From 877a7ddfe63e95d49f027a7b763514fb2be2ddb2 Mon Sep 17 00:00:00 2001 From: rubikscraft Date: Thu, 24 Mar 2022 20:05:32 +0100 Subject: [PATCH] Fix permission bugs --- backend/src/models/dto/roles.dto.ts | 2 +- .../src/routes/api/pref/pref.controller.ts | 12 ++++--- .../src/routes/api/user/user.controller.ts | 32 +++++++++---------- shared/src/dto/permissions.ts | 4 +-- 4 files changed, 26 insertions(+), 24 deletions(-) diff --git a/backend/src/models/dto/roles.dto.ts b/backend/src/models/dto/roles.dto.ts index cc0d45d..84fcf4a 100644 --- a/backend/src/models/dto/roles.dto.ts +++ b/backend/src/models/dto/roles.dto.ts @@ -25,7 +25,7 @@ const SystemRoleDefaultsTyped: { guest: [Permission.ImageView, Permission.UserLogin], user: [ Permission.ImageView, - Permission.UserMe, + Permission.UserKeepLogin, Permission.UserLogin, Permission.Settings, Permission.ImageUpload, diff --git a/backend/src/routes/api/pref/pref.controller.ts b/backend/src/routes/api/pref/pref.controller.ts index 014d411..2f0a79b 100644 --- a/backend/src/routes/api/pref/pref.controller.ts +++ b/backend/src/routes/api/pref/pref.controller.ts @@ -36,12 +36,14 @@ export class PrefController { throw new InternalServerErrorException('Could not get preferences'); } - const returned = new MultipleSysPreferencesResponse(); - returned.preferences = prefs.map((pref) => - plainToClass(SysPreferenceBaseResponse, pref), - ); + const returned: MultipleSysPreferencesResponse = { + preferences: prefs.map((pref) => + plainToClass(SysPreferenceBaseResponse, pref), + ), + total: prefs.length, + }; - return returned; + return plainToClass(MultipleSysPreferencesResponse, returned); } @Get('sys/:key') diff --git a/backend/src/routes/api/user/user.controller.ts b/backend/src/routes/api/user/user.controller.ts index 82e9a55..53c61ee 100644 --- a/backend/src/routes/api/user/user.controller.ts +++ b/backend/src/routes/api/user/user.controller.ts @@ -1,27 +1,27 @@ import { - Body, - Controller, - Get, - InternalServerErrorException, - Logger, - Post, - Request + Body, + Controller, + Get, + InternalServerErrorException, + Logger, + Post, + Request } from '@nestjs/common'; import { - UserLoginResponse, - UserMePermissionsResponse, - UserMeResponse, - UserRegisterRequest, - UserRegisterResponse + UserLoginResponse, + UserMePermissionsResponse, + UserMeResponse, + UserRegisterRequest, + UserRegisterResponse } from 'picsur-shared/dist/dto/api/user.dto'; import { Permission } from 'picsur-shared/dist/dto/permissions'; import { HasFailed } from 'picsur-shared/dist/types'; import { UsersService } from '../../../collections/userdb/userdb.service'; import { UserRolesService } from '../../../collections/userdb/userrolesdb.service'; import { - NoPermissions, - RequiredPermissions, - UseLocalAuth + NoPermissions, + RequiredPermissions, + UseLocalAuth } from '../../../decorators/permissions.decorator'; import { AuthManagerService } from '../../../managers/auth/auth.service'; import AuthFasityRequest from '../../../models/requests/authrequest.dto'; @@ -62,7 +62,7 @@ export class UserController { } @Get('me') - @RequiredPermissions(Permission.UserMe) + @RequiredPermissions(Permission.UserKeepLogin) async me(@Request() req: AuthFasityRequest): Promise { const user = await this.usersService.findOne(req.user.username); diff --git a/shared/src/dto/permissions.ts b/shared/src/dto/permissions.ts index 4b3c01d..663bcc9 100644 --- a/shared/src/dto/permissions.ts +++ b/shared/src/dto/permissions.ts @@ -5,7 +5,7 @@ export enum Permission { ImageUpload = 'image-upload', UserLogin = 'user-login', // Ability to log in - UserMe = 'user-me', // Ability to view own user details and refresh token + UserKeepLogin = 'user-keep-login', // Ability to view own user details and refresh token UserRegister = 'user-register', // Ability to register Settings = 'settings', // Ability to view (personal) settings @@ -35,7 +35,7 @@ export const UIFriendlyPermissions: { [Permission.ImageUpload]: 'Upload images', [Permission.UserLogin]: 'Login', - [Permission.UserMe]: 'View self', + [Permission.UserKeepLogin]: 'Stay Logged In', [Permission.UserRegister]: 'Register', [Permission.Settings]: 'View settings',