room right usage fix
This commit is contained in:
parent
ce7012de3a
commit
0ac84da902
GPG key ID:
499E2AA870C1CD41
2 changed files with 78 additions and 15 deletions
|
|
@ -3,6 +3,7 @@ import { checkSelfTag } from "../../server/outbagURL.js";
|
||||||
import { Act, Client, STATE } from "../user.js";
|
import { Act, Client, STATE } from "../user.js";
|
||||||
import { db, listCategories, listItems, listProducts } from "../../sys/db.js";
|
import { db, listCategories, listItems, listProducts } from "../../sys/db.js";
|
||||||
import { isCategoryInRoom, isItemInRoom, isProductInRoom, isRoomDataFull } from "../helper.js"
|
import { isCategoryInRoom, isItemInRoom, isProductInRoom, isRoomDataFull } from "../helper.js"
|
||||||
|
import { ROOM_RIGHTS } from "../../server/permissions.js";
|
||||||
|
|
||||||
export const getCategories: Act = {
|
export const getCategories: Act = {
|
||||||
state: STATE.client | STATE.remote,
|
state: STATE.client | STATE.remote,
|
||||||
|
|
@ -58,7 +59,7 @@ export const addCategory: Act = {
|
||||||
aws(resp.state, resp.data);
|
aws(resp.state, resp.data);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
let roomID = await client.isInRoom(data.room);
|
let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.LIST_CAT_PROD);
|
||||||
if (roomID == -1) {
|
if (roomID == -1) {
|
||||||
aws("error", "existence");
|
aws("error", "existence");
|
||||||
return;
|
return;
|
||||||
|
|
@ -103,7 +104,7 @@ export const changeCategory: Act = {
|
||||||
aws(resp.state, resp.data);
|
aws(resp.state, resp.data);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
let roomID = await client.isInRoom(data.room);
|
let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.LIST_CAT_PROD);
|
||||||
if (roomID == -1) {
|
if (roomID == -1) {
|
||||||
aws("error", "existence");
|
aws("error", "existence");
|
||||||
return;
|
return;
|
||||||
|
|
@ -137,7 +138,7 @@ export const changeCategoryWeights: Act = {
|
||||||
aws(resp.state, resp.data);
|
aws(resp.state, resp.data);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
let roomID = await client.isInRoom(data.room);
|
let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.LIST_CAT_PROD);
|
||||||
if (roomID == -1) {
|
if (roomID == -1) {
|
||||||
aws("error", "existence");
|
aws("error", "existence");
|
||||||
return;
|
return;
|
||||||
|
|
@ -175,7 +176,7 @@ export const deleteCategory: Act = {
|
||||||
aws(resp.state, resp.data);
|
aws(resp.state, resp.data);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
let roomID = await client.isInRoom(data.room);
|
let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.LIST_CAT_PROD);
|
||||||
if (roomID == -1) {
|
if (roomID == -1) {
|
||||||
aws("error", "existence");
|
aws("error", "existence");
|
||||||
return;
|
return;
|
||||||
|
|
@ -256,7 +257,7 @@ export const addProduct: Act = {
|
||||||
aws(resp.state, resp.data);
|
aws(resp.state, resp.data);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
let roomID = await client.isInRoom(data.room);
|
let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.LIST_CAT_PROD);
|
||||||
if (roomID == -1) {
|
if (roomID == -1) {
|
||||||
aws("error", "existence");
|
aws("error", "existence");
|
||||||
return;
|
return;
|
||||||
|
|
@ -312,7 +313,7 @@ export const changeProduct: Act = {
|
||||||
aws(resp.state, resp.data);
|
aws(resp.state, resp.data);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
let roomID = await client.isInRoom(data.room);
|
let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.LIST_CAT_PROD);
|
||||||
if (roomID == -1) {
|
if (roomID == -1) {
|
||||||
aws("error", "existence");
|
aws("error", "existence");
|
||||||
return;
|
return;
|
||||||
|
|
@ -351,16 +352,17 @@ export const deleteProduct: Act = {
|
||||||
aws(resp.state, resp.data);
|
aws(resp.state, resp.data);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
let roomID = await client.isInRoom(data.room);
|
let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.LIST_CAT_PROD);
|
||||||
if (roomID == -1) {
|
if (roomID == -1) {
|
||||||
aws("error", "existence");
|
aws("error", "existence");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
if (!isCategoryInRoom(roomID, data.listCatID)) return void aws("error", "existence");
|
|
||||||
if (!isProductInRoom(roomID, data.listProdID)) return void aws("error", "existence");
|
if (!isProductInRoom(roomID, data.listProdID)) return void aws("error", "existence");
|
||||||
let req = await remove(listProducts)
|
let req = await remove(listProducts)
|
||||||
.where(eq(listProducts.listProdID, data.listProdID))
|
.where(and(
|
||||||
.query(db);
|
eq(listProducts.listProdID, data.listProdID),
|
||||||
|
eq(listProducts.roomID, roomID),
|
||||||
|
)).query(db);
|
||||||
if (req.affectedRows > 0) aws("ok", "");
|
if (req.affectedRows > 0) aws("ok", "");
|
||||||
else aws("error", "existence");
|
else aws("error", "existence");
|
||||||
}
|
}
|
||||||
|
|
@ -418,7 +420,7 @@ export const addItem: Act = {
|
||||||
data: {
|
data: {
|
||||||
room: "string",
|
room: "string",
|
||||||
server: "string",
|
server: "string",
|
||||||
state: "numer",
|
state: "number",
|
||||||
title: "string-256",
|
title: "string-256",
|
||||||
description: "string-4096",
|
description: "string-4096",
|
||||||
listCatID: "number", //-1 = no parent
|
listCatID: "number", //-1 = no parent
|
||||||
|
|
@ -433,7 +435,7 @@ export const addItem: Act = {
|
||||||
aws(resp.state, resp.data);
|
aws(resp.state, resp.data);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
let roomID = await client.isInRoom(data.room);
|
let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.ADD_ARTICLES);
|
||||||
if (roomID == -1) {
|
if (roomID == -1) {
|
||||||
aws("error", "existence");
|
aws("error", "existence");
|
||||||
return;
|
return;
|
||||||
|
|
@ -474,7 +476,7 @@ export const changeItem: Act = {
|
||||||
room: "string",
|
room: "string",
|
||||||
server: "string",
|
server: "string",
|
||||||
listItemID: "number",
|
listItemID: "number",
|
||||||
state: "numer",
|
state: "number", // 0 = added; 1 = in cart; 2 = bourght
|
||||||
title: "string-256",
|
title: "string-256",
|
||||||
description: "string-4096",
|
description: "string-4096",
|
||||||
listCatID: "number", //-1 = no parent
|
listCatID: "number", //-1 = no parent
|
||||||
|
|
@ -489,7 +491,7 @@ export const changeItem: Act = {
|
||||||
aws(resp.state, resp.data);
|
aws(resp.state, resp.data);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
let roomID = await client.isInRoom(data.room);
|
let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.ADD_ARTICLES);
|
||||||
if (roomID == -1) {
|
if (roomID == -1) {
|
||||||
aws("error", "existence");
|
aws("error", "existence");
|
||||||
return;
|
return;
|
||||||
|
|
@ -510,4 +512,65 @@ export const changeItem: Act = {
|
||||||
if (req.affectedRows > 0) aws("ok", "");
|
if (req.affectedRows > 0) aws("ok", "");
|
||||||
else aws("error", "existence");
|
else aws("error", "existence");
|
||||||
}
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
export const changeItemState: Act = {
|
||||||
|
state: STATE.client | STATE.remote,
|
||||||
|
right: 0,
|
||||||
|
data: {
|
||||||
|
room: "string",
|
||||||
|
server: "string",
|
||||||
|
listItemID: "number",
|
||||||
|
state: "number",
|
||||||
|
},
|
||||||
|
func: async (client: Client, data: any, aws: (code: string, data: any) => void) => {
|
||||||
|
if (!checkSelfTag(data.server)) {
|
||||||
|
if (client.state != STATE.client) return void aws("error", "right");
|
||||||
|
let resp = await client.pass(data.server, "changeItemState", data);
|
||||||
|
aws(resp.state, resp.data);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
let roomID = await client.isInRoom(data.room);
|
||||||
|
if (roomID == -1) {
|
||||||
|
aws("error", "existence");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (!isItemInRoom(roomID, data.listItemID)) return void aws("error", "existence");
|
||||||
|
let req = await update(listItems)
|
||||||
|
.set(listItems.state, data.state)
|
||||||
|
.where(eq(listItems.listItemID, data.listItemID))
|
||||||
|
.query(db);
|
||||||
|
if (req.affectedRows > 0) aws("ok", "");
|
||||||
|
else aws("error", "existence");
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
export const deleteItem: Act = {
|
||||||
|
state: STATE.client | STATE.remote,
|
||||||
|
right: 0,
|
||||||
|
data: {
|
||||||
|
room: "string",
|
||||||
|
server: "string",
|
||||||
|
listItemID: "number"
|
||||||
|
},
|
||||||
|
func: async (client: Client, data: any, aws: (code: string, data: any) => void) => {
|
||||||
|
if (!checkSelfTag(data.server)) {
|
||||||
|
if (client.state != STATE.client) return void aws("error", "right");
|
||||||
|
let resp = await client.pass(data.server, "deleteItem", data);
|
||||||
|
aws(resp.state, resp.data);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.REMOVE_ARTICLES);
|
||||||
|
if (roomID == -1) {
|
||||||
|
aws("error", "existence");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
let req = await remove(listItems)
|
||||||
|
.where(and(
|
||||||
|
eq(listItems.listItemID, data.listItemID),
|
||||||
|
eq(listItems.roomID, roomID)
|
||||||
|
)).query(db);
|
||||||
|
if (req.affectedRows > 0) aws("ok", "");
|
||||||
|
else aws("error", "existence");
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
|
@ -18,7 +18,7 @@ export const PERMISSIONS = {
|
||||||
export const ROOM_RIGHTS = { //when changing, look in main (db defaults)
|
export const ROOM_RIGHTS = { //when changing, look in main (db defaults)
|
||||||
ADD_ARTICLES: 0b0000001, //change or add articles
|
ADD_ARTICLES: 0b0000001, //change or add articles
|
||||||
REMOVE_ARTICLES: 0b0000010,
|
REMOVE_ARTICLES: 0b0000010,
|
||||||
LIST_GROUPS_ITEMS: 0b0000100, //edit room intern listGroups and listItems
|
LIST_CAT_PROD: 0b0000100, //edit room intern listGroups and listItems
|
||||||
CHANGE_META: 0b0001000,
|
CHANGE_META: 0b0001000,
|
||||||
OTA: 0b0010000, //edit otas
|
OTA: 0b0010000, //edit otas
|
||||||
MANAGE_MEMBERS: 0b0100000,
|
MANAGE_MEMBERS: 0b0100000,
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue