Updated schema (added permission context) and improved member list
This commit is contained in:
parent
174bd7f2c9
commit
f29a90efe2
|
@ -21,4 +21,3 @@ Checkout our presentation: https://md.kabi.tk/p/H1nWPbueL
|
||||||
## How to contribute
|
## How to contribute
|
||||||
* You can contribute by signing pull requests and issues or programming!
|
* You can contribute by signing pull requests and issues or programming!
|
||||||
* Get in contact (Matrix: #errms@matrix.anghenfil.de) and check our website errms.dev and our project management tool: pm.errms.dev
|
* Get in contact (Matrix: #errms@matrix.anghenfil.de) and check our website errms.dev and our project management tool: pm.errms.dev
|
||||||
*
|
|
|
@ -1,14 +1,15 @@
|
||||||
-- Your SQL goes here
|
-- Your SQL goes here
|
||||||
create table roles_permissions
|
create table roles_permissions
|
||||||
(
|
(
|
||||||
role_id text not null
|
role_id text not null
|
||||||
constraint roles_permissions_roles_id_fk
|
constraint roles_permissions_roles_id_fk
|
||||||
references roles
|
references roles
|
||||||
on update cascade on delete cascade,
|
on update cascade on delete cascade,
|
||||||
permission_id text not null
|
permission_id text not null
|
||||||
constraint roles_permissions_permissions_permission_fk
|
constraint roles_permissions_permissions_permission_fk
|
||||||
references permissions
|
references permissions
|
||||||
on update cascade on delete cascade,
|
on update cascade on delete cascade,
|
||||||
constraint roles_permissions_pk
|
role_permission_id uuid default uuid_generate_v1() not null
|
||||||
primary key (role_id, permission_id)
|
constraint roles_permissions_pk_2
|
||||||
);
|
primary key
|
||||||
|
);
|
||||||
|
|
|
@ -0,0 +1,2 @@
|
||||||
|
-- This file should undo anything in `up.sql`
|
||||||
|
drop table groups;
|
|
@ -0,0 +1,15 @@
|
||||||
|
-- Your SQL goes here
|
||||||
|
create table groups
|
||||||
|
(
|
||||||
|
entity_id uuid default uuid_generate_v1() not null
|
||||||
|
constraint groups_pk
|
||||||
|
primary key
|
||||||
|
constraint groups_entities_entity_id_fk
|
||||||
|
references entities
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
group_name text not null,
|
||||||
|
group_description text
|
||||||
|
);
|
||||||
|
|
||||||
|
create unique index groups_group_name_uindex
|
||||||
|
on groups (group_name);
|
|
@ -0,0 +1,2 @@
|
||||||
|
-- This file should undo anything in `up.sql`
|
||||||
|
drop table groups_entities;
|
|
@ -0,0 +1,14 @@
|
||||||
|
-- Your SQL goes here
|
||||||
|
create table groups_entities
|
||||||
|
(
|
||||||
|
group_id uuid not null
|
||||||
|
constraint groups_entities_groups_group_id_fk
|
||||||
|
references groups
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
entity_id uuid not null
|
||||||
|
constraint groups_entities_entities_entity_id_fk
|
||||||
|
references entities
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
constraint groups_entities_pk
|
||||||
|
primary key (group_id, entity_id)
|
||||||
|
);
|
|
@ -0,0 +1,2 @@
|
||||||
|
-- This file should undo anything in `up.sql`
|
||||||
|
drop table roles_permissions_context;
|
|
@ -0,0 +1,14 @@
|
||||||
|
-- Your SQL goes here
|
||||||
|
create table roles_permissions_context
|
||||||
|
(
|
||||||
|
role_permission_id uuid
|
||||||
|
constraint roles_permissions_contexts_roles_permissions_role_permission_id
|
||||||
|
references roles_permissions
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
entity uuid
|
||||||
|
constraint roles_permissions_contexts_entities_entity_id_fk
|
||||||
|
references entities
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
constraint roles_permissions_context_pk
|
||||||
|
primary key (role_permission_id, entity)
|
||||||
|
);
|
|
@ -96,3 +96,7 @@ ul ul a {
|
||||||
.sidebar_entry_active{
|
.sidebar_entry_active{
|
||||||
text-decoration: underline;
|
text-decoration: underline;
|
||||||
}
|
}
|
||||||
|
.group_selection_group{
|
||||||
|
display: inline;
|
||||||
|
|
||||||
|
}
|
|
@ -17,9 +17,14 @@
|
||||||
</ul>
|
</ul>
|
||||||
<div class="tab-content" id="filterTabContent">
|
<div class="tab-content" id="filterTabContent">
|
||||||
<div class="tab-pane fade show active" id="group" role="tabpanel" aria-labelledby="group-tab">
|
<div class="tab-pane fade show active" id="group" role="tabpanel" aria-labelledby="group-tab">
|
||||||
{{#each group_list}}
|
<div class="group_selection_list">
|
||||||
<input type="checkbox" id="{{group_id}}">{{name}}</input>
|
{{#each group_list}}
|
||||||
{{/each}}
|
<span class="form-check group_selection_group">
|
||||||
|
<input type="checkbox" class="form-check-input" id="{{group_id}}">
|
||||||
|
<label class="form-check-label" for="{{group_id}}">{{name}}</label>
|
||||||
|
</span>
|
||||||
|
{{/each}}
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="tab-pane fade" id="searchfields" role="tabpanel" aria-labelledby="searchfields-tab">
|
<div class="tab-pane fade" id="searchfields" role="tabpanel" aria-labelledby="searchfields-tab">
|
||||||
<div class="form-row">
|
<div class="form-row">
|
||||||
|
|
|
@ -0,0 +1,235 @@
|
||||||
|
create table __diesel_schema_migrations
|
||||||
|
(
|
||||||
|
version varchar(50) not null
|
||||||
|
constraint __diesel_schema_migrations_pkey
|
||||||
|
primary key,
|
||||||
|
run_on timestamp default CURRENT_TIMESTAMP not null
|
||||||
|
);
|
||||||
|
|
||||||
|
create table users
|
||||||
|
(
|
||||||
|
id uuid default uuid_generate_v1() not null
|
||||||
|
constraint pk___users___id
|
||||||
|
primary key,
|
||||||
|
password text,
|
||||||
|
email text
|
||||||
|
);
|
||||||
|
|
||||||
|
create table communication_types
|
||||||
|
(
|
||||||
|
id uuid default uuid_generate_v1() not null
|
||||||
|
constraint pk___communication_types___id
|
||||||
|
primary key,
|
||||||
|
name text not null
|
||||||
|
);
|
||||||
|
|
||||||
|
create table addresses
|
||||||
|
(
|
||||||
|
id uuid default uuid_generate_v1() not null
|
||||||
|
constraint addresses_pk
|
||||||
|
primary key,
|
||||||
|
title text,
|
||||||
|
street text not null,
|
||||||
|
number text not null,
|
||||||
|
zipcode text not null,
|
||||||
|
city text not null,
|
||||||
|
geo_location point
|
||||||
|
);
|
||||||
|
|
||||||
|
create table entities
|
||||||
|
(
|
||||||
|
entity_id uuid default uuid_generate_v1() not null
|
||||||
|
constraint entities_pk
|
||||||
|
primary key
|
||||||
|
);
|
||||||
|
|
||||||
|
create table members
|
||||||
|
(
|
||||||
|
entity_id uuid default uuid_generate_v1() not null
|
||||||
|
constraint pk___members___id
|
||||||
|
primary key
|
||||||
|
constraint members_entities_entity_id_fk
|
||||||
|
references entities
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
users_id uuid
|
||||||
|
constraint fk___members___users_id___users
|
||||||
|
references users,
|
||||||
|
firstname text not null,
|
||||||
|
lastname text not null,
|
||||||
|
date_of_birth date,
|
||||||
|
sex smallint,
|
||||||
|
salutation text,
|
||||||
|
place_of_birth text,
|
||||||
|
academic_titles text,
|
||||||
|
personnel_number integer,
|
||||||
|
ui_language text
|
||||||
|
);
|
||||||
|
|
||||||
|
create unique index members_personnel_number_uindex
|
||||||
|
on members (personnel_number);
|
||||||
|
|
||||||
|
create table addresses_entities
|
||||||
|
(
|
||||||
|
address_id uuid not null
|
||||||
|
constraint addresses_entities_addresses_id_fk
|
||||||
|
references addresses
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
entitiy_id uuid not null
|
||||||
|
constraint addresses_entities_entities_entity_id_fk
|
||||||
|
references entities
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
constraint addresses_entities_pk
|
||||||
|
primary key (address_id, entitiy_id)
|
||||||
|
);
|
||||||
|
|
||||||
|
create table buildings
|
||||||
|
(
|
||||||
|
entity_id uuid default uuid_generate_v1() not null
|
||||||
|
constraint buildings_pk
|
||||||
|
primary key
|
||||||
|
constraint buildings_entities_entity_id_fk
|
||||||
|
references entities
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
name text not null,
|
||||||
|
description text
|
||||||
|
);
|
||||||
|
|
||||||
|
create table vehicle_categories
|
||||||
|
(
|
||||||
|
id uuid default uuid_generate_v1() not null
|
||||||
|
constraint vehicle_categories_pk
|
||||||
|
primary key,
|
||||||
|
name text not null,
|
||||||
|
description text
|
||||||
|
);
|
||||||
|
|
||||||
|
create table vehicles
|
||||||
|
(
|
||||||
|
entity_id uuid default uuid_generate_v1() not null
|
||||||
|
constraint vehicles_pk
|
||||||
|
primary key
|
||||||
|
constraint vehicles_entities_entity_id_fk
|
||||||
|
references entities
|
||||||
|
on update cascade on delete cascade
|
||||||
|
constraint vehicles_vehicle_categories_id_fk
|
||||||
|
references vehicle_categories
|
||||||
|
on update cascade on delete set null,
|
||||||
|
identifier text not null,
|
||||||
|
numberplate text,
|
||||||
|
description text,
|
||||||
|
vehicle_category uuid default uuid_generate_v1(),
|
||||||
|
next_inspection date,
|
||||||
|
is_operational boolean default true not null,
|
||||||
|
admissible_total_weight real,
|
||||||
|
required_license uuid
|
||||||
|
);
|
||||||
|
|
||||||
|
create table communication_targets
|
||||||
|
(
|
||||||
|
id uuid default uuid_generate_v1() not null
|
||||||
|
constraint pk___communication_targets___id
|
||||||
|
primary key
|
||||||
|
constraint communication_targets_entities_entity_id_fk
|
||||||
|
references entities
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
entity text not null,
|
||||||
|
entity_id uuid not null,
|
||||||
|
com_type uuid not null
|
||||||
|
constraint fk___communication_target___type___communication_types
|
||||||
|
references communication_types,
|
||||||
|
value text not null,
|
||||||
|
description text,
|
||||||
|
visibility boolean default false not null
|
||||||
|
);
|
||||||
|
|
||||||
|
create table permissions
|
||||||
|
(
|
||||||
|
permission text not null
|
||||||
|
constraint permissions_pk
|
||||||
|
primary key,
|
||||||
|
description text
|
||||||
|
);
|
||||||
|
|
||||||
|
create table roles
|
||||||
|
(
|
||||||
|
id text not null
|
||||||
|
constraint roles_pk
|
||||||
|
primary key,
|
||||||
|
description text
|
||||||
|
);
|
||||||
|
|
||||||
|
create table roles_permissions
|
||||||
|
(
|
||||||
|
role_id text not null
|
||||||
|
constraint roles_permissions_roles_id_fk
|
||||||
|
references roles
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
permission_id text not null
|
||||||
|
constraint roles_permissions_permissions_permission_fk
|
||||||
|
references permissions
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
role_permission_id uuid default uuid_generate_v1() not null
|
||||||
|
constraint roles_permissions_pk_2
|
||||||
|
primary key
|
||||||
|
);
|
||||||
|
|
||||||
|
create unique index roles_permissions_role_permission_id_uindex
|
||||||
|
on roles_permissions (role_permission_id);
|
||||||
|
|
||||||
|
create table members_roles
|
||||||
|
(
|
||||||
|
member_id uuid not null
|
||||||
|
constraint members_roles_entities_entity_id_fk
|
||||||
|
references entities
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
role_id text not null
|
||||||
|
constraint members_roles_roles_id_fk
|
||||||
|
references roles
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
constraint members_roles_pk
|
||||||
|
primary key (member_id, role_id)
|
||||||
|
);
|
||||||
|
|
||||||
|
create table groups
|
||||||
|
(
|
||||||
|
entity_id uuid default uuid_generate_v1() not null
|
||||||
|
constraint groups_pk
|
||||||
|
primary key
|
||||||
|
constraint groups_entities_entity_id_fk
|
||||||
|
references entities
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
group_name text not null,
|
||||||
|
group_description text
|
||||||
|
);
|
||||||
|
|
||||||
|
create unique index groups_group_name_uindex
|
||||||
|
on groups (group_name);
|
||||||
|
|
||||||
|
create table groups_entities
|
||||||
|
(
|
||||||
|
group_id uuid not null
|
||||||
|
constraint groups_entities_groups_group_id_fk
|
||||||
|
references groups
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
entity_id uuid not null
|
||||||
|
constraint groups_entities_entities_entity_id_fk
|
||||||
|
references entities
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
constraint groups_entities_pk
|
||||||
|
primary key (group_id, entity_id)
|
||||||
|
);
|
||||||
|
|
||||||
|
create table roles_permissions_context
|
||||||
|
(
|
||||||
|
role_permission_id uuid not null
|
||||||
|
constraint roles_permissions_contexts_roles_permissions_role_permission_id
|
||||||
|
references roles_permissions
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
entity uuid not null
|
||||||
|
constraint roles_permissions_contexts_entities_entity_id_fk
|
||||||
|
references entities
|
||||||
|
on update cascade on delete cascade,
|
||||||
|
constraint roles_permissions_context_pk
|
||||||
|
primary key (role_permission_id, entity)
|
||||||
|
);
|
||||||
|
|
|
@ -7,3 +7,10 @@ use rocket::Request;
|
||||||
pub fn unauthorized() -> Redirect {
|
pub fn unauthorized() -> Redirect {
|
||||||
Redirect::to("/?error=unauthorized")
|
Redirect::to("/?error=unauthorized")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Catches all 403 errors and redirects to main portal page to show error
|
||||||
|
/// Will be called when member tries to access module/action without required permissions
|
||||||
|
#[catch(403)]
|
||||||
|
pub fn forbidden() -> Redirect {
|
||||||
|
Redirect::to("/portal?error=forbidden")
|
||||||
|
}
|
||||||
|
|
|
@ -18,6 +18,10 @@ pub fn member_management_selection_get(
|
||||||
None => return Err(Status::Unauthorized),
|
None => return Err(Status::Unauthorized),
|
||||||
};
|
};
|
||||||
|
|
||||||
|
if !member.has_permission("modules.member_management.list.view".to_string()) {
|
||||||
|
return Err(Status::Forbidden);
|
||||||
|
}
|
||||||
|
|
||||||
Ok(Template::render(
|
Ok(Template::render(
|
||||||
"module_member_management_selection",
|
"module_member_management_selection",
|
||||||
get_selection_context(member, &settings),
|
get_selection_context(member, &settings),
|
||||||
|
|
|
@ -68,6 +68,27 @@ table! {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
table! {
|
||||||
|
use diesel::sql_types::*;
|
||||||
|
use diesel_geometry::sql_types::*;
|
||||||
|
|
||||||
|
groups (entity_id) {
|
||||||
|
entity_id -> Uuid,
|
||||||
|
group_name -> Text,
|
||||||
|
group_description -> Nullable<Text>,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
table! {
|
||||||
|
use diesel::sql_types::*;
|
||||||
|
use diesel_geometry::sql_types::*;
|
||||||
|
|
||||||
|
groups_entities (group_id, entity_id) {
|
||||||
|
group_id -> Uuid,
|
||||||
|
entity_id -> Uuid,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
table! {
|
table! {
|
||||||
use diesel::sql_types::*;
|
use diesel::sql_types::*;
|
||||||
use diesel_geometry::sql_types::*;
|
use diesel_geometry::sql_types::*;
|
||||||
|
@ -121,9 +142,20 @@ table! {
|
||||||
use diesel::sql_types::*;
|
use diesel::sql_types::*;
|
||||||
use diesel_geometry::sql_types::*;
|
use diesel_geometry::sql_types::*;
|
||||||
|
|
||||||
roles_permissions (role_id, permission_id) {
|
roles_permissions (role_permission_id) {
|
||||||
role_id -> Text,
|
role_id -> Text,
|
||||||
permission_id -> Text,
|
permission_id -> Text,
|
||||||
|
role_permission_id -> Uuid,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
table! {
|
||||||
|
use diesel::sql_types::*;
|
||||||
|
use diesel_geometry::sql_types::*;
|
||||||
|
|
||||||
|
roles_permissions_context (role_permission_id, entity) {
|
||||||
|
role_permission_id -> Uuid,
|
||||||
|
entity -> Uuid,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -166,41 +198,24 @@ table! {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
table! {
|
|
||||||
use diesel::sql_types::*;
|
|
||||||
use diesel_geometry::sql_types::*;
|
|
||||||
|
|
||||||
groups (group_id) {
|
|
||||||
group_id -> Uuid,
|
|
||||||
group_name -> Text,
|
|
||||||
group_description -> Nullable<Text>,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
table! {
|
|
||||||
use diesel::sql_types::*;
|
|
||||||
use diesel_geometry::sql_types::*;
|
|
||||||
|
|
||||||
groups_entities (group_id, entity_id) {
|
|
||||||
group_id -> Uuid,
|
|
||||||
entity_id -> Uuid,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
joinable!(addresses_entities -> addresses (address_id));
|
joinable!(addresses_entities -> addresses (address_id));
|
||||||
joinable!(addresses_entities -> entities (entitiy_id));
|
joinable!(addresses_entities -> entities (entitiy_id));
|
||||||
joinable!(buildings -> entities (entity_id));
|
joinable!(buildings -> entities (entity_id));
|
||||||
joinable!(communication_targets -> communication_types (com_type));
|
joinable!(communication_targets -> communication_types (com_type));
|
||||||
joinable!(communication_targets -> entities (id));
|
joinable!(communication_targets -> entities (id));
|
||||||
|
joinable!(groups -> entities (entity_id));
|
||||||
|
joinable!(groups_entities -> entities (entity_id));
|
||||||
|
joinable!(groups_entities -> groups (group_id));
|
||||||
joinable!(members -> entities (entity_id));
|
joinable!(members -> entities (entity_id));
|
||||||
joinable!(members -> users (users_id));
|
joinable!(members -> users (users_id));
|
||||||
joinable!(members_roles -> entities (member_id));
|
joinable!(members_roles -> entities (member_id));
|
||||||
joinable!(members_roles -> roles (role_id));
|
joinable!(members_roles -> roles (role_id));
|
||||||
joinable!(roles_permissions -> permissions (permission_id));
|
joinable!(roles_permissions -> permissions (permission_id));
|
||||||
|
joinable!(roles_permissions -> roles (role_id));
|
||||||
|
joinable!(roles_permissions_context -> entities (entity));
|
||||||
|
joinable!(roles_permissions_context -> roles_permissions (role_permission_id));
|
||||||
joinable!(vehicles -> entities (entity_id));
|
joinable!(vehicles -> entities (entity_id));
|
||||||
joinable!(vehicles -> vehicle_categories (entity_id));
|
joinable!(vehicles -> vehicle_categories (entity_id));
|
||||||
joinable!(groups_entities -> entities (entity_id));
|
|
||||||
joinable!(groups_entities -> groups (group_id));
|
|
||||||
|
|
||||||
allow_tables_to_appear_in_same_query!(
|
allow_tables_to_appear_in_same_query!(
|
||||||
addresses,
|
addresses,
|
||||||
|
@ -209,14 +224,15 @@ allow_tables_to_appear_in_same_query!(
|
||||||
communication_targets,
|
communication_targets,
|
||||||
communication_types,
|
communication_types,
|
||||||
entities,
|
entities,
|
||||||
|
groups,
|
||||||
|
groups_entities,
|
||||||
members,
|
members,
|
||||||
members_roles,
|
members_roles,
|
||||||
permissions,
|
permissions,
|
||||||
roles,
|
roles,
|
||||||
roles_permissions,
|
roles_permissions,
|
||||||
|
roles_permissions_context,
|
||||||
users,
|
users,
|
||||||
vehicle_categories,
|
vehicle_categories,
|
||||||
vehicles,
|
vehicles,
|
||||||
groups,
|
|
||||||
groups_entities,
|
|
||||||
);
|
);
|
||||||
|
|
Loading…
Reference in New Issue