isHidden($id=null)
|
||||
{
|
||||
if(is_null($id)) $id = $this->auth->getUserId();
|
||||
$user = $this->db->selectRow("SELECT * FROM `".DB_PREFIX."_profiles` WHERE `id` = ?", [$id]);
|
||||
return $user["hidden"];
|
||||
}
|
||||
|
||||
public function getName($id)
|
||||
public function getName($id=null)
|
||||
{
|
||||
if(is_null($id)) $id = $this->auth->getUserId();
|
||||
$user = $this->db->selectRow("SELECT * FROM `".DB_PREFIX."_profiles` WHERE `id` = ?", [$id]);
|
||||
return $user["name"];
|
||||
}
|
||||
|
||||
public function hasRole($role, $adminGranted=true)
|
||||
{
|
||||
return $this->auth->hasRole($role) || $adminGranted && $role !== Role::DEVELOPER && $this->auth->hasRole(Role::ADMIN) || $role !== Role::DEVELOPER && $this->auth->hasRole(Role::SUPER_ADMIN);
|
||||
}
|
||||
}
|
||||
|
||||
class Services {
|
||||
|
|
|
@ -4,11 +4,13 @@
|
|||
<tr>
|
||||
<th>Nome</th>
|
||||
<th>Disponibile</th>
|
||||
<ng-container *ngIf="auth.profile.chief">
|
||||
<th>Autista</th>
|
||||
<th>Chiama</th>
|
||||
<th>Scrivi</th>
|
||||
<th>Interventi</th>
|
||||
<th>Minuti disponibilità</th>
|
||||
</ng-container>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody id="table_body">
|
||||
|
@ -19,10 +21,11 @@
|
|||
<ng-container *ngIf="(getTime() - row.online_time) < 30"><u>{{ row.name }}</u></ng-container>
|
||||
<ng-container *ngIf="(getTime() - row.online_time) > 30">{{ row.name }}</ng-container>
|
||||
</td>
|
||||
<td (click)="changeAvailability.emit({user: row.id, newState: row.available ? 0 : 1})">
|
||||
<td (click)="onChangeAvailability(row.id, row.available ? 0 : 1)">
|
||||
<i class="fa fa-check" style="color:green" *ngIf="row.available"></i>
|
||||
<i class="fa fa-times" style="color:red" *ngIf="!row.available"></i>
|
||||
</td>
|
||||
<ng-container *ngIf="auth.profile.chief">
|
||||
<td>
|
||||
<img alt="driver" src="./assets/img/wheel.png" width="20px" *ngIf="row.driver">
|
||||
</td>
|
||||
|
@ -34,6 +37,7 @@
|
|||
</td>
|
||||
<td>{{ row.services }}</td>
|
||||
<td>{{ row.availability_minutes }}</td>
|
||||
</ng-container>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
import { Component, OnInit, Input, Output, EventEmitter } from '@angular/core';
|
||||
import { TableType } from 'src/app/_models/TableType';
|
||||
import { ApiClientService } from 'src/app/_services/api-client.service';
|
||||
import { AuthService } from '../../_services/auth.service';
|
||||
|
||||
@Component({
|
||||
selector: 'app-table',
|
||||
|
@ -15,7 +16,7 @@ export class TableComponent implements OnInit {
|
|||
|
||||
public data: any = [];
|
||||
|
||||
constructor(public apiClient: ApiClientService) {}
|
||||
constructor(public apiClient: ApiClientService, public auth: AuthService) {}
|
||||
|
||||
getTime() {
|
||||
return Math.floor(Date.now() / 1000);
|
||||
|
@ -36,4 +37,9 @@ export class TableComponent implements OnInit {
|
|||
this.loadTableData();
|
||||
}
|
||||
|
||||
onChangeAvailability(user: number, newState: 0|1) {
|
||||
if(this.auth.profile.chief) {
|
||||
this.changeAvailability.emit({user, newState});
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue