1
0
mirror of https://github.com/Jermolene/TiddlyWiki5 synced 2025-01-28 18:04:44 +00:00
TiddlyWiki5/plugins/tiddlywiki/multiwikiserver/modules/routes/handlers/get-acl.js
webplusai 316bd65296
Add success and error message feedback for user profile operations (#8716)
* mws authentication

* add more tests and permission checkers

* add logic to ensure that only authenticated users' requests are handled

* add custom login page

* Implement user authentication as well as session handling

* work on user operations authorization

* add middleware to route handlers for bags & tiddlers routes

* add feature that only returns the tiddlers and bags which the user has permission to access on index page

* refactor auth routes & added user management page

* fix Ci Test failure issue

* fix users list page, add manage roles page

* add commands and scripts to create new user & assign roles and permissions

* resolved ci-test failure

* add ACL permissions to bags & tiddlers on creation

* fix comments and access control list bug

* fix indentation issues

* working on user profile edit

* remove list users command & added support for database in server options

* implement user profile update and password change feature

* update plugin readme

* implement command which triggers protected mode on the server

* revert server-wide auth flag. Implement selective authorization

* ACL management feature

* Complete Access control list implementation

* Added support to manage users' assigned role by admin

* fix comments

* fix comment

* Add user profile management and account deletion functionality

* add success and error message feedback for user profile operations

* fix indentation issues

* Add command to create admin user if none exists when the start command is executed

* refactor annonymous user flow with create admin implementation

* remove mws-add-user from start command
2024-11-08 10:09:42 +00:00

97 lines
3.2 KiB
JavaScript

/*\
title: $:/plugins/tiddlywiki/multiwikiserver/routes/handlers/get-acl.js
type: application/javascript
module-type: mws-route
GET /admin/acl
\*/
(function () {
/*jslint node: true, browser: true */
/*global $tw: false */
"use strict";
exports.method = "GET";
exports.path = /^\/admin\/acl\/(.+)$/;
exports.handler = function (request, response, state) {
var sqlTiddlerDatabase = state.server.sqlTiddlerDatabase;
var params = state.params[0].split("/")
var recipeName = params[0];
var bagName = params[params.length - 1];
var recipes = sqlTiddlerDatabase.listRecipes()
var bags = sqlTiddlerDatabase.listBags()
var recipe = recipes.find((entry) => entry.recipe_name === recipeName && entry.bag_names.includes(bagName))
var bag = bags.find((entry) => entry.bag_name === bagName);
if (!recipe || !bag) {
response.writeHead(500, "Unable to handle request", { "Content-Type": "text/html" });
response.end();
return;
}
var recipeAclRecords = sqlTiddlerDatabase.getEntityAclRecords(recipe.recipe_name);
var bagAclRecords = sqlTiddlerDatabase.getEntityAclRecords(bag.bag_name);
var roles = state.server.sqlTiddlerDatabase.listRoles();
var permissions = state.server.sqlTiddlerDatabase.listPermissions();
// This ensures that the user attempting to view the ACL management page has permission to do so
if(!state.authenticatedUser || (recipeAclRecords.length > 0 && !sqlTiddlerDatabase.hasRecipePermission(state.authenticatedUser.user_id, recipeName, 'WRITE'))){
response.writeHead(403, "Forbidden");
response.end();
return
}
// Enhance ACL records with role and permission details
recipeAclRecords = recipeAclRecords.map(record => {
var role = roles.find(role => role.role_id === record.role_id);
var permission = permissions.find(perm => perm.permission_id === record.permission_id);
return ({
...record,
role,
permission,
role_name: role.role_name,
role_description: role.description,
permission_name: permission.permission_name,
permission_description: permission.description
})
});
bagAclRecords = bagAclRecords.map(record => {
var role = roles.find(role => role.role_id === record.role_id);
var permission = permissions.find(perm => perm.permission_id === record.permission_id);
return ({
...record,
role,
permission,
role_name: role.role_name,
role_description: role.description,
permission_name: permission.permission_name,
permission_description: permission.description
})
});
response.writeHead(200, "OK", { "Content-Type": "text/html" });
var html = $tw.mws.store.adminWiki.renderTiddler("text/plain", "$:/plugins/tiddlywiki/multiwikiserver/templates/page", {
variables: {
"page-content": "$:/plugins/tiddlywiki/multiwikiserver/templates/manage-acl",
"roles-list": JSON.stringify(roles),
"permissions-list": JSON.stringify(permissions),
"bag": JSON.stringify(bag),
"recipe": JSON.stringify(recipe),
"recipe-acl-records": JSON.stringify(recipeAclRecords),
"bag-acl-records": JSON.stringify(bagAclRecords),
"username": state.authenticatedUser ? state.authenticatedUser.username : state.firstGuestUser ? "Annonymous User" : "Guest",
"user-is-admin": state.authenticatedUser && state.authenticatedUser.isAdmin ? "yes" : "no"
}
});
response.write(html);
response.end();
};
}());