diff options
author | Chocobozzz <florian.bigard@gmail.com> | 2017-10-27 16:55:03 +0200 |
---|---|---|
committer | Chocobozzz <florian.bigard@gmail.com> | 2017-10-27 16:55:03 +0200 |
commit | 954605a804da399317ca62afa2fb9244afa11ebf (patch) | |
tree | de6ee69280bfb928bc01c29430e13d5b820e921a /client | |
parent | e02573ad67626210ed279bad321ee139094921a1 (diff) | |
download | PeerTube-954605a804da399317ca62afa2fb9244afa11ebf.tar.gz PeerTube-954605a804da399317ca62afa2fb9244afa11ebf.tar.zst PeerTube-954605a804da399317ca62afa2fb9244afa11ebf.zip |
Support roles with rights and add moderator role
Diffstat (limited to 'client')
27 files changed, 190 insertions, 52 deletions
diff --git a/client/src/app/+admin/admin-routing.module.ts b/client/src/app/+admin/admin-routing.module.ts index c3e4895ac..7262768fe 100644 --- a/client/src/app/+admin/admin-routing.module.ts +++ b/client/src/app/+admin/admin-routing.module.ts | |||
@@ -8,15 +8,14 @@ import { FriendsRoutes } from './friends' | |||
8 | import { RequestSchedulersRoutes } from './request-schedulers' | 8 | import { RequestSchedulersRoutes } from './request-schedulers' |
9 | import { UsersRoutes } from './users' | 9 | import { UsersRoutes } from './users' |
10 | import { VideoAbusesRoutes } from './video-abuses' | 10 | import { VideoAbusesRoutes } from './video-abuses' |
11 | import { AdminGuard } from './admin-guard.service' | ||
12 | import { VideoBlacklistRoutes } from './video-blacklist' | 11 | import { VideoBlacklistRoutes } from './video-blacklist' |
13 | 12 | ||
14 | const adminRoutes: Routes = [ | 13 | const adminRoutes: Routes = [ |
15 | { | 14 | { |
16 | path: '', | 15 | path: '', |
17 | component: AdminComponent, | 16 | component: AdminComponent, |
18 | canActivate: [ MetaGuard, AdminGuard ], | 17 | canActivate: [ MetaGuard ], |
19 | canActivateChild: [ MetaGuard, AdminGuard ], | 18 | canActivateChild: [ MetaGuard ], |
20 | children: [ | 19 | children: [ |
21 | { | 20 | { |
22 | path: '', | 21 | path: '', |
diff --git a/client/src/app/+admin/admin.module.ts b/client/src/app/+admin/admin.module.ts index f29c501b0..6c216e5d8 100644 --- a/client/src/app/+admin/admin.module.ts +++ b/client/src/app/+admin/admin.module.ts | |||
@@ -8,7 +8,6 @@ import { UsersComponent, UserAddComponent, UserUpdateComponent, UserListComponen | |||
8 | import { VideoAbusesComponent, VideoAbuseListComponent } from './video-abuses' | 8 | import { VideoAbusesComponent, VideoAbuseListComponent } from './video-abuses' |
9 | import { VideoBlacklistComponent, VideoBlacklistListComponent } from './video-blacklist' | 9 | import { VideoBlacklistComponent, VideoBlacklistListComponent } from './video-blacklist' |
10 | import { SharedModule } from '../shared' | 10 | import { SharedModule } from '../shared' |
11 | import { AdminGuard } from './admin-guard.service' | ||
12 | 11 | ||
13 | @NgModule({ | 12 | @NgModule({ |
14 | imports: [ | 13 | imports: [ |
@@ -45,8 +44,7 @@ import { AdminGuard } from './admin-guard.service' | |||
45 | providers: [ | 44 | providers: [ |
46 | FriendService, | 45 | FriendService, |
47 | RequestSchedulersService, | 46 | RequestSchedulersService, |
48 | UserService, | 47 | UserService |
49 | AdminGuard | ||
50 | ] | 48 | ] |
51 | }) | 49 | }) |
52 | export class AdminModule { } | 50 | export class AdminModule { } |
diff --git a/client/src/app/+admin/friends/friends.routes.ts b/client/src/app/+admin/friends/friends.routes.ts index 615b6f4f7..61cfcae19 100644 --- a/client/src/app/+admin/friends/friends.routes.ts +++ b/client/src/app/+admin/friends/friends.routes.ts | |||
@@ -1,13 +1,19 @@ | |||
1 | import { Routes } from '@angular/router' | 1 | import { Routes } from '@angular/router' |
2 | 2 | ||
3 | import { UserRightGuard } from '../../core' | ||
3 | import { FriendsComponent } from './friends.component' | 4 | import { FriendsComponent } from './friends.component' |
4 | import { FriendAddComponent } from './friend-add' | 5 | import { FriendAddComponent } from './friend-add' |
5 | import { FriendListComponent } from './friend-list' | 6 | import { FriendListComponent } from './friend-list' |
7 | import { UserRight } from '../../../../../shared' | ||
6 | 8 | ||
7 | export const FriendsRoutes: Routes = [ | 9 | export const FriendsRoutes: Routes = [ |
8 | { | 10 | { |
9 | path: 'friends', | 11 | path: 'friends', |
10 | component: FriendsComponent, | 12 | component: FriendsComponent, |
13 | canActivate: [ UserRightGuard ], | ||
14 | data: { | ||
15 | userRight: UserRight.MANAGE_PODS | ||
16 | }, | ||
11 | children: [ | 17 | children: [ |
12 | { | 18 | { |
13 | path: '', | 19 | path: '', |
diff --git a/client/src/app/+admin/request-schedulers/request-schedulers.routes.ts b/client/src/app/+admin/request-schedulers/request-schedulers.routes.ts index 4961c646b..c2564de15 100644 --- a/client/src/app/+admin/request-schedulers/request-schedulers.routes.ts +++ b/client/src/app/+admin/request-schedulers/request-schedulers.routes.ts | |||
@@ -1,5 +1,7 @@ | |||
1 | import { Routes } from '@angular/router' | 1 | import { Routes } from '@angular/router' |
2 | 2 | ||
3 | import { UserRightGuard } from '../../core' | ||
4 | import { UserRight } from '../../../../../shared' | ||
3 | import { RequestSchedulersComponent } from './request-schedulers.component' | 5 | import { RequestSchedulersComponent } from './request-schedulers.component' |
4 | import { RequestSchedulersStatsComponent } from './request-schedulers-stats' | 6 | import { RequestSchedulersStatsComponent } from './request-schedulers-stats' |
5 | 7 | ||
@@ -7,6 +9,10 @@ export const RequestSchedulersRoutes: Routes = [ | |||
7 | { | 9 | { |
8 | path: 'requests', | 10 | path: 'requests', |
9 | component: RequestSchedulersComponent, | 11 | component: RequestSchedulersComponent, |
12 | canActivate: [ UserRightGuard ], | ||
13 | data: { | ||
14 | userRight: UserRight.MANAGE_REQUEST_SCHEDULERS | ||
15 | }, | ||
10 | children: [ | 16 | children: [ |
11 | { | 17 | { |
12 | path: '', | 18 | path: '', |
diff --git a/client/src/app/+admin/users/user-edit/user-add.component.ts b/client/src/app/+admin/users/user-edit/user-add.component.ts index 6d8151b42..8e3e3d53d 100644 --- a/client/src/app/+admin/users/user-edit/user-add.component.ts +++ b/client/src/app/+admin/users/user-edit/user-add.component.ts | |||
@@ -9,10 +9,11 @@ import { | |||
9 | USER_USERNAME, | 9 | USER_USERNAME, |
10 | USER_EMAIL, | 10 | USER_EMAIL, |
11 | USER_PASSWORD, | 11 | USER_PASSWORD, |
12 | USER_VIDEO_QUOTA | 12 | USER_VIDEO_QUOTA, |
13 | USER_ROLE | ||
13 | } from '../../../shared' | 14 | } from '../../../shared' |
14 | import { ServerService } from '../../../core' | 15 | import { ServerService } from '../../../core' |
15 | import { UserCreate } from '../../../../../../shared' | 16 | import { UserCreate, UserRole } from '../../../../../../shared' |
16 | import { UserEdit } from './user-edit' | 17 | import { UserEdit } from './user-edit' |
17 | 18 | ||
18 | @Component({ | 19 | @Component({ |
@@ -28,12 +29,14 @@ export class UserAddComponent extends UserEdit implements OnInit { | |||
28 | 'username': '', | 29 | 'username': '', |
29 | 'email': '', | 30 | 'email': '', |
30 | 'password': '', | 31 | 'password': '', |
32 | 'role': '', | ||
31 | 'videoQuota': '' | 33 | 'videoQuota': '' |
32 | } | 34 | } |
33 | validationMessages = { | 35 | validationMessages = { |
34 | 'username': USER_USERNAME.MESSAGES, | 36 | 'username': USER_USERNAME.MESSAGES, |
35 | 'email': USER_EMAIL.MESSAGES, | 37 | 'email': USER_EMAIL.MESSAGES, |
36 | 'password': USER_PASSWORD.MESSAGES, | 38 | 'password': USER_PASSWORD.MESSAGES, |
39 | 'role': USER_ROLE.MESSAGES, | ||
37 | 'videoQuota': USER_VIDEO_QUOTA.MESSAGES | 40 | 'videoQuota': USER_VIDEO_QUOTA.MESSAGES |
38 | } | 41 | } |
39 | 42 | ||
@@ -52,6 +55,7 @@ export class UserAddComponent extends UserEdit implements OnInit { | |||
52 | username: [ '', USER_USERNAME.VALIDATORS ], | 55 | username: [ '', USER_USERNAME.VALIDATORS ], |
53 | email: [ '', USER_EMAIL.VALIDATORS ], | 56 | email: [ '', USER_EMAIL.VALIDATORS ], |
54 | password: [ '', USER_PASSWORD.VALIDATORS ], | 57 | password: [ '', USER_PASSWORD.VALIDATORS ], |
58 | role: [ UserRole.USER, USER_ROLE.VALIDATORS ], | ||
55 | videoQuota: [ '-1', USER_VIDEO_QUOTA.VALIDATORS ] | 59 | videoQuota: [ '-1', USER_VIDEO_QUOTA.VALIDATORS ] |
56 | }) | 60 | }) |
57 | 61 | ||
diff --git a/client/src/app/+admin/users/user-edit/user-edit.component.html b/client/src/app/+admin/users/user-edit/user-edit.component.html index 6988071ce..349be13c1 100644 --- a/client/src/app/+admin/users/user-edit/user-edit.component.html +++ b/client/src/app/+admin/users/user-edit/user-edit.component.html | |||
@@ -41,6 +41,19 @@ | |||
41 | </div> | 41 | </div> |
42 | 42 | ||
43 | <div class="form-group"> | 43 | <div class="form-group"> |
44 | <label for="role">Role</label> | ||
45 | <select class="form-control" id="role" formControlName="role"> | ||
46 | <option *ngFor="let role of roles" [value]="role.value"> | ||
47 | {{ role.label }} | ||
48 | </option> | ||
49 | </select> | ||
50 | |||
51 | <div *ngIf="formErrors.role" class="alert alert-danger"> | ||
52 | {{ formErrors.role }} | ||
53 | </div> | ||
54 | </div> | ||
55 | |||
56 | <div class="form-group"> | ||
44 | <label for="videoQuota">Video quota</label> | 57 | <label for="videoQuota">Video quota</label> |
45 | <select class="form-control" id="videoQuota" formControlName="videoQuota"> | 58 | <select class="form-control" id="videoQuota" formControlName="videoQuota"> |
46 | <option *ngFor="let videoQuotaOption of videoQuotaOptions" [value]="videoQuotaOption.value"> | 59 | <option *ngFor="let videoQuotaOption of videoQuotaOptions" [value]="videoQuotaOption.value"> |
diff --git a/client/src/app/+admin/users/user-edit/user-edit.ts b/client/src/app/+admin/users/user-edit/user-edit.ts index 76497c9b6..51d90da39 100644 --- a/client/src/app/+admin/users/user-edit/user-edit.ts +++ b/client/src/app/+admin/users/user-edit/user-edit.ts | |||
@@ -1,6 +1,6 @@ | |||
1 | import { ServerService } from '../../../core' | 1 | import { ServerService } from '../../../core' |
2 | import { FormReactive } from '../../../shared' | 2 | import { FormReactive } from '../../../shared' |
3 | import { VideoResolution } from '../../../../../../shared/models/videos/video-resolution.enum' | 3 | import { USER_ROLE_LABELS, VideoResolution } from '../../../../../../shared' |
4 | 4 | ||
5 | export abstract class UserEdit extends FormReactive { | 5 | export abstract class UserEdit extends FormReactive { |
6 | videoQuotaOptions = [ | 6 | videoQuotaOptions = [ |
@@ -14,6 +14,8 @@ export abstract class UserEdit extends FormReactive { | |||
14 | { value: 50 * 1024 * 1024 * 1024, label: '50GB' } | 14 | { value: 50 * 1024 * 1024 * 1024, label: '50GB' } |
15 | ] | 15 | ] |
16 | 16 | ||
17 | roles = Object.keys(USER_ROLE_LABELS).map(key => ({ value: key, label: USER_ROLE_LABELS[key] })) | ||
18 | |||
17 | protected abstract serverService: ServerService | 19 | protected abstract serverService: ServerService |
18 | abstract isCreation (): boolean | 20 | abstract isCreation (): boolean |
19 | abstract getFormButtonTitle (): string | 21 | abstract getFormButtonTitle (): string |
diff --git a/client/src/app/+admin/users/user-edit/user-update.component.ts b/client/src/app/+admin/users/user-edit/user-update.component.ts index bd901e655..bcba78a35 100644 --- a/client/src/app/+admin/users/user-edit/user-update.component.ts +++ b/client/src/app/+admin/users/user-edit/user-update.component.ts | |||
@@ -6,11 +6,15 @@ import { Subscription } from 'rxjs/Subscription' | |||
6 | import { NotificationsService } from 'angular2-notifications' | 6 | import { NotificationsService } from 'angular2-notifications' |
7 | 7 | ||
8 | import { UserService } from '../shared' | 8 | import { UserService } from '../shared' |
9 | import { USER_EMAIL, USER_VIDEO_QUOTA } from '../../../shared' | 9 | import { |
10 | USER_EMAIL, | ||
11 | USER_VIDEO_QUOTA, | ||
12 | USER_ROLE, | ||
13 | User | ||
14 | } from '../../../shared' | ||
10 | import { ServerService } from '../../../core' | 15 | import { ServerService } from '../../../core' |
11 | import { UserUpdate } from '../../../../../../shared/models/users/user-update.model' | ||
12 | import { User } from '../../../shared/users/user.model' | ||
13 | import { UserEdit } from './user-edit' | 16 | import { UserEdit } from './user-edit' |
17 | import { UserUpdate, UserRole } from '../../../../../../shared' | ||
14 | 18 | ||
15 | @Component({ | 19 | @Component({ |
16 | selector: 'my-user-update', | 20 | selector: 'my-user-update', |
@@ -25,10 +29,12 @@ export class UserUpdateComponent extends UserEdit implements OnInit, OnDestroy { | |||
25 | form: FormGroup | 29 | form: FormGroup |
26 | formErrors = { | 30 | formErrors = { |
27 | 'email': '', | 31 | 'email': '', |
32 | 'role': '', | ||
28 | 'videoQuota': '' | 33 | 'videoQuota': '' |
29 | } | 34 | } |
30 | validationMessages = { | 35 | validationMessages = { |
31 | 'email': USER_EMAIL.MESSAGES, | 36 | 'email': USER_EMAIL.MESSAGES, |
37 | 'role': USER_ROLE.MESSAGES, | ||
32 | 'videoQuota': USER_VIDEO_QUOTA.MESSAGES | 38 | 'videoQuota': USER_VIDEO_QUOTA.MESSAGES |
33 | } | 39 | } |
34 | 40 | ||
@@ -48,6 +54,7 @@ export class UserUpdateComponent extends UserEdit implements OnInit, OnDestroy { | |||
48 | buildForm () { | 54 | buildForm () { |
49 | this.form = this.formBuilder.group({ | 55 | this.form = this.formBuilder.group({ |
50 | email: [ '', USER_EMAIL.VALIDATORS ], | 56 | email: [ '', USER_EMAIL.VALIDATORS ], |
57 | role: [ '', USER_ROLE.VALIDATORS ], | ||
51 | videoQuota: [ '-1', USER_VIDEO_QUOTA.VALIDATORS ] | 58 | videoQuota: [ '-1', USER_VIDEO_QUOTA.VALIDATORS ] |
52 | }) | 59 | }) |
53 | 60 | ||
@@ -103,6 +110,7 @@ export class UserUpdateComponent extends UserEdit implements OnInit, OnDestroy { | |||
103 | 110 | ||
104 | this.form.patchValue({ | 111 | this.form.patchValue({ |
105 | email: userJson.email, | 112 | email: userJson.email, |
113 | role: userJson.role, | ||
106 | videoQuota: userJson.videoQuota | 114 | videoQuota: userJson.videoQuota |
107 | }) | 115 | }) |
108 | } | 116 | } |
diff --git a/client/src/app/+admin/users/user-list/user-list.component.html b/client/src/app/+admin/users/user-list/user-list.component.html index 2944e3cbf..16a8a8033 100644 --- a/client/src/app/+admin/users/user-list/user-list.component.html +++ b/client/src/app/+admin/users/user-list/user-list.component.html | |||
@@ -11,7 +11,7 @@ | |||
11 | <p-column field="username" header="Username" [sortable]="true"></p-column> | 11 | <p-column field="username" header="Username" [sortable]="true"></p-column> |
12 | <p-column field="email" header="Email"></p-column> | 12 | <p-column field="email" header="Email"></p-column> |
13 | <p-column field="videoQuota" header="Video quota"></p-column> | 13 | <p-column field="videoQuota" header="Video quota"></p-column> |
14 | <p-column field="role" header="Role"></p-column> | 14 | <p-column field="roleLabel" header="Role"></p-column> |
15 | <p-column field="createdAt" header="Created date" [sortable]="true"></p-column> | 15 | <p-column field="createdAt" header="Created date" [sortable]="true"></p-column> |
16 | <p-column header="Edit" styleClass="action-cell"> | 16 | <p-column header="Edit" styleClass="action-cell"> |
17 | <ng-template pTemplate="body" let-user="rowData"> | 17 | <ng-template pTemplate="body" let-user="rowData"> |
diff --git a/client/src/app/+admin/users/users.routes.ts b/client/src/app/+admin/users/users.routes.ts index a6a9c4c19..3718dfd5c 100644 --- a/client/src/app/+admin/users/users.routes.ts +++ b/client/src/app/+admin/users/users.routes.ts | |||
@@ -1,5 +1,7 @@ | |||
1 | import { Routes } from '@angular/router' | 1 | import { Routes } from '@angular/router' |
2 | 2 | ||
3 | import { UserRightGuard } from '../../core' | ||
4 | import { UserRight } from '../../../../../shared' | ||
3 | import { UsersComponent } from './users.component' | 5 | import { UsersComponent } from './users.component' |
4 | import { UserAddComponent, UserUpdateComponent } from './user-edit' | 6 | import { UserAddComponent, UserUpdateComponent } from './user-edit' |
5 | import { UserListComponent } from './user-list' | 7 | import { UserListComponent } from './user-list' |
@@ -8,6 +10,10 @@ export const UsersRoutes: Routes = [ | |||
8 | { | 10 | { |
9 | path: 'users', | 11 | path: 'users', |
10 | component: UsersComponent, | 12 | component: UsersComponent, |
13 | canActivate: [ UserRightGuard ], | ||
14 | data: { | ||
15 | userRight: UserRight.MANAGE_USERS | ||
16 | }, | ||
11 | children: [ | 17 | children: [ |
12 | { | 18 | { |
13 | path: '', | 19 | path: '', |
diff --git a/client/src/app/+admin/video-abuses/video-abuses.routes.ts b/client/src/app/+admin/video-abuses/video-abuses.routes.ts index a8c1561cd..68b756059 100644 --- a/client/src/app/+admin/video-abuses/video-abuses.routes.ts +++ b/client/src/app/+admin/video-abuses/video-abuses.routes.ts | |||
@@ -1,13 +1,18 @@ | |||
1 | import { Routes } from '@angular/router' | 1 | import { Routes } from '@angular/router' |
2 | 2 | ||
3 | import { UserRightGuard } from '../../core' | ||
4 | import { UserRight } from '../../../../../shared' | ||
3 | import { VideoAbusesComponent } from './video-abuses.component' | 5 | import { VideoAbusesComponent } from './video-abuses.component' |
4 | import { VideoAbuseListComponent } from './video-abuse-list' | 6 | import { VideoAbuseListComponent } from './video-abuse-list' |
5 | 7 | ||
6 | export const VideoAbusesRoutes: Routes = [ | 8 | export const VideoAbusesRoutes: Routes = [ |
7 | { | 9 | { |
8 | path: 'video-abuses', | 10 | path: 'video-abuses', |
9 | component: VideoAbusesComponent | 11 | component: VideoAbusesComponent, |
10 | , | 12 | canActivate: [ UserRightGuard ], |
13 | data: { | ||
14 | userRight: UserRight.MANAGE_VIDEO_ABUSES | ||
15 | }, | ||
11 | children: [ | 16 | children: [ |
12 | { | 17 | { |
13 | path: '', | 18 | path: '', |
diff --git a/client/src/app/+admin/video-blacklist/video-blacklist.routes.ts b/client/src/app/+admin/video-blacklist/video-blacklist.routes.ts index 682b6f8bd..b1e0e5049 100644 --- a/client/src/app/+admin/video-blacklist/video-blacklist.routes.ts +++ b/client/src/app/+admin/video-blacklist/video-blacklist.routes.ts | |||
@@ -1,5 +1,7 @@ | |||
1 | import { Routes } from '@angular/router' | 1 | import { Routes } from '@angular/router' |
2 | 2 | ||
3 | import { UserRightGuard } from '../../core' | ||
4 | import { UserRight } from '../../../../../shared' | ||
3 | import { VideoBlacklistComponent } from './video-blacklist.component' | 5 | import { VideoBlacklistComponent } from './video-blacklist.component' |
4 | import { VideoBlacklistListComponent } from './video-blacklist-list' | 6 | import { VideoBlacklistListComponent } from './video-blacklist-list' |
5 | 7 | ||
@@ -7,6 +9,10 @@ export const VideoBlacklistRoutes: Routes = [ | |||
7 | { | 9 | { |
8 | path: 'video-blacklist', | 10 | path: 'video-blacklist', |
9 | component: VideoBlacklistComponent, | 11 | component: VideoBlacklistComponent, |
12 | canActivate: [ UserRightGuard ], | ||
13 | data: { | ||
14 | userRight: UserRight.MANAGE_VIDEO_BLACKLIST | ||
15 | }, | ||
10 | children: [ | 16 | children: [ |
11 | { | 17 | { |
12 | path: '', | 18 | path: '', |
diff --git a/client/src/app/core/auth/auth-user.model.ts b/client/src/app/core/auth/auth-user.model.ts index 81bff99a0..085b763ec 100644 --- a/client/src/app/core/auth/auth-user.model.ts +++ b/client/src/app/core/auth/auth-user.model.ts | |||
@@ -1,6 +1,7 @@ | |||
1 | // Do not use the barrel (dependency loop) | 1 | // Do not use the barrel (dependency loop) |
2 | import { UserRole } from '../../../../../shared/models/users/user-role.type' | 2 | import { hasUserRight, UserRole } from '../../../../../shared/models/users/user-role' |
3 | import { User, UserConstructorHash } from '../../shared/users/user.model' | 3 | import { User, UserConstructorHash } from '../../shared/users/user.model' |
4 | import { UserRight } from '../../../../../shared/models/users/user-right.enum' | ||
4 | 5 | ||
5 | export type TokenOptions = { | 6 | export type TokenOptions = { |
6 | accessToken: string | 7 | accessToken: string |
@@ -81,7 +82,7 @@ export class AuthUser extends User { | |||
81 | id: parseInt(localStorage.getItem(this.KEYS.ID), 10), | 82 | id: parseInt(localStorage.getItem(this.KEYS.ID), 10), |
82 | username: localStorage.getItem(this.KEYS.USERNAME), | 83 | username: localStorage.getItem(this.KEYS.USERNAME), |
83 | email: localStorage.getItem(this.KEYS.EMAIL), | 84 | email: localStorage.getItem(this.KEYS.EMAIL), |
84 | role: localStorage.getItem(this.KEYS.ROLE) as UserRole, | 85 | role: parseInt(localStorage.getItem(this.KEYS.ROLE), 10) as UserRole, |
85 | displayNSFW: localStorage.getItem(this.KEYS.DISPLAY_NSFW) === 'true' | 86 | displayNSFW: localStorage.getItem(this.KEYS.DISPLAY_NSFW) === 'true' |
86 | }, | 87 | }, |
87 | Tokens.load() | 88 | Tokens.load() |
@@ -122,11 +123,15 @@ export class AuthUser extends User { | |||
122 | this.tokens.refreshToken = refreshToken | 123 | this.tokens.refreshToken = refreshToken |
123 | } | 124 | } |
124 | 125 | ||
126 | hasRight(right: UserRight) { | ||
127 | return hasUserRight(this.role, right) | ||
128 | } | ||
129 | |||
125 | save () { | 130 | save () { |
126 | localStorage.setItem(AuthUser.KEYS.ID, this.id.toString()) | 131 | localStorage.setItem(AuthUser.KEYS.ID, this.id.toString()) |
127 | localStorage.setItem(AuthUser.KEYS.USERNAME, this.username) | 132 | localStorage.setItem(AuthUser.KEYS.USERNAME, this.username) |
128 | localStorage.setItem(AuthUser.KEYS.EMAIL, this.email) | 133 | localStorage.setItem(AuthUser.KEYS.EMAIL, this.email) |
129 | localStorage.setItem(AuthUser.KEYS.ROLE, this.role) | 134 | localStorage.setItem(AuthUser.KEYS.ROLE, this.role.toString()) |
130 | localStorage.setItem(AuthUser.KEYS.DISPLAY_NSFW, JSON.stringify(this.displayNSFW)) | 135 | localStorage.setItem(AuthUser.KEYS.DISPLAY_NSFW, JSON.stringify(this.displayNSFW)) |
131 | this.tokens.save() | 136 | this.tokens.save() |
132 | } | 137 | } |
diff --git a/client/src/app/core/auth/auth.service.ts b/client/src/app/core/auth/auth.service.ts index 9ac9ba7bb..df6e5135b 100644 --- a/client/src/app/core/auth/auth.service.ts +++ b/client/src/app/core/auth/auth.service.ts | |||
@@ -21,7 +21,7 @@ import { | |||
21 | // Do not use the barrel (dependency loop) | 21 | // Do not use the barrel (dependency loop) |
22 | import { RestExtractor } from '../../shared/rest' | 22 | import { RestExtractor } from '../../shared/rest' |
23 | import { UserLogin } from '../../../../../shared/models/users/user-login.model' | 23 | import { UserLogin } from '../../../../../shared/models/users/user-login.model' |
24 | import { User, UserConstructorHash } from '../../shared/users/user.model' | 24 | import { UserConstructorHash } from '../../shared/users/user.model' |
25 | 25 | ||
26 | interface UserLoginWithUsername extends UserLogin { | 26 | interface UserLoginWithUsername extends UserLogin { |
27 | access_token: string | 27 | access_token: string |
@@ -126,12 +126,6 @@ export class AuthService { | |||
126 | return this.user | 126 | return this.user |
127 | } | 127 | } |
128 | 128 | ||
129 | isAdmin () { | ||
130 | if (this.user === null) return false | ||
131 | |||
132 | return this.user.isAdmin() | ||
133 | } | ||
134 | |||
135 | isLoggedIn () { | 129 | isLoggedIn () { |
136 | return !!this.getAccessToken() | 130 | return !!this.getAccessToken() |
137 | } | 131 | } |
diff --git a/client/src/app/core/auth/index.ts b/client/src/app/core/auth/index.ts index a81f2c002..bc7bfec0e 100644 --- a/client/src/app/core/auth/index.ts +++ b/client/src/app/core/auth/index.ts | |||
@@ -1,4 +1,4 @@ | |||
1 | export * from './auth-status.model' | 1 | export * from './auth-status.model' |
2 | export * from './auth-user.model' | 2 | export * from './auth-user.model' |
3 | export * from './auth.service' | 3 | export * from './auth.service' |
4 | export * from './login-guard.service' | 4 | export * from '../routing/login-guard.service' |
diff --git a/client/src/app/core/core.module.ts b/client/src/app/core/core.module.ts index 163a6bbde..90e2cb190 100644 --- a/client/src/app/core/core.module.ts +++ b/client/src/app/core/core.module.ts | |||
@@ -7,7 +7,8 @@ import { BrowserAnimationsModule } from '@angular/platform-browser/animations' | |||
7 | import { SimpleNotificationsModule } from 'angular2-notifications' | 7 | import { SimpleNotificationsModule } from 'angular2-notifications' |
8 | import { ModalModule } from 'ngx-bootstrap/modal' | 8 | import { ModalModule } from 'ngx-bootstrap/modal' |
9 | 9 | ||
10 | import { AuthService, LoginGuard } from './auth' | 10 | import { AuthService } from './auth' |
11 | import { LoginGuard, UserRightGuard } from './routing' | ||
11 | import { ServerService } from './server' | 12 | import { ServerService } from './server' |
12 | import { ConfirmComponent, ConfirmService } from './confirm' | 13 | import { ConfirmComponent, ConfirmService } from './confirm' |
13 | import { MenuComponent, MenuAdminComponent } from './menu' | 14 | import { MenuComponent, MenuAdminComponent } from './menu' |
@@ -42,7 +43,8 @@ import { throwIfAlreadyLoaded } from './module-import-guard' | |||
42 | AuthService, | 43 | AuthService, |
43 | ConfirmService, | 44 | ConfirmService, |
44 | ServerService, | 45 | ServerService, |
45 | LoginGuard | 46 | LoginGuard, |
47 | UserRightGuard | ||
46 | ] | 48 | ] |
47 | }) | 49 | }) |
48 | export class CoreModule { | 50 | export class CoreModule { |
diff --git a/client/src/app/core/menu/menu-admin.component.html b/client/src/app/core/menu/menu-admin.component.html index edacdee6d..c2b2958b4 100644 --- a/client/src/app/core/menu/menu-admin.component.html +++ b/client/src/app/core/menu/menu-admin.component.html | |||
@@ -1,26 +1,26 @@ | |||
1 | <menu> | 1 | <menu> |
2 | <div class="panel-block"> | 2 | <div class="panel-block"> |
3 | <a routerLink="/admin/users/list" routerLinkActive="active"> | 3 | <a *ngIf="hasUsersRight()" routerLink="/admin/users" routerLinkActive="active"> |
4 | <span class="hidden-xs glyphicon glyphicon-user"></span> | 4 | <span class="hidden-xs glyphicon glyphicon-user"></span> |
5 | List users | 5 | List users |
6 | </a> | 6 | </a> |
7 | 7 | ||
8 | <a routerLink="/admin/friends/list" routerLinkActive="active"> | 8 | <a *ngIf="hasFriendsRight()" routerLink="/admin/friends" routerLinkActive="active"> |
9 | <span class="hidden-xs glyphicon glyphicon-cloud"></span> | 9 | <span class="hidden-xs glyphicon glyphicon-cloud"></span> |
10 | List friends | 10 | List friends |
11 | </a> | 11 | </a> |
12 | 12 | ||
13 | <a routerLink="/admin/requests/stats" routerLinkActive="active"> | 13 | <a *ngIf="hasRequestsStatRight()" routerLink="/admin/requests/stats" routerLinkActive="active"> |
14 | <span class="hidden-xs glyphicon glyphicon-stats"></span> | 14 | <span class="hidden-xs glyphicon glyphicon-stats"></span> |
15 | Request stats | 15 | Request stats |
16 | </a> | 16 | </a> |
17 | 17 | ||
18 | <a routerLink="/admin/video-abuses/list" routerLinkActive="active"> | 18 | <a *ngIf="hasVideoAbusesRight()" routerLink="/admin/video-abuses" routerLinkActive="active"> |
19 | <span class="hidden-xs glyphicon glyphicon-alert"></span> | 19 | <span class="hidden-xs glyphicon glyphicon-alert"></span> |
20 | Video abuses | 20 | Video abuses |
21 | </a> | 21 | </a> |
22 | 22 | ||
23 | <a routerLink="/admin/video-blacklist/list" routerLinkActive="active"> | 23 | <a *ngIf="hasVideoBlacklistRight()" routerLink="/admin/video-blacklist" routerLinkActive="active"> |
24 | <span class="hidden-xs glyphicon glyphicon-eye-close"></span> | 24 | <span class="hidden-xs glyphicon glyphicon-eye-close"></span> |
25 | Video blacklist | 25 | Video blacklist |
26 | </a> | 26 | </a> |
diff --git a/client/src/app/core/menu/menu-admin.component.ts b/client/src/app/core/menu/menu-admin.component.ts index f6cc6554c..074f1dbaf 100644 --- a/client/src/app/core/menu/menu-admin.component.ts +++ b/client/src/app/core/menu/menu-admin.component.ts | |||
@@ -1,8 +1,33 @@ | |||
1 | import { Component } from '@angular/core' | 1 | import { Component } from '@angular/core' |
2 | 2 | ||
3 | import { AuthService } from '../auth/auth.service' | ||
4 | import { UserRight } from '../../../../../shared' | ||
5 | |||
3 | @Component({ | 6 | @Component({ |
4 | selector: 'my-menu-admin', | 7 | selector: 'my-menu-admin', |
5 | templateUrl: './menu-admin.component.html', | 8 | templateUrl: './menu-admin.component.html', |
6 | styleUrls: [ './menu.component.scss' ] | 9 | styleUrls: [ './menu.component.scss' ] |
7 | }) | 10 | }) |
8 | export class MenuAdminComponent { } | 11 | export class MenuAdminComponent { |
12 | constructor (private auth: AuthService) {} | ||
13 | |||
14 | hasUsersRight () { | ||
15 | return this.auth.getUser().hasRight(UserRight.MANAGE_USERS) | ||
16 | } | ||
17 | |||
18 | hasFriendsRight () { | ||
19 | return this.auth.getUser().hasRight(UserRight.MANAGE_PODS) | ||
20 | } | ||
21 | |||
22 | hasRequestsStatRight () { | ||
23 | return this.auth.getUser().hasRight(UserRight.MANAGE_REQUEST_SCHEDULERS) | ||
24 | } | ||
25 | |||
26 | hasVideoAbusesRight () { | ||
27 | return this.auth.getUser().hasRight(UserRight.MANAGE_VIDEO_ABUSES) | ||
28 | } | ||
29 | |||
30 | hasVideoBlacklistRight () { | ||
31 | return this.auth.getUser().hasRight(UserRight.MANAGE_VIDEO_BLACKLIST) | ||
32 | } | ||
33 | } | ||
diff --git a/client/src/app/core/menu/menu.component.html b/client/src/app/core/menu/menu.component.html index ca341a0fd..2d8aace54 100644 --- a/client/src/app/core/menu/menu.component.html +++ b/client/src/app/core/menu/menu.component.html | |||
@@ -39,10 +39,10 @@ | |||
39 | </a> | 39 | </a> |
40 | </div> | 40 | </div> |
41 | 41 | ||
42 | <div *ngIf="isUserAdmin()" class="panel-block"> | 42 | <div *ngIf="userHasAdminAccess" class="panel-block"> |
43 | <div class="block-title">Other</div> | 43 | <div class="block-title">Other</div> |
44 | 44 | ||
45 | <a routerLink="/admin" routerLinkActive="active"> | 45 | <a [routerLink]="getFirstAdminRouteAvailable()" routerLinkActive="active"> |
46 | <span class="hidden-xs glyphicon glyphicon-cog"></span> | 46 | <span class="hidden-xs glyphicon glyphicon-cog"></span> |
47 | Administration | 47 | Administration |
48 | </a> | 48 | </a> |
diff --git a/client/src/app/core/menu/menu.component.ts b/client/src/app/core/menu/menu.component.ts index 8f15d8838..c66a5eccc 100644 --- a/client/src/app/core/menu/menu.component.ts +++ b/client/src/app/core/menu/menu.component.ts | |||
@@ -3,6 +3,7 @@ import { Router } from '@angular/router' | |||
3 | 3 | ||
4 | import { AuthService, AuthStatus } from '../auth' | 4 | import { AuthService, AuthStatus } from '../auth' |
5 | import { ServerService } from '../server' | 5 | import { ServerService } from '../server' |
6 | import { UserRight } from '../../../../../shared/models/users/user-right.enum' | ||
6 | 7 | ||
7 | @Component({ | 8 | @Component({ |
8 | selector: 'my-menu', | 9 | selector: 'my-menu', |
@@ -11,6 +12,15 @@ import { ServerService } from '../server' | |||
11 | }) | 12 | }) |
12 | export class MenuComponent implements OnInit { | 13 | export class MenuComponent implements OnInit { |
13 | isLoggedIn: boolean | 14 | isLoggedIn: boolean |
15 | userHasAdminAccess = false | ||
16 | |||
17 | private routesPerRight = { | ||
18 | [UserRight.MANAGE_USERS]: '/admin/users', | ||
19 | [UserRight.MANAGE_PODS]: '/admin/friends', | ||
20 | [UserRight.MANAGE_REQUEST_SCHEDULERS]: '/admin/requests/stats', | ||
21 | [UserRight.MANAGE_VIDEO_ABUSES]: '/admin/video-abuses', | ||
22 | [UserRight.MANAGE_VIDEO_BLACKLIST]: '/admin/video-blacklist' | ||
23 | } | ||
14 | 24 | ||
15 | constructor ( | 25 | constructor ( |
16 | private authService: AuthService, | 26 | private authService: AuthService, |
@@ -20,14 +30,17 @@ export class MenuComponent implements OnInit { | |||
20 | 30 | ||
21 | ngOnInit () { | 31 | ngOnInit () { |
22 | this.isLoggedIn = this.authService.isLoggedIn() | 32 | this.isLoggedIn = this.authService.isLoggedIn() |
33 | this.computeIsUserHasAdminAccess() | ||
23 | 34 | ||
24 | this.authService.loginChangedSource.subscribe( | 35 | this.authService.loginChangedSource.subscribe( |
25 | status => { | 36 | status => { |
26 | if (status === AuthStatus.LoggedIn) { | 37 | if (status === AuthStatus.LoggedIn) { |
27 | this.isLoggedIn = true | 38 | this.isLoggedIn = true |
39 | this.computeIsUserHasAdminAccess() | ||
28 | console.log('Logged in.') | 40 | console.log('Logged in.') |
29 | } else if (status === AuthStatus.LoggedOut) { | 41 | } else if (status === AuthStatus.LoggedOut) { |
30 | this.isLoggedIn = false | 42 | this.isLoggedIn = false |
43 | this.computeIsUserHasAdminAccess() | ||
31 | console.log('Logged out.') | 44 | console.log('Logged out.') |
32 | } else { | 45 | } else { |
33 | console.error('Unknown auth status: ' + status) | 46 | console.error('Unknown auth status: ' + status) |
@@ -40,8 +53,31 @@ export class MenuComponent implements OnInit { | |||
40 | return this.serverService.getConfig().signup.allowed | 53 | return this.serverService.getConfig().signup.allowed |
41 | } | 54 | } |
42 | 55 | ||
43 | isUserAdmin () { | 56 | getFirstAdminRightAvailable () { |
44 | return this.authService.isAdmin() | 57 | const user = this.authService.getUser() |
58 | if (!user) return undefined | ||
59 | |||
60 | const adminRights = [ | ||
61 | UserRight.MANAGE_USERS, | ||
62 | UserRight.MANAGE_PODS, | ||
63 | UserRight.MANAGE_REQUEST_SCHEDULERS, | ||
64 | UserRight.MANAGE_VIDEO_ABUSES, | ||
65 | UserRight.MANAGE_VIDEO_BLACKLIST | ||
66 | ] | ||
67 | |||
68 | for (const adminRight of adminRights) { | ||
69 | if (user.hasRight(adminRight)) { | ||
70 | return adminRight | ||
71 | } | ||
72 | } | ||
73 | |||
74 | return undefined | ||
75 | } | ||
76 | |||
77 | getFirstAdminRouteAvailable () { | ||
78 | const right = this.getFirstAdminRightAvailable() | ||
79 | |||
80 | return this.routesPerRight[right] | ||
45 | } | 81 | } |
46 | 82 | ||
47 | logout () { | 83 | logout () { |
@@ -49,4 +85,10 @@ export class MenuComponent implements OnInit { | |||
49 | // Redirect to home page | 85 | // Redirect to home page |
50 | this.router.navigate(['/videos/list']) | 86 | this.router.navigate(['/videos/list']) |
51 | } | 87 | } |
88 | |||
89 | private computeIsUserHasAdminAccess () { | ||
90 | const right = this.getFirstAdminRightAvailable() | ||
91 | |||
92 | this.userHasAdminAccess = right !== undefined | ||
93 | } | ||
52 | } | 94 | } |
diff --git a/client/src/app/core/routing/index.ts b/client/src/app/core/routing/index.ts index 17f3ee833..d1b982834 100644 --- a/client/src/app/core/routing/index.ts +++ b/client/src/app/core/routing/index.ts | |||
@@ -1 +1,3 @@ | |||
1 | export * from './login-guard.service' | ||
2 | export * from './user-right-guard.service' | ||
1 | export * from './preload-selected-modules-list' | 3 | export * from './preload-selected-modules-list' |
diff --git a/client/src/app/core/auth/login-guard.service.ts b/client/src/app/core/routing/login-guard.service.ts index c09e8fe97..18bc41ca6 100644 --- a/client/src/app/core/auth/login-guard.service.ts +++ b/client/src/app/core/routing/login-guard.service.ts | |||
@@ -7,7 +7,7 @@ import { | |||
7 | Router | 7 | Router |
8 | } from '@angular/router' | 8 | } from '@angular/router' |
9 | 9 | ||
10 | import { AuthService } from './auth.service' | 10 | import { AuthService } from '../auth/auth.service' |
11 | 11 | ||
12 | @Injectable() | 12 | @Injectable() |
13 | export class LoginGuard implements CanActivate, CanActivateChild { | 13 | export class LoginGuard implements CanActivate, CanActivateChild { |
diff --git a/client/src/app/+admin/admin-guard.service.ts b/client/src/app/core/routing/user-right-guard.service.ts index 429dc032d..65d029977 100644 --- a/client/src/app/+admin/admin-guard.service.ts +++ b/client/src/app/core/routing/user-right-guard.service.ts | |||
@@ -7,10 +7,10 @@ import { | |||
7 | Router | 7 | Router |
8 | } from '@angular/router' | 8 | } from '@angular/router' |
9 | 9 | ||
10 | import { AuthService } from '../core' | 10 | import { AuthService } from '../auth' |
11 | 11 | ||
12 | @Injectable() | 12 | @Injectable() |
13 | export class AdminGuard implements CanActivate, CanActivateChild { | 13 | export class UserRightGuard implements CanActivate, CanActivateChild { |
14 | 14 | ||
15 | constructor ( | 15 | constructor ( |
16 | private router: Router, | 16 | private router: Router, |
@@ -18,7 +18,12 @@ export class AdminGuard implements CanActivate, CanActivateChild { | |||
18 | ) {} | 18 | ) {} |
19 | 19 | ||
20 | canActivate (route: ActivatedRouteSnapshot, state: RouterStateSnapshot) { | 20 | canActivate (route: ActivatedRouteSnapshot, state: RouterStateSnapshot) { |
21 | if (this.auth.isAdmin() === true) return true | 21 | const user = this.auth.getUser() |
22 | if (user) { | ||
23 | const neededUserRight = route.data.userRight | ||
24 | |||
25 | if (user.hasRight(neededUserRight)) return true | ||
26 | } | ||
22 | 27 | ||
23 | this.router.navigate([ '/login' ]) | 28 | this.router.navigate([ '/login' ]) |
24 | return false | 29 | return false |
diff --git a/client/src/app/shared/forms/form-validators/user.ts b/client/src/app/shared/forms/form-validators/user.ts index d4c4c1d33..e7473b75b 100644 --- a/client/src/app/shared/forms/form-validators/user.ts +++ b/client/src/app/shared/forms/form-validators/user.ts | |||
@@ -29,3 +29,9 @@ export const USER_VIDEO_QUOTA = { | |||
29 | 'min': 'Quota must be greater than -1.' | 29 | 'min': 'Quota must be greater than -1.' |
30 | } | 30 | } |
31 | } | 31 | } |
32 | export const USER_ROLE = { | ||
33 | VALIDATORS: [ Validators.required ], | ||
34 | MESSAGES: { | ||
35 | 'required': 'User role is required.', | ||
36 | } | ||
37 | } | ||
diff --git a/client/src/app/shared/users/user.model.ts b/client/src/app/shared/users/user.model.ts index 7beea5910..d738899ab 100644 --- a/client/src/app/shared/users/user.model.ts +++ b/client/src/app/shared/users/user.model.ts | |||
@@ -1,7 +1,9 @@ | |||
1 | import { | 1 | import { |
2 | User as UserServerModel, | 2 | User as UserServerModel, |
3 | UserRole, | 3 | UserRole, |
4 | VideoChannel | 4 | VideoChannel, |
5 | UserRight, | ||
6 | hasUserRight | ||
5 | } from '../../../../../shared' | 7 | } from '../../../../../shared' |
6 | 8 | ||
7 | export type UserConstructorHash = { | 9 | export type UserConstructorHash = { |
@@ -56,7 +58,7 @@ export class User implements UserServerModel { | |||
56 | } | 58 | } |
57 | } | 59 | } |
58 | 60 | ||
59 | isAdmin () { | 61 | hasRight (right: UserRight) { |
60 | return this.role === 'admin' | 62 | return hasUserRight(this.role, right) |
61 | } | 63 | } |
62 | } | 64 | } |
diff --git a/client/src/app/videos/shared/video-details.model.ts b/client/src/app/videos/shared/video-details.model.ts index e99a5ce2e..3a6ecc480 100644 --- a/client/src/app/videos/shared/video-details.model.ts +++ b/client/src/app/videos/shared/video-details.model.ts | |||
@@ -1,9 +1,11 @@ | |||
1 | import { Video } from './video.model' | 1 | import { Video } from './video.model' |
2 | import { AuthUser } from '../../core' | ||
2 | import { | 3 | import { |
3 | VideoDetails as VideoDetailsServerModel, | 4 | VideoDetails as VideoDetailsServerModel, |
4 | VideoFile, | 5 | VideoFile, |
5 | VideoChannel, | 6 | VideoChannel, |
6 | VideoResolution | 7 | VideoResolution, |
8 | UserRight | ||
7 | } from '../../../../../shared' | 9 | } from '../../../../../shared' |
8 | 10 | ||
9 | export class VideoDetails extends Video implements VideoDetailsServerModel { | 11 | export class VideoDetails extends Video implements VideoDetailsServerModel { |
@@ -61,15 +63,15 @@ export class VideoDetails extends Video implements VideoDetailsServerModel { | |||
61 | return betterResolutionFile.magnetUri | 63 | return betterResolutionFile.magnetUri |
62 | } | 64 | } |
63 | 65 | ||
64 | isRemovableBy (user) { | 66 | isRemovableBy (user: AuthUser) { |
65 | return user && this.isLocal === true && (this.author === user.username || user.isAdmin() === true) | 67 | return user && this.isLocal === true && (this.author === user.username || user.hasRight(UserRight.REMOVE_ANY_VIDEO)) |
66 | } | 68 | } |
67 | 69 | ||
68 | isBlackistableBy (user) { | 70 | isBlackistableBy (user: AuthUser) { |
69 | return user && user.isAdmin() === true && this.isLocal === false | 71 | return user && user.hasRight(UserRight.MANAGE_VIDEO_BLACKLIST) === true && this.isLocal === false |
70 | } | 72 | } |
71 | 73 | ||
72 | isUpdatableBy (user) { | 74 | isUpdatableBy (user: AuthUser) { |
73 | return user && this.isLocal === true && user.username === this.author | 75 | return user && this.isLocal === true && user.username === this.author |
74 | } | 76 | } |
75 | } | 77 | } |
diff --git a/client/src/app/videos/video-list/video-list.component.ts b/client/src/app/videos/video-list/video-list.component.ts index 35a7b6521..bf6f60215 100644 --- a/client/src/app/videos/video-list/video-list.component.ts +++ b/client/src/app/videos/video-list/video-list.component.ts | |||
@@ -12,7 +12,7 @@ import { | |||
12 | VideoService, | 12 | VideoService, |
13 | VideoPagination | 13 | VideoPagination |
14 | } from '../shared' | 14 | } from '../shared' |
15 | import { Search, SearchField, SearchService, User} from '../../shared' | 15 | import { Search, SearchField, SearchService, User } from '../../shared' |
16 | 16 | ||
17 | @Component({ | 17 | @Component({ |
18 | selector: 'my-videos-list', | 18 | selector: 'my-videos-list', |