Allow regular users to change their info, including password.

Should fix #199
2025-06-03 17:11:08 +03:00 · 2021-04-28 22:35:25 -04:00 · 2021-04-28 22:35:25 -04:00 · a35de2bfd1
commit a35de2bfd1
parent 22582392a0
9 changed files with 77 additions and 25 deletions
--- a/core/auth/auth.go
+++ b/core/auth/auth.go
@ -37,6 +37,7 @@ func CreateToken(u *model.User) (string, error) {
 	claims := token.Claims.(jwt.MapClaims)
 	claims["iss"] = consts.JWTIssuer
 	claims["sub"] = u.UserName
 	claims["uid"] = u.ID
 	claims["adm"] = u.IsAdmin
 	return TouchToken(token)
--- a/persistence/user_repository.go
+++ b/persistence/user_repository.go
@ -144,6 +144,10 @@ func (r *userRepository) Update(entity interface{}, cols ...string) error {
 	if !usr.IsAdmin && usr.ID != u.ID {
 		return rest.ErrPermissionDenied
 	}
 	if !usr.IsAdmin {
 		u.IsAdmin = false
 		u.UserName = usr.UserName
 	}
 	err := r.Put(u)
 	if err == model.ErrNotFound {
 		return rest.ErrNotFound
@ -153,7 +157,7 @@ func (r *userRepository) Update(entity interface{}, cols ...string) error {
 func (r *userRepository) Delete(id string) error {
 	usr := loggedUser(r.ctx)
-	if !usr.IsAdmin && usr.ID != id {
+	if !usr.IsAdmin {
 		return rest.ErrPermissionDenied
 	}
 	err := r.delete(Eq{"id": id})
--- a/resources/i18n/pt.json
+++ b/resources/i18n/pt.json
@ -87,6 +87,9 @@
                "name": "Nome",
                "password": "Senha",
                "createdAt": "Data de Criação"
            },
            "helperTexts": {
                "name": "Alterações no seu nome só serão refletidas no próximo login"
            }
        },
        "player": {
--- a/server/app/auth.go
+++ b/server/app/auth.go
@ -60,6 +60,7 @@ func handleLogin(ds model.DataStore, username string, password string, w http.Re
 	payload := map[string]interface{}{
 		"message":  "User '" + username + "' authenticated successfully",
 		"token":    tokenString,
 		"id":       user.ID,
 		"name":     user.Name,
 		"username": username,
 		"isAdmin":  user.IsAdmin,
--- a/ui/src/App.js
+++ b/ui/src/App.js
@ -93,9 +93,7 @@ const Admin = (props) => {
          {...playlist}
          options={{ subMenu: 'library' }}
        />,
-        permissions === 'admin' ? (
+        <Resource name="user" {...user} options={{ subMenu: 'settings' }} />,
          <Resource name="user" {...user} options={{ subMenu: 'settings' }} />
        ) : null,
        <Resource
          name="player"
          {...player}
--- a/ui/src/authProvider.js
+++ b/ui/src/authProvider.js
@ -26,7 +26,9 @@ const authProvider = {
      .then((response) => {
        // Validate token
        jwtDecode(response.token)
        // TODO Store all items in one object
        localStorage.setItem('token', response.token)
        localStorage.setItem('userId', response.id)
        localStorage.setItem('name', response.name)
        localStorage.setItem('username', response.username)
        response.avatar && localStorage.setItem('avatar', response.avatar)
@ -94,6 +96,7 @@ const authProvider = {
 const removeItems = () => {
  localStorage.removeItem('token')
  localStorage.removeItem('userId')
  localStorage.removeItem('name')
  localStorage.removeItem('username')
  localStorage.removeItem('avatar')
--- a/ui/src/i18n/en.json
+++ b/ui/src/i18n/en.json
@ -87,6 +87,9 @@
        "name": "Name",
        "password": "Password",
        "createdAt": "Created at"
      },
      "helperTexts": {
        "name": "Changes to your name will only be reflected on next login"
      }
    },
    "player": {
--- a/ui/src/layout/AppBar.js
+++ b/ui/src/layout/AppBar.js
@ -58,6 +58,7 @@ const AboutMenuItem = forwardRef(({ onClick, ...rest }, ref) => {
 })
 const settingsResources = (resource) =>
  resource.name !== 'user' &&
  resource.hasList &&
  resource.options &&
  resource.options.subMenu === 'settings'
@ -68,16 +69,31 @@ const CustomUserMenu = ({ onClick, ...rest }) => {
  const classes = useStyles(rest)
  const { permissions } = usePermissions()
-  const renderSettingsMenuItemLink = (resource) => {
+  const resourceDefinition = (resourceName) =>
    resources.find((r) => r?.name === resourceName)
  const renderUserMenuItemLink = () => {
    const userResource = resourceDefinition('user')
    if (!userResource) {
      return null
    }
    return renderSettingsMenuItemLink(
      userResource,
      permissions !== 'admin' ? localStorage.getItem('userId') : null
    )
  }
  const renderSettingsMenuItemLink = (resource, id) => {
    const label = translate(`resources.${resource.name}.name`, {
-      smart_count: 2,
+      smart_count: id ? 1 : 2,
    })
    const link = id ? `/${resource.name}/${id}` : `/${resource.name}`
    return (
      <MenuItemLink
        className={classes.root}
        activeClassName={classes.active}
        key={resource.name}
-        to={`/${resource.name}`}
+        to={link}
        primaryText={label}
        leftIcon={
          (resource.icon && createElement(resource.icon)) || <ViewListIcon />
@ -94,6 +110,7 @@ const CustomUserMenu = ({ onClick, ...rest }) => {
      <UserMenu {...rest}>
        <PersonalMenu sidebarIsOpen={true} onClick={onClick} />
        <Divider />
        {renderUserMenuItemLink()}
        {resources.filter(settingsResources).map(renderSettingsMenuItemLink)}
        <Divider />
        <AboutMenuItem />
--- a/ui/src/user/UserEdit.js
+++ b/ui/src/user/UserEdit.js
@ -31,19 +31,40 @@ const UserTitle = ({ record }) => {
 const UserToolbar = (props) => (
  <Toolbar {...props} classes={useStyles()}>
-    <SaveButton />
+    <SaveButton disabled={props.pristine} />
-    <DeleteUserButton />
+    {props.permissions === 'admin' && <DeleteUserButton />}
  </Toolbar>
 )
-const UserEdit = (props) => (
+const UserEdit = (props) => {
  const { permissions } = props
  const translate = useTranslate()
  const getNameHelperText = () =>
    props.id === localStorage.getItem('userId') && {
      helperText: translate('resources.user.helperTexts.name'),
    }
  return (
    <Edit title={<UserTitle />} {...props}>
-    <SimpleForm variant={'outlined'} toolbar={<UserToolbar />}>
+      <SimpleForm
        variant={'outlined'}
        toolbar={<UserToolbar />}
        redirect={permissions === 'admin' ? 'list' : false}
      >
        {permissions === 'admin' && (
          <TextInput source="userName" validate={[required()]} />
-      <TextInput source="name" validate={[required()]} />
+        )}
        <TextInput
          source="name"
          validate={[required()]}
          {...getNameHelperText()}
        />
        <TextInput source="email" validate={[email()]} />
        <PasswordInput source="password" validate={[required()]} />
        {permissions === 'admin' && (
          <BooleanInput source="isAdmin" initialValue={false} />
        )}
        <DateField variant="body1" source="lastLoginAt" showTime />
        {/*<DateField source="lastAccessAt" showTime />*/}
        <DateField variant="body1" source="updatedAt" showTime />
@ -51,5 +72,6 @@ const UserEdit = (props) => (
      </SimpleForm>
    </Edit>
  )
 }
 export default UserEdit