From 77a815fe53728927c5d173e41439e61996063fcc Mon Sep 17 00:00:00 2001 From: "Patrik J. Braun" Date: Tue, 4 Dec 2018 22:08:13 +0100 Subject: [PATCH] adding option to configure unAuthenticated user role --- USERRIGHTS.md | 12 +++++++----- backend/middlewares/user/AuthenticationMWs.ts | 4 ++-- common/config/private/PrivateConfigClass.ts | 7 +++++++ common/config/public/ConfigClass.ts | 3 +++ frontend/app/model/network/authentication.service.ts | 2 +- frontend/app/settings/settings.service.ts | 2 ++ 6 files changed, 22 insertions(+), 8 deletions(-) diff --git a/USERRIGHTS.md b/USERRIGHTS.md index b7737007..8d58d298 100644 --- a/USERRIGHTS.md +++ b/USERRIGHTS.md @@ -1,7 +1,9 @@ # User rights - * Limited Guest - list dir - * Guest - +search - * User - +share - * Admin - +settings - * Developer - +see errors +| id | Role | rights | +|----|---------------|-------------| +| 1 | Limited Guest | list dir | +| 2 | Guest | +search | +| 3 | User | +share | +| 4 | Admin | +settings | +| 5 | Developer | +see errors | diff --git a/backend/middlewares/user/AuthenticationMWs.ts b/backend/middlewares/user/AuthenticationMWs.ts index 1c43b43e..1918156e 100644 --- a/backend/middlewares/user/AuthenticationMWs.ts +++ b/backend/middlewares/user/AuthenticationMWs.ts @@ -12,7 +12,7 @@ export class AuthenticationMWs { public static async tryAuthenticate(req: Request, res: Response, next: NextFunction) { if (Config.Client.authenticationRequired === false) { - req.session.user = {name: 'Admin', role: UserRoles.Admin}; + req.session.user = {name: UserRoles[Config.Client.unAuthenticatedUserRole], role: Config.Client.unAuthenticatedUserRole}; return next(); } try { @@ -31,7 +31,7 @@ export class AuthenticationMWs { public static async authenticate(req: Request, res: Response, next: NextFunction) { if (Config.Client.authenticationRequired === false) { - req.session.user = {name: 'Admin', role: UserRoles.Admin}; + req.session.user = {name: UserRoles[Config.Client.unAuthenticatedUserRole], role: Config.Client.unAuthenticatedUserRole}; return next(); } try { diff --git a/common/config/private/PrivateConfigClass.ts b/common/config/private/PrivateConfigClass.ts index 8031328b..bbd656e7 100644 --- a/common/config/private/PrivateConfigClass.ts +++ b/common/config/private/PrivateConfigClass.ts @@ -2,6 +2,9 @@ import {PublicConfigClass} from '../public/ConfigClass'; import {DatabaseType, IPrivateConfig, ReIndexingSensitivity, ServerConfig, ThumbnailProcessingLib} from './IPrivateConfig'; import * as path from 'path'; import {ConfigLoader} from 'typeconfig'; +import {UserService} from '../../../frontend/app/model/network/user.service'; +import {Utils} from '../../Utils'; +import {UserRoles} from '../../entities/UserDTO'; /** * This configuration will be only at backend @@ -59,6 +62,10 @@ export class PrivateConfigClass extends PublicConfigClass implements IPrivateCon path.join(__dirname, './../../../config.json'), [['PORT', 'Server-port']]); + if (Utils.enumToArray(UserRoles).map(r => r.key).indexOf(this.Client.unAuthenticatedUserRole) === -1) { + throw new Error('Unknown user role for Client.unAuthenticatedUserRole, found: ' + this.Client.unAuthenticatedUserRole); + } + } public save() { diff --git a/common/config/public/ConfigClass.ts b/common/config/public/ConfigClass.ts index 53018b0d..31b7c961 100644 --- a/common/config/public/ConfigClass.ts +++ b/common/config/public/ConfigClass.ts @@ -1,4 +1,5 @@ import {SortingMethods} from '../../entities/SortingMethods'; +import {UserRoles} from '../../entities/UserDTO'; export module ClientConfig { export interface SearchConfig { @@ -63,6 +64,7 @@ export module ClientConfig { RandomPhoto: RandomPhotoConfig; Other: OtherConfig; authenticationRequired: boolean; + unAuthenticatedUserRole: UserRoles; languages: string[]; Video: VideoConfig; MetaFile: MetaFileConfig; @@ -118,6 +120,7 @@ export class PublicConfigClass { } }, authenticationRequired: true, + unAuthenticatedUserRole: UserRoles.Admin, publicUrl: '', urlBase: '', languages: [] diff --git a/frontend/app/model/network/authentication.service.ts b/frontend/app/model/network/authentication.service.ts index 262d93ed..16515b1d 100644 --- a/frontend/app/model/network/authentication.service.ts +++ b/frontend/app/model/network/authentication.service.ts @@ -30,7 +30,7 @@ export class AuthenticationService { this.getSessionUser(); } else { if (Config.Client.authenticationRequired === false) { - this.user.next({name: '', role: UserRoles.Admin}); + this.user.next({name: UserRoles[Config.Client.unAuthenticatedUserRole], role: Config.Client.unAuthenticatedUserRole}); } } diff --git a/frontend/app/settings/settings.service.ts b/frontend/app/settings/settings.service.ts index dae36632..19af1d16 100644 --- a/frontend/app/settings/settings.service.ts +++ b/frontend/app/settings/settings.service.ts @@ -3,6 +3,7 @@ import {BehaviorSubject} from 'rxjs'; import {DatabaseType, IPrivateConfig, ReIndexingSensitivity, ThumbnailProcessingLib} from '../../../common/config/private/IPrivateConfig'; import {NetworkService} from '../model/network/network.service'; import {SortingMethods} from '../../../common/entities/SortingMethods'; +import {UserRoles} from '../../../common/entities/UserDTO'; @Injectable() export class SettingsService { @@ -55,6 +56,7 @@ export class SettingsService { publicUrl: '', applicationTitle: '', authenticationRequired: true, + unAuthenticatedUserRole: UserRoles.Admin, languages: [] }, Server: {