Ability to restrict a user's ability to change passwords (#1018)
* Implemented a new role "Change Password". This role allows you to change your own password. By default, all users will have it. A user can have it removed arbitrarliy. Removed components that are no longer going to be used. * Cleaned up some code
This commit is contained in:
Joseph Milazzo
GitHub
parent
9d20343f4e
commit
6ee8320c2b
16 changed files with 48 additions and 174 deletions
|
|
@ -41,6 +41,10 @@ export class AccountService implements OnDestroy {
|
|||
return user && user.roles.includes('Admin');
|
||||
}
|
||||
|
||||
hasChangePasswordRole(user: User) {
|
||||
return user && user.roles.includes('Change Password');
|
||||
}
|
||||
|
||||
hasDownloadRole(user: User) {
|
||||
return user && user.roles.includes('Download');
|
||||
}
|
||||
|
|
|
|||
|
|
@ -36,9 +36,6 @@ export class MemberService {
|
|||
return this.httpClient.get<boolean>(this.baseUrl + 'users/has-reading-progress?libraryId=' + librayId);
|
||||
}
|
||||
|
||||
updateMemberRoles(username: string, roles: string[]) {
|
||||
return this.httpClient.post(this.baseUrl + 'account/update-rbs', {username, roles});
|
||||
}
|
||||
|
||||
getPendingInvites() {
|
||||
return this.httpClient.get<Array<Member>>(this.baseUrl + 'users/pending');
|
||||
|
|
|
|||
|
|
@ -1,23 +0,0 @@
|
|||
|
||||
<div class="modal-header">
|
||||
<h4 class="modal-title" id="modal-basic-title">Edit {{member?.username}}'s Roles</h4>
|
||||
<button type="button" class="close" aria-label="Close" (click)="close()">
|
||||
<span aria-hidden="true">×</span>
|
||||
</button>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<ul class="list-group">
|
||||
<li class="list-group-item" *ngFor="let role of selectedRoles; let i = index">
|
||||
<div class="form-check">
|
||||
<input id="library-{{i}}" type="checkbox" attr.aria-label="Library {{role.data}}" class="form-check-input"
|
||||
[(ngModel)]="role.selected" name="library">
|
||||
<label attr.for="library-{{i}}" class="form-check-label">{{role.data}}</label>
|
||||
</div>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
<div class="modal-footer">
|
||||
<button type="button" class="btn btn-light" (click)="reset()">Reset</button>
|
||||
<button type="button" class="btn btn-secondary" (click)="close()">Cancel</button>
|
||||
<button type="button" class="btn btn-primary" (click)="save()">Save</button>
|
||||
</div>
|
||||
|
|
@ -1,74 +0,0 @@
|
|||
import { Component, Input, OnInit } from '@angular/core';
|
||||
import { NgbActiveModal } from '@ng-bootstrap/ng-bootstrap';
|
||||
import { Member } from 'src/app/_models/member';
|
||||
import { AccountService } from 'src/app/_services/account.service';
|
||||
import { MemberService } from 'src/app/_services/member.service';
|
||||
|
||||
// TODO: Remove this component, edit-user will take over
|
||||
|
||||
@Component({
|
||||
selector: 'app-edit-rbs-modal',
|
||||
templateUrl: './edit-rbs-modal.component.html',
|
||||
styleUrls: ['./edit-rbs-modal.component.scss']
|
||||
})
|
||||
export class EditRbsModalComponent implements OnInit {
|
||||
|
||||
@Input() member: Member | undefined;
|
||||
allRoles: string[] = [];
|
||||
selectedRoles: Array<{selected: boolean, data: string}> = [];
|
||||
|
||||
constructor(public modal: NgbActiveModal, private accountService: AccountService, private memberService: MemberService) { }
|
||||
|
||||
ngOnInit(): void {
|
||||
this.accountService.getRoles().subscribe(roles => {
|
||||
roles = roles.filter(item => item != 'Admin' && item != 'Pleb'); // Do not allow the user to modify Account RBS
|
||||
this.allRoles = roles;
|
||||
this.selectedRoles = roles.map(item => {
|
||||
return {selected: false, data: item};
|
||||
});
|
||||
|
||||
this.preselect();
|
||||
});
|
||||
}
|
||||
|
||||
close() {
|
||||
this.modal.close(undefined);
|
||||
}
|
||||
|
||||
save() {
|
||||
if (this.member?.username === undefined) {
|
||||
return;
|
||||
}
|
||||
|
||||
const selectedRoles = this.selectedRoles.filter(item => item.selected).map(item => item.data);
|
||||
this.memberService.updateMemberRoles(this.member?.username, selectedRoles).subscribe(() => {
|
||||
if (this.member) {
|
||||
this.member.roles = selectedRoles;
|
||||
this.modal.close(this.member);
|
||||
return;
|
||||
}
|
||||
this.modal.close(undefined);
|
||||
});
|
||||
}
|
||||
|
||||
reset() {
|
||||
this.selectedRoles = this.allRoles.map(item => {
|
||||
return {selected: false, data: item};
|
||||
});
|
||||
|
||||
|
||||
this.preselect();
|
||||
}
|
||||
|
||||
preselect() {
|
||||
if (this.member !== undefined) {
|
||||
this.member.roles.forEach(role => {
|
||||
const foundRole = this.selectedRoles.filter(item => item.data === role);
|
||||
if (foundRole.length > 0) {
|
||||
foundRole[0].selected = true;
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -12,7 +12,6 @@ import { DirectoryPickerComponent } from './_modals/directory-picker/directory-p
|
|||
import { FormsModule, ReactiveFormsModule } from '@angular/forms';
|
||||
import { ResetPasswordModalComponent } from './_modals/reset-password-modal/reset-password-modal.component';
|
||||
import { ManageSettingsComponent } from './manage-settings/manage-settings.component';
|
||||
import { EditRbsModalComponent } from './_modals/edit-rbs-modal/edit-rbs-modal.component';
|
||||
import { ManageSystemComponent } from './manage-system/manage-system.component';
|
||||
import { ChangelogComponent } from './changelog/changelog.component';
|
||||
import { PipeModule } from '../pipe/pipe.module';
|
||||
|
|
@ -34,7 +33,6 @@ import { EditUserComponent } from './edit-user/edit-user.component';
|
|||
DirectoryPickerComponent,
|
||||
ResetPasswordModalComponent,
|
||||
ManageSettingsComponent,
|
||||
EditRbsModalComponent,
|
||||
ManageSystemComponent,
|
||||
ChangelogComponent,
|
||||
InviteUserComponent,
|
||||
|
|
|
|||
|
|
@ -62,10 +62,6 @@
|
|||
<ng-template #showRoles>
|
||||
<app-tag-badge *ngFor="let role of getRoles(member)">{{role}}</app-tag-badge>
|
||||
</ng-template>
|
||||
<button class="btn btn-icon" attr.aria-labelledby="member-name--{{idx}}" title="{{hasAdminRole(member) ? 'Admins have all feature permissions' : 'Edit Role'}}" (click)="openEditRole(member)" [disabled]="hasAdminRole(member)">
|
||||
<i class="fa fa-pen" aria-hidden="true"></i>
|
||||
<span class="sr-only">Edit Role</span>
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@ import { AccountService } from 'src/app/_services/account.service';
|
|||
import { ToastrService } from 'ngx-toastr';
|
||||
import { ResetPasswordModalComponent } from '../_modals/reset-password-modal/reset-password-modal.component';
|
||||
import { ConfirmService } from 'src/app/shared/confirm.service';
|
||||
import { EditRbsModalComponent } from '../_modals/edit-rbs-modal/edit-rbs-modal.component';
|
||||
import { Subject } from 'rxjs';
|
||||
import { MessageHubService } from 'src/app/_services/message-hub.service';
|
||||
import { InviteUserComponent } from '../invite-user/invite-user.component';
|
||||
|
|
@ -112,16 +111,6 @@ export class ManageUsersComponent implements OnInit, OnDestroy {
|
|||
}
|
||||
}
|
||||
|
||||
openEditRole(member: Member) {
|
||||
const modalRef = this.modalService.open(EditRbsModalComponent);
|
||||
modalRef.componentInstance.member = member;
|
||||
modalRef.closed.subscribe((updatedMember: Member) => {
|
||||
if (updatedMember !== undefined) {
|
||||
member = updatedMember;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
inviteUser() {
|
||||
const modalRef = this.modalService.open(InviteUserComponent, {size: 'lg'});
|
||||
modalRef.closed.subscribe((successful: boolean) => {
|
||||
|
|
|
|||
|
|
@ -194,7 +194,7 @@
|
|||
<app-series-bookmarks></app-series-bookmarks>
|
||||
</ng-container>
|
||||
<ng-container *ngIf="tab.fragment === 'password'">
|
||||
<ng-container *ngIf="isAdmin">
|
||||
<ng-container *ngIf="(isAdmin || hasChangePasswordRole); else noPermission">
|
||||
<p>Change your Password</p>
|
||||
<div class="alert alert-danger" role="alert" *ngIf="resetPasswordErrors.length > 0">
|
||||
<div *ngFor="let error of resetPasswordErrors">{{error}}</div>
|
||||
|
|
@ -227,6 +227,9 @@
|
|||
</div>
|
||||
</form>
|
||||
</ng-container>
|
||||
<ng-template #noPermission>
|
||||
<p>You do not have permission to change your password. Reach out to the admin of the server.</p>
|
||||
</ng-template>
|
||||
</ng-container>
|
||||
<ng-container *ngIf="tab.fragment === 'clients'">
|
||||
<p>All 3rd Party clients will either use the API key or the Connection Url below. These are like passwords, keep it private.</p>
|
||||
|
|
|
|||
|
|
@ -11,6 +11,7 @@ import { AccountService } from 'src/app/_services/account.service';
|
|||
import { NavService } from 'src/app/_services/nav.service';
|
||||
import { ActivatedRoute } from '@angular/router';
|
||||
import { SettingsService } from 'src/app/admin/settings.service';
|
||||
import { Member } from 'src/app/_models/member';
|
||||
|
||||
@Component({
|
||||
selector: 'app-user-preferences',
|
||||
|
|
@ -28,6 +29,7 @@ export class UserPreferencesComponent implements OnInit, OnDestroy {
|
|||
passwordChangeForm: FormGroup = new FormGroup({});
|
||||
user: User | undefined = undefined;
|
||||
isAdmin: boolean = false;
|
||||
hasChangePasswordRole: boolean = false;
|
||||
|
||||
passwordsMatch = false;
|
||||
resetPasswordErrors: string[] = [];
|
||||
|
|
@ -85,6 +87,7 @@ export class UserPreferencesComponent implements OnInit, OnDestroy {
|
|||
if (user) {
|
||||
this.user = user;
|
||||
this.isAdmin = this.accountService.hasAdminRole(user);
|
||||
this.hasChangePasswordRole = this.accountService.hasChangePasswordRole(user);
|
||||
|
||||
if (this.fontFamilies.indexOf(this.user.preferences.bookReaderFontFamily) < 0) {
|
||||
this.user.preferences.bookReaderFontFamily = 'default';
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue