From a68159cfeadd48f0f99d9c57872363c650ddbfc2 Mon Sep 17 00:00:00 2001
From: Braun Patrik <bra.patrik@gmail.com>
Date: Thu, 7 Jul 2016 12:26:36 +0200
Subject: [PATCH] implementing switchable userManagement

---
 backend/middlewares/user/AuthenticationMWs.ts |  8 ++++++--
 backend/middlewares/user/UserMWs.ts           | 16 ++++++++++++++++
 common/config/Config.ts                       |  2 +-
 common/entities/Error.ts                      |  4 +++-
 frontend/app/admin/admin.component.html       |  2 +-
 frontend/app/admin/admin.component.ts         | 10 ++++++++--
 6 files changed, 35 insertions(+), 7 deletions(-)

diff --git a/backend/middlewares/user/AuthenticationMWs.ts b/backend/middlewares/user/AuthenticationMWs.ts
index 99758271..043983c5 100644
--- a/backend/middlewares/user/AuthenticationMWs.ts
+++ b/backend/middlewares/user/AuthenticationMWs.ts
@@ -3,13 +3,17 @@
 
 import {NextFunction, Request, Response} from "express";
 import {Error, ErrorCodes} from "../../../common/entities/Error";
-import {UserRoles} from "../../../common/entities/User";
+import {UserRoles, User} from "../../../common/entities/User";
 import {ObjectManagerRepository} from "../../model/ObjectManagerRepository";
+import {Config} from "../../config/Config";
 
 export class AuthenticationMWs {
 
     public static authenticate(req:Request, res:Response, next:NextFunction) {
-        
+        if (Config.Client.authenticationRequired === false) {
+            req.session.user = new User("", "", UserRoles.Admin);
+            return next();
+        }
         if (typeof req.session.user === 'undefined') {
             return next(new Error(ErrorCodes.NOT_AUTHENTICATED));
         } 
diff --git a/backend/middlewares/user/UserMWs.ts b/backend/middlewares/user/UserMWs.ts
index 49a1f431..7e7a2568 100644
--- a/backend/middlewares/user/UserMWs.ts
+++ b/backend/middlewares/user/UserMWs.ts
@@ -2,10 +2,14 @@ import {NextFunction, Request, Response} from "express";
 import {Error, ErrorCodes} from "../../../common/entities/Error";
 import {ObjectManagerRepository} from "../../model/ObjectManagerRepository";
 import {User} from "../../../common/entities/User";
+import {Config} from "../../config/Config";
 
 export class UserMWs {
 
     public static changePassword(req:Request, res:Response, next:NextFunction) {
+        if (Config.Client.authenticationRequired === false) {
+            return next(new Error(ErrorCodes.USER_MANAGEMENT_DISABLED));
+        }
         if ((typeof req.body === 'undefined') || (typeof req.body.userModReq === 'undefined')
             || (typeof req.body.userModReq.id === 'undefined')
             || (typeof req.body.userModReq.oldPassword === 'undefined')
@@ -24,6 +28,9 @@ export class UserMWs {
 
 
     public static createUser(req:Request, res:Response, next:NextFunction) {
+        if (Config.Client.authenticationRequired === false) {
+            return next(new Error(ErrorCodes.USER_MANAGEMENT_DISABLED));
+        }
         if ((typeof req.body === 'undefined') || (typeof req.body.newUser === 'undefined')) {
             return next();
         }
@@ -39,6 +46,9 @@ export class UserMWs {
     }
 
     public static deleteUser(req:Request, res:Response, next:NextFunction) {
+        if (Config.Client.authenticationRequired === false) {
+            return next(new Error(ErrorCodes.USER_MANAGEMENT_DISABLED));
+        }
         if ((typeof req.params === 'undefined') || (typeof req.params.id === 'undefined')) {
             return next();
         }
@@ -55,6 +65,9 @@ export class UserMWs {
     }
 
     public static changeRole(req:Request, res:Response, next:NextFunction) {
+        if (Config.Client.authenticationRequired === false) {
+            return next(new Error(ErrorCodes.USER_MANAGEMENT_DISABLED));
+        }
         if ((typeof req.params === 'undefined') || (typeof req.params.id === 'undefined')
             || (typeof req.body === 'undefined') || (typeof req.body.newRole === 'undefined')) {
             return next();
@@ -71,6 +84,9 @@ export class UserMWs {
 
 
     public static listUsers(req:Request, res:Response, next:NextFunction) {
+        if (Config.Client.authenticationRequired === false) {
+            return next(new Error(ErrorCodes.USER_MANAGEMENT_DISABLED));
+        }
         ObjectManagerRepository.getInstance().getUserManager().find({}, (err, result:Array<User>) => {
             if ((err) || (!result)) {
                 return next(new Error(ErrorCodes.GENERAL_ERROR));
diff --git a/common/config/Config.ts b/common/config/Config.ts
index a239efe3..1ecc8cfa 100644
--- a/common/config/Config.ts
+++ b/common/config/Config.ts
@@ -39,7 +39,7 @@ export class ConfigClass {
         enableCache: false,
         enableOnScrollRendering: true,
         enableOnScrollThumbnailPrioritising: true,
-        authenticationRequired: true
+        authenticationRequired: false
     };
 
     public setDatabaseType(type:DatabaseType) {
diff --git a/common/entities/Error.ts b/common/entities/Error.ts
index 7ecc3ad6..7ac5976f 100644
--- a/common/entities/Error.ts
+++ b/common/entities/Error.ts
@@ -9,7 +9,9 @@ export enum ErrorCodes{
 
 
     GENERAL_ERROR,
-    SERVER_ERROR
+    SERVER_ERROR,
+
+    USER_MANAGEMENT_DISABLED
 
 }
 
diff --git a/frontend/app/admin/admin.component.html b/frontend/app/admin/admin.component.html
index 8f748285..d2e69ba6 100644
--- a/frontend/app/admin/admin.component.html
+++ b/frontend/app/admin/admin.component.html
@@ -1,6 +1,6 @@
 <app-frame>
     <div body class="container">
-        <div class="panel panel-default">
+        <div class="panel panel-default" *ngIf="userManagementEnable">
             <div class="panel-heading">
                 <h3 class="panel-title">User management</h3>
             </div>
diff --git a/frontend/app/admin/admin.component.ts b/frontend/app/admin/admin.component.ts
index 01583566..07a98f2d 100644
--- a/frontend/app/admin/admin.component.ts
+++ b/frontend/app/admin/admin.component.ts
@@ -10,6 +10,7 @@ import {Utils} from "../../../common/Utils";
 import {AdminService} from "./admin.service";
 import {Message} from "../../../common/entities/Message";
 import {StringifyRole} from "./../pipes/StringifyRolePipe";
+import {Config} from "../config/Config";
 
 @Component({
     selector: 'admin',
@@ -24,8 +25,11 @@ export class AdminComponent implements OnInit {
     private newUser = new User();
     private userRoles:Array<any> = [];
     private users:Array<User> = [];
+    userManagementEnable:boolean = false;
 
     constructor(private _authService:AuthenticationService, private _router:Router, private _adminService:AdminService) {
+
+        this.userManagementEnable = Config.Client.authenticationRequired;
     }
 
     ngOnInit() {
@@ -33,8 +37,10 @@ export class AdminComponent implements OnInit {
             this._router.navigate(['Login']);
             return;
         }
-        this.userRoles = Utils.enumToArray(UserRoles).filter(r => r.key <= this._authService.getUser().role);
-        this.getUsersList();
+        if (Config.Client.authenticationRequired === true) {
+            this.userRoles = Utils.enumToArray(UserRoles).filter(r => r.key <= this._authService.getUser().role);
+            this.getUsersList();
+        }
     }
 
     private getUsersList() {