[WIP] Implemented basic permissions (#960)

* Add permissions to Database & add "User"-classes * Add UI & API for Permissions, protect "User"-(Api)-Controller with new permissions. * Add some permissions. * Add permission localization * Add error handling. * Error pages: only redirect on 404 * ExceptionController: return JSON-Response on api-routes * Rename PRODUCT_ADD to PRODUCT_PURCHASE * Move translation to new file * Fix checkboxes stay selected on reload. * Remove configurable User-implementation * Remove MASTER_DATA_READ * Disable buttons the user isn't allowed to use. * Add default permissions for new users * When migration to permissions, everyone starts as ADMIN * Permission-Localization: add to transifex & LocalizationService * Review Co-authored-by: Bernd Bestel <bernd@berrnd.de>
2025-08-19 11:48:55 +00:00 · 2020-08-29 12:05:32 +02:00
parent f28697e5b4
commit b7d1b21f1d
41 changed files with 930 additions and 67 deletions
--- a/public/viewjs/userpermissions.js
+++ b/public/viewjs/userpermissions.js
@@ -0,0 +1,42 @@
+$('input.permission-cb').click(
+    function () {
+        check_hierachy(this.checked, this.name);
+    }
+);
+
+function check_hierachy(checked, name) {
+    var disabled = checked;
+    $('#permission-sub-' + name).find('input.permission-cb')
+        .prop('checked', disabled)
+        .attr('disabled', disabled);
+}
+
+$('#permission-save').click(
+    function () {
+        var permission_list = $('input.permission-cb')
+            .filter(function () {
+                return $(this).prop('checked') && !$(this).attr('disabled');
+            }).map(function () {
+                return $(this).data('perm-id');
+            }).toArray();
+        Grocy.Api.Put('users/' + Grocy.EditObjectId + '/permissions', {
+                'permissions': permission_list,
+            }, function (result) {
+                toastr.success(__t("Permissions saved"));
+            }, function (xhr) {
+                toastr.error(__t(JSON.parse(xhr.response).error_message));
+            }
+        );
+    }
+);
+
+if (Grocy.EditObjectId == Grocy.UserId) {
+    $('input.permission-cb[name=ADMIN]').click(function () {
+        if (!this.checked) {
+            if (!confirm(__t('Are you sure you want to stop being an ADMIN?'))) {
+                this.checked = true;
+                check_hierachy(this.checked, this.name);
+            }
+        }
+    })
+}