EinsatzOnline
/
EinsatzOnline
1
0
Fork 0
Code Issues 19 Pull Requests Projects 5 Releases Wiki Activity

Updated schema (added permission context) and improved member list

This commit is contained in:
Keanu D?lle 2020-08-22 23:35:41 +02:00
parent 174bd7f2c9
commit f29a90efe2
14 changed files with 355 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -21,4 +21,3 @@ Checkout our presentation: https://md.kabi.tk/p/H1nWPbueL
## How to contribute
* You can contribute by signing pull requests and issues or programming!
* Get in contact (Matrix: #errms@matrix.anghenfil.de) and check our website errms.dev and our project management tool: pm.errms.dev
*

11
migrations/2020-05-12-003758_create_roles_permissions/up.sql
View File

@ -1,14 +1,15 @@
-- Your SQL goes here
create table roles_permissions
(
role_id text not null
role_id text not null
constraint roles_permissions_roles_id_fk
references roles
on update cascade on delete cascade,
permission_id text not null
permission_id text not null
constraint roles_permissions_permissions_permission_fk
references permissions
on update cascade on delete cascade,
constraint roles_permissions_pk
primary key (role_id, permission_id)
);
role_permission_id uuid default uuid_generate_v1() not null
constraint roles_permissions_pk_2
primary key
);

2
migrations/2020-08-12-222219_create_groups/down.sql Normal file
View File

@ -0,0 +1,2 @@
-- This file should undo anything in `up.sql`
drop table groups;

15
migrations/2020-08-12-222219_create_groups/up.sql Normal file
View File

@ -0,0 +1,15 @@
-- Your SQL goes here
create table groups
(
entity_id uuid default uuid_generate_v1() not null
constraint groups_pk
primary key
constraint groups_entities_entity_id_fk
references entities
on update cascade on delete cascade,
group_name text not null,
group_description text
);
create unique index groups_group_name_uindex
on groups (group_name);

2
migrations/2020-08-12-222742_create_groups_entities/down.sql Normal file
View File

@ -0,0 +1,2 @@
-- This file should undo anything in `up.sql`
drop table groups_entities;

14
migrations/2020-08-12-222742_create_groups_entities/up.sql Normal file
View File

@ -0,0 +1,14 @@
-- Your SQL goes here
create table groups_entities
(
group_id uuid not null
constraint groups_entities_groups_group_id_fk
references groups
on update cascade on delete cascade,
entity_id uuid not null
constraint groups_entities_entities_entity_id_fk
references entities
on update cascade on delete cascade,
constraint groups_entities_pk
primary key (group_id, entity_id)
);

2
migrations/2020-08-22-212606_create_roles_permissions_context/down.sql Normal file
View File

@ -0,0 +1,2 @@
-- This file should undo anything in `up.sql`
drop table roles_permissions_context;

14
migrations/2020-08-22-212606_create_roles_permissions_context/up.sql Normal file
View File

@ -0,0 +1,14 @@
-- Your SQL goes here
create table roles_permissions_context
(
role_permission_id uuid
constraint roles_permissions_contexts_roles_permissions_role_permission_id
references roles_permissions
on update cascade on delete cascade,
entity uuid
constraint roles_permissions_contexts_entities_entity_id_fk
references entities
on update cascade on delete cascade,
constraint roles_permissions_context_pk
primary key (role_permission_id, entity)
);

4
resources/css/errms.css
View File

@ -96,3 +96,7 @@ ul ul a {
.sidebar_entry_active{
text-decoration: underline;
}
.group_selection_group{
display: inline;
}

11
resources/templates/module_member_management_selection.hbs
View File

@ -17,9 +17,14 @@
</ul>
<div class="tab-content" id="filterTabContent">
<div class="tab-pane fade show active" id="group" role="tabpanel" aria-labelledby="group-tab">
{{#each group_list}}
<input type="checkbox" id="{{group_id}}">{{name}}</input>
{{/each}}
<div class="group_selection_list">
{{#each group_list}}
<span class="form-check group_selection_group">
<input type="checkbox" class="form-check-input" id="{{group_id}}">
<label class="form-check-label" for="{{group_id}}">{{name}}</label>
</span>
{{/each}}
</div>
</div>
<div class="tab-pane fade" id="searchfields" role="tabpanel" aria-labelledby="searchfields-tab">
<div class="form-row">

235
sqlschema.sql Normal file
View File

@ -0,0 +1,235 @@
create table __diesel_schema_migrations
(
version varchar(50) not null
constraint __diesel_schema_migrations_pkey
primary key,
run_on timestamp default CURRENT_TIMESTAMP not null
);
create table users
(
id uuid default uuid_generate_v1() not null
constraint pk___users___id
primary key,
password text,
email text
);
create table communication_types
(
id uuid default uuid_generate_v1() not null
constraint pk___communication_types___id
primary key,
name text not null
);
create table addresses
(
id uuid default uuid_generate_v1() not null
constraint addresses_pk
primary key,
title text,
street text not null,
number text not null,
zipcode text not null,
city text not null,
geo_location point
);
create table entities
(
entity_id uuid default uuid_generate_v1() not null
constraint entities_pk
primary key
);
create table members
(
entity_id uuid default uuid_generate_v1() not null
constraint pk___members___id
primary key
constraint members_entities_entity_id_fk
references entities
on update cascade on delete cascade,
users_id uuid
constraint fk___members___users_id___users
references users,
firstname text not null,
lastname text not null,
date_of_birth date,
sex smallint,
salutation text,
place_of_birth text,
academic_titles text,
personnel_number integer,
ui_language text
);
create unique index members_personnel_number_uindex
on members (personnel_number);
create table addresses_entities
(
address_id uuid not null
constraint addresses_entities_addresses_id_fk
references addresses
on update cascade on delete cascade,
entitiy_id uuid not null
constraint addresses_entities_entities_entity_id_fk
references entities
on update cascade on delete cascade,
constraint addresses_entities_pk
primary key (address_id, entitiy_id)
);
create table buildings
(
entity_id uuid default uuid_generate_v1() not null
constraint buildings_pk
primary key
constraint buildings_entities_entity_id_fk
references entities
on update cascade on delete cascade,
name text not null,
description text
);
create table vehicle_categories
(
id uuid default uuid_generate_v1() not null
constraint vehicle_categories_pk
primary key,
name text not null,
description text
);
create table vehicles
(
entity_id uuid default uuid_generate_v1() not null
constraint vehicles_pk
primary key
constraint vehicles_entities_entity_id_fk
references entities
on update cascade on delete cascade
constraint vehicles_vehicle_categories_id_fk
references vehicle_categories
on update cascade on delete set null,
identifier text not null,
numberplate text,
description text,
vehicle_category uuid default uuid_generate_v1(),
next_inspection date,
is_operational boolean default true not null,
admissible_total_weight real,
required_license uuid
);
create table communication_targets
(
id uuid default uuid_generate_v1() not null
constraint pk___communication_targets___id
primary key
constraint communication_targets_entities_entity_id_fk
references entities
on update cascade on delete cascade,
entity text not null,
entity_id uuid not null,
com_type uuid not null
constraint fk___communication_target___type___communication_types
references communication_types,
value text not null,
description text,
visibility boolean default false not null
);
create table permissions
(
permission text not null
constraint permissions_pk
primary key,
description text
);
create table roles
(
id text not null
constraint roles_pk
primary key,
description text
);
create table roles_permissions
(
role_id text not null
constraint roles_permissions_roles_id_fk
references roles
on update cascade on delete cascade,
permission_id text not null
constraint roles_permissions_permissions_permission_fk
references permissions
on update cascade on delete cascade,
role_permission_id uuid default uuid_generate_v1() not null
constraint roles_permissions_pk_2
primary key
);
create unique index roles_permissions_role_permission_id_uindex
on roles_permissions (role_permission_id);
create table members_roles
(
member_id uuid not null
constraint members_roles_entities_entity_id_fk
references entities
on update cascade on delete cascade,
role_id text not null
constraint members_roles_roles_id_fk
references roles
on update cascade on delete cascade,
constraint members_roles_pk
primary key (member_id, role_id)
);
create table groups
(
entity_id uuid default uuid_generate_v1() not null
constraint groups_pk
primary key
constraint groups_entities_entity_id_fk
references entities
on update cascade on delete cascade,
group_name text not null,
group_description text
);
create unique index groups_group_name_uindex
on groups (group_name);
create table groups_entities
(
group_id uuid not null
constraint groups_entities_groups_group_id_fk
references groups
on update cascade on delete cascade,
entity_id uuid not null
constraint groups_entities_entities_entity_id_fk
references entities
on update cascade on delete cascade,
constraint groups_entities_pk
primary key (group_id, entity_id)
);
create table roles_permissions_context
(
role_permission_id uuid not null
constraint roles_permissions_contexts_roles_permissions_role_permission_id
references roles_permissions
on update cascade on delete cascade,
entity uuid not null
constraint roles_permissions_contexts_entities_entity_id_fk
references entities
on update cascade on delete cascade,
constraint roles_permissions_context_pk
primary key (role_permission_id, entity)
);

7
src/helper/server_errors.rs
View File

@ -7,3 +7,10 @@ use rocket::Request;
pub fn unauthorized() -> Redirect {
Redirect::to("/?error=unauthorized")
}
/// Catches all 403 errors and redirects to main portal page to show error
/// Will be called when member tries to access module/action without required permissions
#[catch(403)]
pub fn forbidden() -> Redirect {
Redirect::to("/portal?error=forbidden")
}

4
src/modules/member_management/view/member_management_selection_get.rs
View File

@ -18,6 +18,10 @@ pub fn member_management_selection_get(
None => return Err(Status::Unauthorized),
};
if !member.has_permission("modules.member_management.list.view".to_string()) {
return Err(Status::Forbidden);
}
Ok(Template::render(
"module_member_management_selection",
get_selection_context(member, &settings),

68
src/schema.rs
View File

@ -68,6 +68,27 @@ table! {
}
}
table! {
use diesel::sql_types::*;
use diesel_geometry::sql_types::*;
groups (entity_id) {
entity_id -> Uuid,
group_name -> Text,
group_description -> Nullable<Text>,
}
}
table! {
use diesel::sql_types::*;
use diesel_geometry::sql_types::*;
groups_entities (group_id, entity_id) {
group_id -> Uuid,
entity_id -> Uuid,
}
}
table! {
use diesel::sql_types::*;
use diesel_geometry::sql_types::*;
@ -121,9 +142,20 @@ table! {
use diesel::sql_types::*;
use diesel_geometry::sql_types::*;
roles_permissions (role_id, permission_id) {
roles_permissions (role_permission_id) {
role_id -> Text,
permission_id -> Text,
role_permission_id -> Uuid,
}
}
table! {
use diesel::sql_types::*;
use diesel_geometry::sql_types::*;
roles_permissions_context (role_permission_id, entity) {
role_permission_id -> Uuid,
entity -> Uuid,
}
}
@ -166,41 +198,24 @@ table! {
}
}
table! {
use diesel::sql_types::*;
use diesel_geometry::sql_types::*;
groups (group_id) {
group_id -> Uuid,
group_name -> Text,
group_description -> Nullable<Text>,
}
}
table! {
use diesel::sql_types::*;
use diesel_geometry::sql_types::*;
groups_entities (group_id, entity_id) {
group_id -> Uuid,
entity_id -> Uuid,
}
}
joinable!(addresses_entities -> addresses (address_id));
joinable!(addresses_entities -> entities (entitiy_id));
joinable!(buildings -> entities (entity_id));
joinable!(communication_targets -> communication_types (com_type));
joinable!(communication_targets -> entities (id));
joinable!(groups -> entities (entity_id));
joinable!(groups_entities -> entities (entity_id));
joinable!(groups_entities -> groups (group_id));
joinable!(members -> entities (entity_id));
joinable!(members -> users (users_id));
joinable!(members_roles -> entities (member_id));
joinable!(members_roles -> roles (role_id));
joinable!(roles_permissions -> permissions (permission_id));
joinable!(roles_permissions -> roles (role_id));
joinable!(roles_permissions_context -> entities (entity));
joinable!(roles_permissions_context -> roles_permissions (role_permission_id));
joinable!(vehicles -> entities (entity_id));
joinable!(vehicles -> vehicle_categories (entity_id));
joinable!(groups_entities -> entities (entity_id));
joinable!(groups_entities -> groups (group_id));
allow_tables_to_appear_in_same_query!(
addresses,
@ -209,14 +224,15 @@ allow_tables_to_appear_in_same_query!(
communication_targets,
communication_types,
entities,
groups,
groups_entities,
members,
members_roles,
permissions,
roles,
roles_permissions,
roles_permissions_context,
users,
vehicle_categories,
vehicles,
groups,
groups_entities,
);