Gestion des permissions
This commit is contained in:
parent
efd8912648
commit
420cfd5c9d
SSH key fingerprint:
SHA256:19MbXpLua4rUtk8tunMesD8KUKb91LXLHg8E/qTooww
6 changed files with 211 additions and 2 deletions
|
|
@ -61,9 +61,15 @@ func UserShow(c *fiber.Ctx) error {
|
|||
user.Name,
|
||||
)
|
||||
|
||||
var userRoles []models.UserRole
|
||||
db.Joins("Role").Joins("Section").Order("Section__name collate nocase asc").Find(
|
||||
&userRoles, "user_id = ?", id,
|
||||
)
|
||||
|
||||
return c.Render("user", fiber.Map{
|
||||
"PageTitle": title,
|
||||
"User": user,
|
||||
"UserRoles": userRoles,
|
||||
})
|
||||
}
|
||||
|
||||
|
|
@ -231,6 +237,97 @@ func UserEdit(c *fiber.Ctx) error {
|
|||
})
|
||||
}
|
||||
|
||||
func UserPermissions(c *fiber.Ctx) error {
|
||||
id := c.Params("id")
|
||||
|
||||
db, err := helpers.GetDatabase()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
var user models.User
|
||||
result := db.Find(&user, "id = ?", id)
|
||||
|
||||
if errors.Is(result.Error, gorm.ErrRecordNotFound) {
|
||||
return fiber.NewError(fiber.StatusNotFound, "Not found")
|
||||
}
|
||||
|
||||
if result.Error != nil {
|
||||
return result.Error
|
||||
}
|
||||
|
||||
title := fmt.Sprintf(
|
||||
"%s | Permissions utilisateur",
|
||||
user.Name,
|
||||
)
|
||||
|
||||
var roles []models.Role
|
||||
db.Order("name collate nocase asc").Find(&roles)
|
||||
|
||||
var sections []models.Section
|
||||
db.Order("name collate nocase asc").Find(§ions)
|
||||
|
||||
var errors []string
|
||||
if c.Method() == "POST" {
|
||||
var newUserRoles []models.UserRole
|
||||
|
||||
for _, section := range sections {
|
||||
key := fmt.Sprintf("section-%d", section.ID)
|
||||
value := c.FormValue(key, "0")
|
||||
|
||||
valueInt, err := strconv.ParseUint(value, 10, 0)
|
||||
if err == nil && valueInt > 0 {
|
||||
roleID := uint(valueInt)
|
||||
roleFound := false
|
||||
|
||||
for _, role := range roles {
|
||||
if role.ID == roleID {
|
||||
roleFound = true
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
if roleFound {
|
||||
newUserRoles = append(newUserRoles, models.UserRole{
|
||||
UserID: user.ID,
|
||||
RoleID: roleID,
|
||||
SectionID: section.ID,
|
||||
})
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
db.Delete(&models.UserRole{}, "user_id = ?", id)
|
||||
for _, newUserRole := range newUserRoles {
|
||||
db.Create(&newUserRole)
|
||||
}
|
||||
|
||||
if len(errors) == 0 {
|
||||
result2 := db.Save(&user)
|
||||
if result2.Error != nil {
|
||||
return result2.Error
|
||||
} else {
|
||||
c.Redirect(fmt.Sprintf(
|
||||
"/admin/users/%d",
|
||||
user.ID,
|
||||
))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
var userRoles []models.UserRole
|
||||
db.Find(&userRoles, "user_id = ?", id)
|
||||
|
||||
return c.Render("user_permissions", fiber.Map{
|
||||
"PageTitle": title,
|
||||
"User": user,
|
||||
"Roles": roles,
|
||||
"Sections": sections,
|
||||
"UserRoles": userRoles,
|
||||
"Errors": errors,
|
||||
})
|
||||
}
|
||||
|
||||
func UserDelete(c *fiber.Ctx) error {
|
||||
id := c.Params("id")
|
||||
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ func connectDatabase() (*gorm.DB, error) {
|
|||
&models.User{},
|
||||
&models.Section{},
|
||||
&models.Role{},
|
||||
&models.UserRoles{},
|
||||
&models.UserRole{},
|
||||
&models.Person{},
|
||||
&models.List{},
|
||||
&models.ListItem{},
|
||||
|
|
|
|||
2
main.go
2
main.go
|
|
@ -142,6 +142,8 @@ func main() {
|
|||
app.Post("/admin/users/add", controllers.UserAdd)
|
||||
app.Get("/admin/users/:id<int;min(0)>/edit", controllers.UserEdit)
|
||||
app.Post("/admin/users/:id<int;min(0)>/edit", controllers.UserEdit)
|
||||
app.Get("/admin/users/:id<int;min(0)>/permissions", controllers.UserPermissions)
|
||||
app.Post("/admin/users/:id<int;min(0)>/permissions", controllers.UserPermissions)
|
||||
app.Post("/admin/users/:id<int;min(0)>/delete", controllers.UserDelete)
|
||||
|
||||
// Admin: Roles
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ type User struct {
|
|||
SkipWelcome bool
|
||||
}
|
||||
|
||||
type UserRoles struct {
|
||||
type UserRole struct {
|
||||
gorm.Model
|
||||
UserID uint
|
||||
User User
|
||||
|
|
|
|||
|
|
@ -51,11 +51,35 @@
|
|||
{% endif %}
|
||||
</div>
|
||||
|
||||
{% if UserRoles %}
|
||||
<div class="mb-4">
|
||||
<div class="mb-3">
|
||||
<b>Permissions</b>
|
||||
</div>
|
||||
<div style="max-width: 500px;">
|
||||
<table class="table table-bordered">
|
||||
<tbody>
|
||||
{% for UserRole in UserRoles %}
|
||||
<tr>
|
||||
<td>{{ UserRole.Section.Name }}</td>
|
||||
<td>{{ UserRole.Role.Name }}</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<div class="mt-3">
|
||||
<a class="btn btn-md btn-primary" href="/admin/users/{{ User.ID }}/edit">
|
||||
<i class="feather" data-feather="edit-2"></i>
|
||||
Modifier
|
||||
</a>
|
||||
<a class="btn btn-md btn-primary" href="/admin/users/{{ User.ID }}/permissions">
|
||||
<i class="feather" data-feather="lock"></i>
|
||||
Permissions
|
||||
</a>
|
||||
|
||||
{% if User.ID != Globals.UserID %}
|
||||
<form
|
||||
|
|
|
|||
86
views/user_permissions.html
Normal file
86
views/user_permissions.html
Normal file
|
|
@ -0,0 +1,86 @@
|
|||
{% extends "layouts/main.html" %}
|
||||
|
||||
{% block main %}
|
||||
<div class="container mt-4">
|
||||
<div class="mb-4">
|
||||
<nav>
|
||||
<ol class="breadcrumb">
|
||||
<li class="breadcrumb-item"><a href="/">Accueil</a></li>
|
||||
<li class="breadcrumb-item"><a href="/admin">Administration</a></li>
|
||||
<li class="breadcrumb-item"><a href="/admin/users">Utilisateurs</a></li>
|
||||
<li class="breadcrumb-item"><a href="/admin/users/{{ User.ID }}">{{ User.Name }}</a></li>
|
||||
<li class="breadcrumb-item active">Permissions</li>
|
||||
</ol>
|
||||
</nav>
|
||||
<hr>
|
||||
</div>
|
||||
|
||||
{% if Errors %}
|
||||
<div class="alert alert-danger">
|
||||
<ul class="m-0">
|
||||
{% for Error in Errors %}
|
||||
<li>{{ Error }}</li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<form id="user" method="post">
|
||||
|
||||
<div class="table-responsive">
|
||||
<table class="table">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Section</th>
|
||||
<th>Rôle</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{% for Section in Sections %}
|
||||
<tr>
|
||||
<td>
|
||||
<input
|
||||
type="text"
|
||||
class="form-control"
|
||||
readonly
|
||||
value="{{ Section.Name }}"
|
||||
>
|
||||
</td>
|
||||
<td>
|
||||
<select
|
||||
class="form-control"
|
||||
name="section-{{ Section.ID }}"
|
||||
id="section-{{ Section.ID }}"
|
||||
>
|
||||
<option value="0">--- Aucun ---</option>
|
||||
{% for Role in Roles %}
|
||||
<option
|
||||
value="{{ Role.ID }}"
|
||||
|
||||
{% for UserRole in UserRoles %}
|
||||
{% if Section.ID == UserRole.SectionID and Role.ID == UserRole.RoleID %}
|
||||
selected
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
>
|
||||
{{ Role.Name }}
|
||||
</option>
|
||||
{% endfor %}
|
||||
</select>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
|
||||
<div class="mt-3">
|
||||
<button class="btn btn-primary" type="submit">
|
||||
<i class="me-1" data-feather="save"></i>
|
||||
Enregistrer
|
||||
</button>
|
||||
</div>
|
||||
</form>
|
||||
|
||||
</div>
|
||||
{% endblock %}
|
||||
Loading…
Add table
Add a link
Reference in a new issue