Updated schema (added permission context) and improved member list
This commit is contained in:
parent
174bd7f2c9
commit
f29a90efe2
|
@ -21,4 +21,3 @@ Checkout our presentation: https://md.kabi.tk/p/H1nWPbueL
|
|||
## How to contribute
|
||||
* You can contribute by signing pull requests and issues or programming!
|
||||
* Get in contact (Matrix: #errms@matrix.anghenfil.de) and check our website errms.dev and our project management tool: pm.errms.dev
|
||||
*
|
|
@ -1,14 +1,15 @@
|
|||
-- Your SQL goes here
|
||||
create table roles_permissions
|
||||
(
|
||||
role_id text not null
|
||||
role_id text not null
|
||||
constraint roles_permissions_roles_id_fk
|
||||
references roles
|
||||
on update cascade on delete cascade,
|
||||
permission_id text not null
|
||||
permission_id text not null
|
||||
constraint roles_permissions_permissions_permission_fk
|
||||
references permissions
|
||||
on update cascade on delete cascade,
|
||||
constraint roles_permissions_pk
|
||||
primary key (role_id, permission_id)
|
||||
);
|
||||
role_permission_id uuid default uuid_generate_v1() not null
|
||||
constraint roles_permissions_pk_2
|
||||
primary key
|
||||
);
|
||||
|
|
|
@ -0,0 +1,2 @@
|
|||
-- This file should undo anything in `up.sql`
|
||||
drop table groups;
|
|
@ -0,0 +1,15 @@
|
|||
-- Your SQL goes here
|
||||
create table groups
|
||||
(
|
||||
entity_id uuid default uuid_generate_v1() not null
|
||||
constraint groups_pk
|
||||
primary key
|
||||
constraint groups_entities_entity_id_fk
|
||||
references entities
|
||||
on update cascade on delete cascade,
|
||||
group_name text not null,
|
||||
group_description text
|
||||
);
|
||||
|
||||
create unique index groups_group_name_uindex
|
||||
on groups (group_name);
|
|
@ -0,0 +1,2 @@
|
|||
-- This file should undo anything in `up.sql`
|
||||
drop table groups_entities;
|
|
@ -0,0 +1,14 @@
|
|||
-- Your SQL goes here
|
||||
create table groups_entities
|
||||
(
|
||||
group_id uuid not null
|
||||
constraint groups_entities_groups_group_id_fk
|
||||
references groups
|
||||
on update cascade on delete cascade,
|
||||
entity_id uuid not null
|
||||
constraint groups_entities_entities_entity_id_fk
|
||||
references entities
|
||||
on update cascade on delete cascade,
|
||||
constraint groups_entities_pk
|
||||
primary key (group_id, entity_id)
|
||||
);
|
|
@ -0,0 +1,2 @@
|
|||
-- This file should undo anything in `up.sql`
|
||||
drop table roles_permissions_context;
|
|
@ -0,0 +1,14 @@
|
|||
-- Your SQL goes here
|
||||
create table roles_permissions_context
|
||||
(
|
||||
role_permission_id uuid
|
||||
constraint roles_permissions_contexts_roles_permissions_role_permission_id
|
||||
references roles_permissions
|
||||
on update cascade on delete cascade,
|
||||
entity uuid
|
||||
constraint roles_permissions_contexts_entities_entity_id_fk
|
||||
references entities
|
||||
on update cascade on delete cascade,
|
||||
constraint roles_permissions_context_pk
|
||||
primary key (role_permission_id, entity)
|
||||
);
|
|
@ -96,3 +96,7 @@ ul ul a {
|
|||
.sidebar_entry_active{
|
||||
text-decoration: underline;
|
||||
}
|
||||
.group_selection_group{
|
||||
display: inline;
|
||||
|
||||
}
|
|
@ -17,9 +17,14 @@
|
|||
</ul>
|
||||
<div class="tab-content" id="filterTabContent">
|
||||
<div class="tab-pane fade show active" id="group" role="tabpanel" aria-labelledby="group-tab">
|
||||
{{#each group_list}}
|
||||
<input type="checkbox" id="{{group_id}}">{{name}}</input>
|
||||
{{/each}}
|
||||
<div class="group_selection_list">
|
||||
{{#each group_list}}
|
||||
<span class="form-check group_selection_group">
|
||||
<input type="checkbox" class="form-check-input" id="{{group_id}}">
|
||||
<label class="form-check-label" for="{{group_id}}">{{name}}</label>
|
||||
</span>
|
||||
{{/each}}
|
||||
</div>
|
||||
</div>
|
||||
<div class="tab-pane fade" id="searchfields" role="tabpanel" aria-labelledby="searchfields-tab">
|
||||
<div class="form-row">
|
||||
|
|
|
@ -0,0 +1,235 @@
|
|||
create table __diesel_schema_migrations
|
||||
(
|
||||
version varchar(50) not null
|
||||
constraint __diesel_schema_migrations_pkey
|
||||
primary key,
|
||||
run_on timestamp default CURRENT_TIMESTAMP not null
|
||||
);
|
||||
|
||||
create table users
|
||||
(
|
||||
id uuid default uuid_generate_v1() not null
|
||||
constraint pk___users___id
|
||||
primary key,
|
||||
password text,
|
||||
email text
|
||||
);
|
||||
|
||||
create table communication_types
|
||||
(
|
||||
id uuid default uuid_generate_v1() not null
|
||||
constraint pk___communication_types___id
|
||||
primary key,
|
||||
name text not null
|
||||
);
|
||||
|
||||
create table addresses
|
||||
(
|
||||
id uuid default uuid_generate_v1() not null
|
||||
constraint addresses_pk
|
||||
primary key,
|
||||
title text,
|
||||
street text not null,
|
||||
number text not null,
|
||||
zipcode text not null,
|
||||
city text not null,
|
||||
geo_location point
|
||||
);
|
||||
|
||||
create table entities
|
||||
(
|
||||
entity_id uuid default uuid_generate_v1() not null
|
||||
constraint entities_pk
|
||||
primary key
|
||||
);
|
||||
|
||||
create table members
|
||||
(
|
||||
entity_id uuid default uuid_generate_v1() not null
|
||||
constraint pk___members___id
|
||||
primary key
|
||||
constraint members_entities_entity_id_fk
|
||||
references entities
|
||||
on update cascade on delete cascade,
|
||||
users_id uuid
|
||||
constraint fk___members___users_id___users
|
||||
references users,
|
||||
firstname text not null,
|
||||
lastname text not null,
|
||||
date_of_birth date,
|
||||
sex smallint,
|
||||
salutation text,
|
||||
place_of_birth text,
|
||||
academic_titles text,
|
||||
personnel_number integer,
|
||||
ui_language text
|
||||
);
|
||||
|
||||
create unique index members_personnel_number_uindex
|
||||
on members (personnel_number);
|
||||
|
||||
create table addresses_entities
|
||||
(
|
||||
address_id uuid not null
|
||||
constraint addresses_entities_addresses_id_fk
|
||||
references addresses
|
||||
on update cascade on delete cascade,
|
||||
entitiy_id uuid not null
|
||||
constraint addresses_entities_entities_entity_id_fk
|
||||
references entities
|
||||
on update cascade on delete cascade,
|
||||
constraint addresses_entities_pk
|
||||
primary key (address_id, entitiy_id)
|
||||
);
|
||||
|
||||
create table buildings
|
||||
(
|
||||
entity_id uuid default uuid_generate_v1() not null
|
||||
constraint buildings_pk
|
||||
primary key
|
||||
constraint buildings_entities_entity_id_fk
|
||||
references entities
|
||||
on update cascade on delete cascade,
|
||||
name text not null,
|
||||
description text
|
||||
);
|
||||
|
||||
create table vehicle_categories
|
||||
(
|
||||
id uuid default uuid_generate_v1() not null
|
||||
constraint vehicle_categories_pk
|
||||
primary key,
|
||||
name text not null,
|
||||
description text
|
||||
);
|
||||
|
||||
create table vehicles
|
||||
(
|
||||
entity_id uuid default uuid_generate_v1() not null
|
||||
constraint vehicles_pk
|
||||
primary key
|
||||
constraint vehicles_entities_entity_id_fk
|
||||
references entities
|
||||
on update cascade on delete cascade
|
||||
constraint vehicles_vehicle_categories_id_fk
|
||||
references vehicle_categories
|
||||
on update cascade on delete set null,
|
||||
identifier text not null,
|
||||
numberplate text,
|
||||
description text,
|
||||
vehicle_category uuid default uuid_generate_v1(),
|
||||
next_inspection date,
|
||||
is_operational boolean default true not null,
|
||||
admissible_total_weight real,
|
||||
required_license uuid
|
||||
);
|
||||
|
||||
create table communication_targets
|
||||
(
|
||||
id uuid default uuid_generate_v1() not null
|
||||
constraint pk___communication_targets___id
|
||||
primary key
|
||||
constraint communication_targets_entities_entity_id_fk
|
||||
references entities
|
||||
on update cascade on delete cascade,
|
||||
entity text not null,
|
||||
entity_id uuid not null,
|
||||
com_type uuid not null
|
||||
constraint fk___communication_target___type___communication_types
|
||||
references communication_types,
|
||||
value text not null,
|
||||
description text,
|
||||
visibility boolean default false not null
|
||||
);
|
||||
|
||||
create table permissions
|
||||
(
|
||||
permission text not null
|
||||
constraint permissions_pk
|
||||
primary key,
|
||||
description text
|
||||
);
|
||||
|
||||
create table roles
|
||||
(
|
||||
id text not null
|
||||
constraint roles_pk
|
||||
primary key,
|
||||
description text
|
||||
);
|
||||
|
||||
create table roles_permissions
|
||||
(
|
||||
role_id text not null
|
||||
constraint roles_permissions_roles_id_fk
|
||||
references roles
|
||||
on update cascade on delete cascade,
|
||||
permission_id text not null
|
||||
constraint roles_permissions_permissions_permission_fk
|
||||
references permissions
|
||||
on update cascade on delete cascade,
|
||||
role_permission_id uuid default uuid_generate_v1() not null
|
||||
constraint roles_permissions_pk_2
|
||||
primary key
|
||||
);
|
||||
|
||||
create unique index roles_permissions_role_permission_id_uindex
|
||||
on roles_permissions (role_permission_id);
|
||||
|
||||
create table members_roles
|
||||
(
|
||||
member_id uuid not null
|
||||
constraint members_roles_entities_entity_id_fk
|
||||
references entities
|
||||
on update cascade on delete cascade,
|
||||
role_id text not null
|
||||
constraint members_roles_roles_id_fk
|
||||
references roles
|
||||
on update cascade on delete cascade,
|
||||
constraint members_roles_pk
|
||||
primary key (member_id, role_id)
|
||||
);
|
||||
|
||||
create table groups
|
||||
(
|
||||
entity_id uuid default uuid_generate_v1() not null
|
||||
constraint groups_pk
|
||||
primary key
|
||||
constraint groups_entities_entity_id_fk
|
||||
references entities
|
||||
on update cascade on delete cascade,
|
||||
group_name text not null,
|
||||
group_description text
|
||||
);
|
||||
|
||||
create unique index groups_group_name_uindex
|
||||
on groups (group_name);
|
||||
|
||||
create table groups_entities
|
||||
(
|
||||
group_id uuid not null
|
||||
constraint groups_entities_groups_group_id_fk
|
||||
references groups
|
||||
on update cascade on delete cascade,
|
||||
entity_id uuid not null
|
||||
constraint groups_entities_entities_entity_id_fk
|
||||
references entities
|
||||
on update cascade on delete cascade,
|
||||
constraint groups_entities_pk
|
||||
primary key (group_id, entity_id)
|
||||
);
|
||||
|
||||
create table roles_permissions_context
|
||||
(
|
||||
role_permission_id uuid not null
|
||||
constraint roles_permissions_contexts_roles_permissions_role_permission_id
|
||||
references roles_permissions
|
||||
on update cascade on delete cascade,
|
||||
entity uuid not null
|
||||
constraint roles_permissions_contexts_entities_entity_id_fk
|
||||
references entities
|
||||
on update cascade on delete cascade,
|
||||
constraint roles_permissions_context_pk
|
||||
primary key (role_permission_id, entity)
|
||||
);
|
||||
|
|
@ -7,3 +7,10 @@ use rocket::Request;
|
|||
pub fn unauthorized() -> Redirect {
|
||||
Redirect::to("/?error=unauthorized")
|
||||
}
|
||||
|
||||
/// Catches all 403 errors and redirects to main portal page to show error
|
||||
/// Will be called when member tries to access module/action without required permissions
|
||||
#[catch(403)]
|
||||
pub fn forbidden() -> Redirect {
|
||||
Redirect::to("/portal?error=forbidden")
|
||||
}
|
||||
|
|
|
@ -18,6 +18,10 @@ pub fn member_management_selection_get(
|
|||
None => return Err(Status::Unauthorized),
|
||||
};
|
||||
|
||||
if !member.has_permission("modules.member_management.list.view".to_string()) {
|
||||
return Err(Status::Forbidden);
|
||||
}
|
||||
|
||||
Ok(Template::render(
|
||||
"module_member_management_selection",
|
||||
get_selection_context(member, &settings),
|
||||
|
|
|
@ -68,6 +68,27 @@ table! {
|
|||
}
|
||||
}
|
||||
|
||||
table! {
|
||||
use diesel::sql_types::*;
|
||||
use diesel_geometry::sql_types::*;
|
||||
|
||||
groups (entity_id) {
|
||||
entity_id -> Uuid,
|
||||
group_name -> Text,
|
||||
group_description -> Nullable<Text>,
|
||||
}
|
||||
}
|
||||
|
||||
table! {
|
||||
use diesel::sql_types::*;
|
||||
use diesel_geometry::sql_types::*;
|
||||
|
||||
groups_entities (group_id, entity_id) {
|
||||
group_id -> Uuid,
|
||||
entity_id -> Uuid,
|
||||
}
|
||||
}
|
||||
|
||||
table! {
|
||||
use diesel::sql_types::*;
|
||||
use diesel_geometry::sql_types::*;
|
||||
|
@ -121,9 +142,20 @@ table! {
|
|||
use diesel::sql_types::*;
|
||||
use diesel_geometry::sql_types::*;
|
||||
|
||||
roles_permissions (role_id, permission_id) {
|
||||
roles_permissions (role_permission_id) {
|
||||
role_id -> Text,
|
||||
permission_id -> Text,
|
||||
role_permission_id -> Uuid,
|
||||
}
|
||||
}
|
||||
|
||||
table! {
|
||||
use diesel::sql_types::*;
|
||||
use diesel_geometry::sql_types::*;
|
||||
|
||||
roles_permissions_context (role_permission_id, entity) {
|
||||
role_permission_id -> Uuid,
|
||||
entity -> Uuid,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -166,41 +198,24 @@ table! {
|
|||
}
|
||||
}
|
||||
|
||||
table! {
|
||||
use diesel::sql_types::*;
|
||||
use diesel_geometry::sql_types::*;
|
||||
|
||||
groups (group_id) {
|
||||
group_id -> Uuid,
|
||||
group_name -> Text,
|
||||
group_description -> Nullable<Text>,
|
||||
}
|
||||
}
|
||||
|
||||
table! {
|
||||
use diesel::sql_types::*;
|
||||
use diesel_geometry::sql_types::*;
|
||||
|
||||
groups_entities (group_id, entity_id) {
|
||||
group_id -> Uuid,
|
||||
entity_id -> Uuid,
|
||||
}
|
||||
}
|
||||
|
||||
joinable!(addresses_entities -> addresses (address_id));
|
||||
joinable!(addresses_entities -> entities (entitiy_id));
|
||||
joinable!(buildings -> entities (entity_id));
|
||||
joinable!(communication_targets -> communication_types (com_type));
|
||||
joinable!(communication_targets -> entities (id));
|
||||
joinable!(groups -> entities (entity_id));
|
||||
joinable!(groups_entities -> entities (entity_id));
|
||||
joinable!(groups_entities -> groups (group_id));
|
||||
joinable!(members -> entities (entity_id));
|
||||
joinable!(members -> users (users_id));
|
||||
joinable!(members_roles -> entities (member_id));
|
||||
joinable!(members_roles -> roles (role_id));
|
||||
joinable!(roles_permissions -> permissions (permission_id));
|
||||
joinable!(roles_permissions -> roles (role_id));
|
||||
joinable!(roles_permissions_context -> entities (entity));
|
||||
joinable!(roles_permissions_context -> roles_permissions (role_permission_id));
|
||||
joinable!(vehicles -> entities (entity_id));
|
||||
joinable!(vehicles -> vehicle_categories (entity_id));
|
||||
joinable!(groups_entities -> entities (entity_id));
|
||||
joinable!(groups_entities -> groups (group_id));
|
||||
|
||||
allow_tables_to_appear_in_same_query!(
|
||||
addresses,
|
||||
|
@ -209,14 +224,15 @@ allow_tables_to_appear_in_same_query!(
|
|||
communication_targets,
|
||||
communication_types,
|
||||
entities,
|
||||
groups,
|
||||
groups_entities,
|
||||
members,
|
||||
members_roles,
|
||||
permissions,
|
||||
roles,
|
||||
roles_permissions,
|
||||
roles_permissions_context,
|
||||
users,
|
||||
vehicle_categories,
|
||||
vehicles,
|
||||
groups,
|
||||
groups_entities,
|
||||
);
|
||||
|
|
Loading…
Reference in New Issue