manuel.sowada/radixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rbac updated

Browse Source
This commit is contained in:
Manuel Sowada
2026-04-30 13:36:45 +02:00
parent bbd9441b31
commit 6679ed20fe
15 changed files with 752 additions and 201 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
dbcreate.sql
View File

@@ -367,10 +367,9 @@ INSERT INTO dbo.EventLevels VALUES
(4,'error','Error',1), (4,'error','Error',1),
(8,'throw_exception','Exception',0); (8,'throw_exception','Exception',0);
INSERT INTO dbo.Plugins VALUES ('SYSTEM',1,'1.0.0');
INSERT INTO dbo.[Role] (Name,Description,RoleType) INSERT INTO dbo.[Role] (Name,Description,RoleType)
VALUES ('ADMIN','System Administrator','SYSTEM'); VALUES ('ADMIN','System Administrators','SYSTEM');
INSERT INTO dbo.Permission (Scope,Resource,Action) INSERT INTO dbo.Permission (Scope,Resource,Action)
VALUES ('SYSTEM','ALL','ALL'); VALUES ('SYSTEM','ALL','ALL');
@@ -493,18 +492,6 @@ JOIN dbo.[Role] r
GO GO
-- ========================================================
-- 3. EFFECTIVE ROLES (DEDUPLICATED)
-- ========================================================
CREATE OR ALTER VIEW dbo.vAuthenticationEffectiveRoles AS
SELECT DISTINCT
Authentication_ObjectGUID,
Role_ID,
RoleName
FROM dbo.vAuthenticationRolesExpanded;
GO
-- ======================================================== -- ========================================================
-- 4. PERMISSIONS (DETAILED WITH ROLE SOURCE) -- 4. PERMISSIONS (DETAILED WITH ROLE SOURCE)
-- ======================================================== -- ========================================================

3
public/javascript/customModal.js
View File

@@ -149,6 +149,9 @@ function slideOutMessage(message) {
/** /**
feedbox({ feedbox({
title: `<span style="color:#f44336">⚠ Upload abbrechen?</span>`, title: `<span style="color:#f44336">⚠ Upload abbrechen?</span>`,
lock: true,
primary: 'yes',
replace: false,
message: ` message: `
<p>Es laufen noch <b>aktive Uploads</b>.</p> <p>Es laufen noch <b>aktive Uploads</b>.</p>
<p>Möchtest du wirklich <u>alle abbrechen</u>?</p> <p>Möchtest du wirklich <u>alle abbrechen</u>?</p>

7
public/javascript/main.js
View File

@@ -1033,6 +1033,7 @@ function virtualTable({
}); });
// Live-Counter // Live-Counter
if(!filterConfig || filterConfig.hideCounter) return
if(filterState.counterEl) filterState.counterEl.textContent = `${visibleCount} Treffer`; if(filterState.counterEl) filterState.counterEl.textContent = `${visibleCount} Treffer`;
} }
@@ -1230,9 +1231,13 @@ window.addEventListener('resize', () => {
tableEl.style.setProperty('--filter-height', h + 'px'); tableEl.style.setProperty('--filter-height', h + 'px');
}); });
filterState.counterEl = document.createElement('div'); if(!filterConfig.hideCounter
) {
filterState.counterEl = document.createElement('div');
filterState.counterEl.className = 'live-counter'; filterState.counterEl.className = 'live-counter';
container.appendChild(filterState.counterEl); container.appendChild(filterState.counterEl);
}
syncFilterWidth(container); syncFilterWidth(container);
const wrapperResizeObserver = new ResizeObserver(() => { const wrapperResizeObserver = new ResizeObserver(() => {

20
public/javascript/os.js
View File

@@ -11,6 +11,7 @@ const restoreIcon = '🗗';
const startBtn = document.getElementById('start-btn'); const startBtn = document.getElementById('start-btn');
const startMenu = document.getElementById('start-menu'); const startMenu = document.getElementById('start-menu');
const taskbar = document.getElementById('taskbar');
const windowsContainer = document.getElementById('windows'); const windowsContainer = document.getElementById('windows');
const taskbarWindows = document.getElementById('taskbar-windows'); const taskbarWindows = document.getElementById('taskbar-windows');
const ctx = new ContextMenu(); const ctx = new ContextMenu();
@@ -21,9 +22,27 @@ const MAX_PADDING = { left: 4, top: 4, right: 4, bottom: (56 - 4) };
startBtn.addEventListener('click', (evt) => { startBtn.addEventListener('click', (evt) => {
evt.stopPropagation(); // verhindert sofortiges Schließen evt.stopPropagation(); // verhindert sofortiges Schließen
startBtn.classList.toggle('active');
startMenu.classList.toggle('hidden'); startMenu.classList.toggle('hidden');
}); });
function updateStartMenuPosition() {
const height = taskbar.offsetHeight;
startMenu.style.bottom = (height + 5) + 'px';
}
const observer = new ResizeObserver(entries => {
for (let entry of entries) {
const height = entry.contentRect.height;
document.documentElement.style.setProperty('--auto-taskbar-height', height + 'px');
}
});
observer.observe(taskbar);
window.addEventListener('resize', updateStartMenuPosition);
window.addEventListener('load', updateStartMenuPosition);
// Launch app when clicking start menu item // Launch app when clicking start menu item
document.addEventListener('click', async (e) => { document.addEventListener('click', async (e) => {
const target = e.target.closest('.start-item'); const target = e.target.closest('.start-item');
@@ -31,6 +50,7 @@ document.addEventListener('click', async (e) => {
const clickedButton = startBtn.contains(e.target); const clickedButton = startBtn.contains(e.target);
if(!clickedInsideMenu && !clickedButton) { if(!clickedInsideMenu && !clickedButton) {
startBtn.classList.remove('active');
startMenu.classList.add('hidden'); startMenu.classList.add('hidden');
return; return;
} }

743
public/javascript/rbacAPI.js
View File

@@ -1,95 +1,229 @@
const vt = virtualTable({ const ctx = new ContextMenu();
tableEl: document.querySelector('#rbacUsersTable'),
data: [],
rowHeight: 20,
buffer: 5,
groupKey: 'ObjectSourceName', // optional zum Gruppieren
rowKey: 'ObjectGUID',
filterConfig: {
exceptedColumns: ['Status_ID', 'Anhänge'],
columnModes: {
ID: 'text', Status: 'dropdown', Objekt: 'text', Priorität: 'dropdown',
Erstelldatum: 'text', Gewerk: 'dropdown', Typ: 'dropdown',
Bedarfsmelder: 'text', Bearbeiter: 'text', Genehmiger: 'text',
Status: 'dropdown'
}
},
customRender: (row, tr) => {
createTd(tr, //////////////////////////////
`<button class="redbutton" // 🌐 API LAYER
${row['ObjectGUID'] === '00000000-0000-0000-0000-000000000001' ? //////////////////////////////
'disabled data-tooltip="Der Administrator kann nicht gelöscht werden"' :
''
}>X</button>`, {
styles: {
'position': 'sticky',
'left': '0px',
'width': '20px',
'z-index': '2'
}, classes: [
'text-align:left'
], onclick: () => {
sendUserEvent('RBAC', `Benutzer ${row['sn'][0].toUpperCase() + row['sn'].slice(1)}, ${row['givenName'][0].toUpperCase() + row['givenName'].slice(1)} gelöscht`, null, 3);
}
});
createTd(tr, row['ObjectGUID'], { classes: [ 'text-align:left' ], styles: { 'max-width': '100px' }, attributes: { 'data-tooltip': row['ObjectGUID'] } }); const api = async (url, method = 'GET', body) => {
createTd(tr, row['sAMAccountName'], { classes: [ 'text-align:left' ], attributes: { 'data-tooltip': row['sAMAccountName'] } });
createTd(tr, row['sn'], { classes: [ 'text-align:left' ], attributes: { 'data-tooltip': row['sn'] } });
createTd(tr, row['givenName'], { classes: [ 'text-align:left' ], attributes: { 'data-tooltip': row['givenName'] } });
createTd(tr, row['mail'], { classes: [ 'text-align:left' ], attributes: { 'data-tooltip': row['mail'] } });
createTd(tr, row['active'], { classes: [ 'text-align:center' ] });
createTd(tr, row['online'], { classes: [ 'text-align:center' ] });
createTd(tr, row['RoleCount'], { classes: [ 'text-align:center' ] });
createTd(tr, row['GroupCount'], { classes: [ 'text-align:center' ] });
createTd(tr, row['ObjectSourceName'], { classes: [ 'text-align:right' ] });
}
});
async function api(url, method = 'GET', body) {
const res = await fetch(url, { const res = await fetch(url, {
method, method,
headers: { 'Content-Type': 'application/json' }, headers: { 'Content-Type': 'application/json' },
body: body ? JSON.stringify(body) : undefined body: body ? JSON.stringify(body) : undefined
}); });
if(res.status >= 400) {
return res.json(); const text = await res.text();
} sendUserEvent('RBAC', `Hoppla, da ist etwas schief gelaufen:\r\n${text}`, null, 4);
async function createUser() {
const name = document.getElementById('newUserName').value;
const sn = name.split('.')[1];
const givenName = name.split('.')[0];
const mail = `${name}@test.com`;
const user = await api('/api/rbac/auth/create', 'POST', {
sAMAccountName: name,
mail: mail,
sn: sn[0].toUpperCase() + sn.slice(1),
givenName: givenName[0].toUpperCase() + givenName.slice(1)
});
if(user) {
sendUserEvent('RBAC', `Benutzer ${sn[0].toUpperCase() + sn.slice(1)}, ${givenName[0].toUpperCase() + givenName.slice(1)} angelegt`, null, 0);
loadUsers();
} }
return res.json();
};
//////////////////////////////
// 🧠 RBAC SERVICE LAYER
//////////////////////////////
const RBAC = {
// 👤 USERS
loadUsers: async () => (await api('/api/rbac/auth/get', 'POST'))
.map(({ active, online, ...rest }) => ({
...rest,
Aktiv: active
}))
.sort((a, b) => a.sAMAccountName.localeCompare(b.sAMAccountName)),
createUser: (data) => api('/api/rbac/auth/create', 'POST', data),
deleteUser: (guid) => api(`/api/rbac/auth/${guid}`, 'DELETE'),
// 👥 GROUPS
loadGroups: () => api('/api/rbac/group/get', 'POST'),
createGroup: (name) => api('/api/rbac/group/create', 'POST', { name }),
deleteGroup: (guid) => api(`/api/rbac/group/${guid}`, 'DELETE'),
// 🔗 ASSIGNMENTS
addUserToGroup: (authGuid, groupGuid) =>
api('/api/rbac/group/add-user', 'POST', { authGuid, groupGuid }),
addUserToRole: (authGuid, roleId) =>
api('/api/rbac/role/add-user', 'POST', { authGuid, roleId }),
addGroupToRole: (groupGuid, roleId) =>
api('/api/rbac/role/add-group', 'POST', { groupGuid, roleId }),
addPermissionToRole: (roleId, permissionId) =>
api('/api/rbac/role/add-permission', 'POST', { roleId, permissionId })
};
//////////////////////////////
// 🖱️ DRAG & DROP
//////////////////////////////
function createDragZone(el, data) {
el.draggable = true;
el.addEventListener('dragstart', (evt) => {
evt.dataTransfer.setData('application/json', JSON.stringify(data));
});
} }
function createDropZone(el, type, target) {
const targetValue = target.ObjectGUID || target.Role_ID || target.Permission_ID;
let process = { action: null, response: null, failure: false };
el.addEventListener('dragover', e => e.preventDefault());
el.addEventListener('drop', async (e) => {
e.preventDefault();
const data = JSON.parse(
e.dataTransfer.getData('application/json')
);
if(!targetValue) {
sendUserEvent('RBAC', 'Deinem Drop-Ziel wurde kein ID-Attribut zugewiesen. Frag einfach Manuel ', null, 2);
return;
}
switch (type) {
case 'group':
process.action = `Du hast den Benutzer der Gruppe hinzugefügt`;
process.response = await RBAC.addUserToGroup(data.ObjectGUID, targetValue);
loadUsers();
break;
case 'role':
process.action = `Du hast den Benutzer der Rolle hinzugefügt`;
process.response = await RBAC.addUserToRole(data.ObjectGUID, targetValue);
break;
case 'group-to-role':
process.action = `Du hast die Gruppe der Rolle hinzugefügt`;
process.response = await RBAC.addGroupToRole(data.ObjectGUID, targetValue);
break;
case 'permission':
process.action = `Du hast den Berechtigung der Rolle hinzugefügt`;
process.response = await RBAC.addPermissionToRole(targetValue, data.ID);
break;
}
if(process.failure) return;
sendUserEvent('RBAC', process.action, null, 0);
});
}
//////////////////////////////
// 📋 TABLE (USERS)
//////////////////////////////
const vt = virtualTable({
tableEl: document.querySelector('#rbacUsersTable'),
data: [],
rowHeight: 20,
buffer: 5,
groupKey: 'ObjectSourceName',
rowKey: 'ObjectGUID',
filterConfig: {
hideCounter: true,
exceptedColumns: ['', 'Rollen', 'Gruppen'],
columnModes: {
Aktiv: 'dropdown',
Online: 'dropdown'
}
},
customRender: (row, tr) => {
createDragZone(tr, row);
tr.addEventListener('contextmenu', (evt) => {
evt.preventDefault();
ctx.setItems([
{
label: "Details",
onClick: () => showAuthDetails(row.ObjectGUID)
}
]);
ctx.show(evt.pageX + 5, { y: evt.pageY + 5 });
});
createTd(tr,
`<button class="redbutton"
${row['ObjectGUID'] === '00000000-0000-0000-0000-000000000001' ?
'disabled data-tooltip="Der Administrator kann nicht gelöscht werden"' :
''
}>X</button>`, {
styles: {
'position': 'sticky',
'left': '0px',
'max-width': '20px',
'z-index': '2'
}, classes: [
'text-align:left'
], onclick: () => {
if(row['ObjectGUID'] === '00000000-0000-0000-0000-000000000001') return;
deleteUser(row['ObjectGUID'], row['sAMAccountName']);
}
});
createTd(tr, row['ObjectGUID'], { classes: [ 'text-align:left' ], styles: { 'max-width': '100px' }, attributes: { 'data-tooltip': row['ObjectGUID'] } });
createTd(tr, row['sAMAccountName'], { classes: [ 'text-align:left' ], attributes: { 'data-tooltip': row['sAMAccountName'] } });
createTd(tr, row['RoleCount'], { classes: [ 'text-align:center' ] });
createTd(tr, row['GroupCount'], { classes: [ 'text-align:center' ] });
createTd(tr, row['sn'], { classes: [ 'text-align:left' ], attributes: { 'data-tooltip': row['sn'] } });
createTd(tr, row['givenName'], { classes: [ 'text-align:left' ], attributes: { 'data-tooltip': row['givenName'] } });
createTd(tr, row['mail'], { classes: [ 'text-align:left' ], attributes: { 'data-tooltip': row['mail'] } });
createTd(tr, row['Aktiv'], { classes: [ 'text-align:center' ] });
}
});
//////////////////////////////
// 📥 LOADERS
//////////////////////////////
async function loadUsers() { async function loadUsers() {
try { try {
const users = await api('/api/rbac/auth/get', 'POST'); vt.source(await RBAC.loadUsers());
if(users) { } catch (err) {
vt.source(users); console.error(err);
return;
}
sendUserEvent('RBAC', 'Benutzer konnten nicht geladen', null, 4);
} catch(err) {
writeEventLog(4, 'RBAC', err);
} }
} }
async function loadGroups() {
const container = document.getElementById('rbacGroupContainer');
container.innerHTML = '';
const groups = await RBAC.loadGroups();
const fragment = document.createDocumentFragment();
groups.forEach(group => {
const section = document.createElement('section');
const groupName = document.createElement('span');
groupName.innerHTML = group.Name;
groupName.dataset.tooltip = group.Name;
groupName.dataset.tooltipMode = 'ellipsis';
section.append(groupName);
if(group.ObjectGUID !== '00000000-0000-0000-0000-000000000001') {
const removeButton = document.createElement('div');
removeButton.className = 'removeButton';
removeButton.innerHTML = 'X';
removeButton.onclick = async () => {
await deleteGroup(group.ObjectGUID, group.Name);
};
section.append(removeButton);
}
createDropZone(section, 'group', group);
fragment.appendChild(section);
});
container.appendChild(fragment);
}
async function createGroup() { async function createGroup() {
const name = document.getElementById('newGroupName').value; const name = document.getElementById('newGroupName').value;
@@ -101,76 +235,411 @@ async function createGroup() {
loadGroups(); loadGroups();
} }
} }
// HIER WEITER - GRUPPEN KARTEN MÜSSEN HÜBSCHER WERDEN.
// BENUTZER UND GRUPPEN KÖNNEN NOCH NICHT GELÖSCHT WERDEN. //////////////////////////////
// GRUPPEN AUCH OBJECTSOURCE_ID 1? // 👤 USER ACTIONS
async function loadGroups() { //////////////////////////////
try {
const rbacGroupContainer = document.getElementById('rbacGroupContainer'); async function createUser() {
rbacGroupContainer.innerHTML = ''; const name = document.getElementById('newUserName').value;
const groups = await api('/api/rbac/group/get', 'POST');
if(groups) { if (!name || !name.includes('.')) return;
let fragment = document.createDocumentFragment();
groups.forEach(group => { const [givenName, sn] = name.split('.');
const section = document.createElement('section');
section.innerHTML = `<span>${group.Name}</span><div class="removeButton" onclick="this.parentNode.remove()">X</div>`; const user = await RBAC.createUser({
section.dataset.tooltip = group.Name; sAMAccountName: name,
fragment.appendChild(section); mail: `${name}@test.com`,
}); givenName: givenName[0].toUpperCase() + givenName.slice(1),
rbacGroupContainer.innerHTML = ''; sn: sn[0].toUpperCase() + sn.slice(1)
rbacGroupContainer.appendChild(fragment); });
return;
} sendUserEvent('RBAC', `Benutzer ${user.sAMAccountName} [${user.ObjectGUID}] angelegt`, null, 0);
sendUserEvent('RBAC', 'Gruppen konnten nicht geladen', null, 4); loadUsers();
} catch(err) {
writeEventLog(4, 'RBAC', err);
}
} }
async function deleteUser(guid, name) {
feedbox({
title: `<span>Benutzer löschen</span>`,
message: `Soll der Benutzer <b>${name}</b> und<br><b>alle seine Zugehörigkeiten</b> entfernt werden`,
buttons: {
no: { text: 'Nein' },
yes: {
text: '<b style=color:red>Ja</b>',
onClick: async () => {
const user = await RBAC.deleteUser(guid);
sendUserEvent('RBAC', `Benutzer ${user.sAMAccountName || ''} [${user.ObjectGUID}] gelöscht`, null, 0);
loadUsers();
}
}
}
});
}
//////////////////////////////
// 👥 GROUP ACTIONS
//////////////////////////////
async function deleteGroup(guid, name) {
feedbox({
title: `<span>Gruppe löschen</span>`,
message: `Möchtest du die Gruppe <b style="color:red;">${name} [${guid}]</b> wirklich löschen`,
buttons: {
no: { text: 'Nein' },
yes: {
text: '<b style=color:red>Ja</b>',
onClick: async () => {
const group = await RBAC.deleteGroup(guid);
sendUserEvent('RBAC', `Du hast die Gruppe ${name || ''} [${group.ObjectGUID}] gelöscht`, null, 0);
loadUsers();
loadGroups();
}
}
}
});
}
//////////////////////////////
// 🚀 INIT
//////////////////////////////
loadUsers(); loadUsers();
loadGroups(); loadGroups();
async function createRole() {
const name = document.getElementById('newRoleName').value;
await api('/api/role', 'POST', {
name
});
loadRoles();
}
async function loadRoles() {
document.getElementById('roleList').innerHTML = 'Reload roles...';
}
async function createPermission() { // const ctx = new ContextMenu();
const scope = document.getElementById('permScope').value; // const vt = virtualTable({
const resource = document.getElementById('permResource').value; // tableEl: document.querySelector('#rbacUsersTable'),
const action = document.getElementById('permAction').value; // data: [],
// rowHeight: 20,
// buffer: 5,
// groupKey: 'ObjectSourceName', // optional zum Gruppieren
// rowKey: 'ObjectGUID',
// filterConfig: {
// hideCounter: true,
// exceptedColumns: ['', 'Rollen', 'Gruppen'],
// columnModes: {
// Aktiv: 'dropdown',
// Online: 'dropdown'
// }
// },
// customRender: (row, tr) => {
// tr.draggable = true;
// tr.dataset.guid = row['ObjectGUID'];
// tr.dataset.sAMAccountName = row['sAMAccountName'];
await api('/permission', 'POST', { // tr.ondragstart = (evt) => {
scope, // const data = {
resource, // guid: tr.dataset.guid,
action // sAMAccountName: tr.dataset.sAMAccountName
}); // };
// evt.dataTransfer.setData('application/json', JSON.stringify(data));
alert('Permission created'); // };
}
async function addUserToGroup(authId, groupId) { // tr.oncontextmenu = async evt => {
await api('/api/rbac/group/add-user', 'POST', { // if (evt.target.tagName === 'BUTTON') return;
authId, // ctx.setItems([ { label: "Details", onClick: () => showAuthDetails(row['ObjectGUID']) } ]);
groupId // evt.preventDefault();
}); // ctx.show(evt.pageX + 5, {y: evt.pageY + 5 });
} // };
// createTd(tr,
// `<button class="redbutton"
// ${row['ObjectGUID'] === '00000000-0000-0000-0000-000000000001' ?
// 'disabled data-tooltip="Der Administrator kann nicht gelöscht werden"' :
// ''
// }>X</button>`, {
// styles: {
// 'position': 'sticky',
// 'left': '0px',
// 'width': '20px',
// 'z-index': '2'
// }, classes: [
// 'text-align:left'
// ], onclick: () => {
// if(row['ObjectGUID'] === '00000000-0000-0000-0000-000000000001') return;
// deleteUser(row['ObjectGUID'], row['sAMAccountName']);
// }
// });
// createTd(tr, row['ObjectGUID'], { classes: [ 'text-align:left' ], styles: { 'max-width': '100px' }, attributes: { 'data-tooltip': row['ObjectGUID'] } });
// createTd(tr, row['sAMAccountName'], { classes: [ 'text-align:left' ], attributes: { 'data-tooltip': row['sAMAccountName'] } });
// createTd(tr, row['sn'], { classes: [ 'text-align:left' ], attributes: { 'data-tooltip': row['sn'] } });
// createTd(tr, row['givenName'], { classes: [ 'text-align:left' ], attributes: { 'data-tooltip': row['givenName'] } });
// createTd(tr, row['mail'], { classes: [ 'text-align:left' ], attributes: { 'data-tooltip': row['mail'] } });
// createTd(tr, row['active'], { classes: [ 'text-align:center' ] });
// createTd(tr, row['online'], { classes: [ 'text-align:center' ] });
// createTd(tr, row['RoleCount'], { classes: [ 'text-align:center' ] });
// createTd(tr, row['GroupCount'], { classes: [ 'text-align:center' ] });
// }
// });
async function addPermissionToRole(roleId, permissionId) { // async function api(url, method = 'GET', body) {
await api('/role/add-permission', 'POST', { // const res = await fetch(url, {
roleId, // method,
permissionId // headers: { 'Content-Type': 'application/json' },
}); // body: body ? JSON.stringify(body) : undefined
} // });
// return res.json();
// }
// async function showAuthDetails(guid) {
// const details = await api(`/api/rbac/auth/details/${guid}`)
// if(!details) return;
// feedbox({
// title: `<span>Details</span>`,
// message: Object.entries(details).map(([key, value]) => /*html*/`<p><b>${key}:</b><span class="selectable">${value}</span></p>`).join(''),
// buttons: {
// yes: {
// text: 'Schließen'
// }
// },
// lock: true,
// primary: 'yes'
// })
// }
// async function createUser() {
// const name = document.getElementById('newUserName').value;
// if(!name || !name.includes('.')) {
// sendUserEvent('RBAC', 'Der sAMAccountName muss einen Punkt enthalten<br>Der Benutzer wurde nicht angelegt', null, 2);
// return;
// }
// const sn = name.split('.')[1];
// const givenName = name.split('.')[0];
// const mail = `${name}@test.com`;
// const user = await api('/api/rbac/auth/create', 'POST', {
// sAMAccountName: name,
// mail: mail,
// sn: sn[0].toUpperCase() + sn.slice(1),
// givenName: givenName[0].toUpperCase() + givenName.slice(1)
// });
// if(user) {
// sendUserEvent('RBAC', `Benutzer ${sn[0].toUpperCase() + sn.slice(1)}, ${givenName[0].toUpperCase() + givenName.slice(1)} angelegt`, null, 0);
// loadUsers();
// }
// }
// async function deleteUser(guid, sAMAccountName) {
// feedbox({
// title: `<span>Benutzer löschen</span>`,
// message: `
// <p>Möchtest du den Benutzer <b style="color:red;">${sAMAccountName} [${guid}]</b> wirklich löschen</p>
// `,
// buttons: {
// no: {
// text: 'Nein'
// },
// yes: {
// text: '<b>Ja</b>',
// onClick: async () => {
// const user = await api(`/api/rbac/auth/${guid}`, 'DELETE', {
// guid
// });
// if(user) {
// loadUsers();
// sendUserEvent('RBAC', `Benutzer ${user.sAMAccountName || ''} [${user.ObjectGUID}] gelöscht`, null, 0);
// }
// }
// }
// }
// });
// }
// async function loadUsers() {
// try {
// const users = await api('/api/rbac/auth/get', 'POST');
// if(users) {
// vt.source(users);
// return;
// }
// sendUserEvent('RBAC', 'Benutzer konnten nicht geladen', null, 4);
// } catch(err) {
// writeEventLog(4, 'RBAC', err);
// }
// }
// async function createGroup() {
// const name = document.getElementById('newGroupName').value;
// const group = await api('/api/rbac/group/create', 'POST', {
// name
// });
// if(group) {
// sendUserEvent('RBAC', `Gruppe ${name} angelegt`, null, 0);
// loadGroups();
// }
// }
// async function deleteGroup(guid, name) {
// feedbox({
// title: `<span>Gruppe löschen</span>`,
// message: `
// <p>Möchtest du die Gruppe <b style="color:red;">${name} [${guid}]</b> wirklich löschen</p>
// `,
// buttons: {
// no: {
// text: 'Nein'
// },
// yes: {
// text: '<b>Ja</b>',
// onClick: async () => {
// const group = await api(`/api/rbac/group/${guid}`, 'DELETE', {
// guid
// });
// if(group) {
// sendUserEvent('RBAC', `Gruppe ${group.Name || ''} [${group.ObjectGUID}] gelöscht`, null, 0);
// loadGroups();
// }
// }
// }
// }
// });
// // const name = document.getElementById('newGroupName').value;
// // const group = await api('/api/rbac/group/create', 'POST', {
// // name
// // });
// // if(group) {
// // sendUserEvent('RBAC', `Gruppe ${name} angelegt`, null, 0);
// // loadGroups();
// // }
// }
// // HIER WEITER - GRUPPEN KARTEN MÜSSEN HÜBSCHER WERDEN.
// // BENUTZER UND GRUPPEN KÖNNEN NOCH NICHT GELÖSCHT WERDEN.
// // GRUPPEN AUCH OBJECTSOURCE_ID 1?
// async function loadGroups() {
// try {
// const rbacGroupContainer = document.getElementById('rbacGroupContainer');
// rbacGroupContainer.innerHTML = '';
// const groups = await api('/api/rbac/group/get', 'POST');
// if(groups) {
// let fragment = document.createDocumentFragment();
// groups.forEach(group => {
// const section = document.createElement('section');
// createDropZone(section, 'group', group.ObjectGUID);
// section.innerHTML = `<span>${group.Name}</span><div class="removeButton" onclick="deleteGroup('${group.ObjectGUID}', '${group.Name}')">X</div>`;
// section.dataset.tooltip = group.Name;
// fragment.appendChild(section);
// });
// rbacGroupContainer.innerHTML = '';
// rbacGroupContainer.appendChild(fragment);
// return;
// }
// sendUserEvent('RBAC', 'Gruppen konnten nicht geladen', null, 4);
// } catch(err) {
// writeEventLog(4, 'RBAC', err);
// }
// }
// loadUsers();
// loadGroups();
// async function createRole() {
// const name = document.getElementById('newRoleName').value;
// await api('/api/role', 'POST', {
// name
// });
// loadRoles();
// }
// async function loadRoles() {
// document.getElementById('roleList').innerHTML = 'Reload roles...';
// }
// async function createPermission() {
// const scope = document.getElementById('permScope').value;
// const resource = document.getElementById('permResource').value;
// const action = document.getElementById('permAction').value;
// await api('/permission', 'POST', {
// scope,
// resource,
// action
// });
// alert('Permission created');
// }
// function createDropZone(element, direction, keyAttribute) {
// element.addEventListener('dragover', (evt) => {
// evt.preventDefault();
// });
// // 📥 Drop verarbeiten
// element.addEventListener('drop', (evt) => {
// evt.preventDefault();
// const attributeValue = element.dataset[keyAttribute]; // ObjectGuid or ID
// const data = JSON.parse(
// evt.dataTransfer.getData('application/json')
// );
// switch (direction) {
// case 'user-to-group':
// addUserToGroup(data.guid, attributeValue);
// break;
// case 'user-to-role':
// addPermissionToRole(data.guid, attributeValue);
// break;
// case 'group-to-role':
// addGroupToRole(data.guid, attributeValue);
// break;
// case 'permission-to-role':
// addPermissionToRole(data.roleId, attributeValue)
// default:
// break;
// }
// });
// }
// async function addUserToGroup(authGuid, groupGuid) {
// await api('/api/rbac/group/add-user', 'POST', {
// authGuid,
// groupGuid
// });
// }
// async function addUserToRole(authGuid, roleId) {
// await api('/api/rbac/role/add-user', 'POST', {
// authGuid,
// roleId
// });
// }
// async function addGroupToRole(groupGuid, roleId) {
// await api('/api/rbac/role/add-group', 'POST', {
// groupGuid,
// roleId
// });
// }
// async function addPermissionToRole(roleId, permissionId) {
// await api('/api/rbac/role/add-permission', 'POST', {
// roleId,
// permissionId
// });
// }

10
public/javascript/loadOnce.js → public/javascript/uiEvents.js
View File

@@ -41,11 +41,11 @@ function writeEventLog(levelId, pluginName, message) {
// sendToParams: where clause to find objectGUIDs to send // sendToParams: where clause to find objectGUIDs to send
function sendUserEvent(pluginName, message, sendToParams, levelId = -1) { function sendUserEvent(pluginName, message, sendToParams, levelId = -1) {
mainSocket.emit('event', { mainSocket.emit('event', {
objectGuid: getCookie('ObjectGUID'), objectGuid: getCookie('ObjectGUID'),
levelId: levelId, levelId: levelId,
pluginName: pluginName, pluginName: pluginName,
message: message.stack === undefined ? message : { message: message.message }, message: message.stack === undefined ? message : { message: message.message },
sendToParams: sendToParams sendToParams: sendToParams
}); });
} }

4
public/styles/colors.css
View File

@@ -5,11 +5,11 @@
#tutorial-tooltip img {filter: invert(1);} #tutorial-tooltip img {filter: invert(1);}
#start-btn { background:var(--theme-accent-default-backcolor); color:var(--theme-accent-default-color); } #start-btn { background:var(--theme-accent-default-backcolor); color:var(--theme-accent-default-color); }
#start-btn.active { background:var(--theme-accent-active-backcolor); color:var(--theme-accent-active-color); }
#start-btn:hover { background:var(--theme-accent-hover-backcolor); color:var(--theme-accent-hover-color); } #start-btn:hover { background:var(--theme-accent-hover-backcolor); color:var(--theme-accent-hover-color); }
#start-btn:active { background:var(--theme-accent-active-backcolor); color:var(--theme-accent-active-color); }
/* #start-menu, .submenu { background:var(--theme-taskbar-backcolor); color:var(--theme-taskbar-color); } */ /* #start-menu, .submenu { background:var(--theme-taskbar-backcolor); color:var(--theme-taskbar-color); } */
#start-menu { padding-bottom:10px; background:var(--theme-startmenu-backcolor); color:var(--theme-startmenu-color); border:3px solid rgb(128,128,128); } #start-menu { padding-bottom:10px; background:var(--theme-startmenu-backcolor); color:var(--theme-startmenu-color); border:1px solid rgb(10,10,10); }
.start-submenu-head { background:var(--theme-startmenu-submenu-header-backcolor); color:var(--theme-startmenu-submenu-header-backcolor) } .start-submenu-head { background:var(--theme-startmenu-submenu-header-backcolor); color:var(--theme-startmenu-submenu-header-backcolor) }
.start-icon { background:var(--theme-accent-default-backcolor); } .start-icon { background:var(--theme-accent-default-backcolor); }

5
public/styles/default.css
View File

@@ -6,9 +6,10 @@
} }
.selectable { user-select: text !important; cursor: var(--theme-cursor-pointer) 0 16, pointer; } .selectable { user-select: text !important; cursor: var(--theme-cursor-default) 1 1, auto; }
input, input[type="text"], input[type="email"], input[type="password"], input[type="search"], input[type="date"], textarea, select { border-width:2px; border-style:solid; font-size: var(--fontSize); font-family: var(--fontFamily); border-radius:10px; padding:10px 12px; outline:none; transition:all var(--times-transition-colors) ease; width:auto; } /* input, input[type="text"], input[type="email"], input[type="password"], input[type="search"], input[type="date"], textarea, select { border-width:2px; border-style:solid; font-size: var(--fontSize); font-family: var(--fontFamily); border-radius:10px; padding:10px 12px; outline:none; transition:all var(--times-transition-colors) ease; width:auto; } */
input, input[type="text"], input[type="email"], input[type="password"], input[type="search"], input[type="date"], textarea, select { border-width:2px; border-style:solid; font-size: var(--fontSize); font-family: var(--fontFamily); border-radius:10px; padding:4px 6px; outline:none; transition:all var(--times-transition-colors) ease; width:auto; }
input.width\:100px { width:100px; } input.width\:100px { width:100px; }
input.width\:90px { width:90px; } input.width\:90px { width:90px; }
input.width\:75px { width:75px; } input.width\:75px { width:75px; }

5
public/styles/os.css
View File

@@ -31,7 +31,7 @@ body, html { margin:0; padding:0; height:100%; overflow: hidden; font-family: va
.window-resize-se { bottom: -6px;right: -6px;cursor: var(--theme-cursor-resize-270); } .window-resize-se { bottom: -6px;right: -6px;cursor: var(--theme-cursor-resize-270); }
.window-resize-sw { bottom: -6px;left: -6px;cursor: var(--theme-cursor-resize-45); } .window-resize-sw { bottom: -6px;left: -6px;cursor: var(--theme-cursor-resize-45); }
#taskbar { z-index: 2; position: absolute; width:100%; bottom:0; left:0; height:auto; overflow:visible; display:flex; flex: 0 0 auto; min-width:0; align-items:center; padding:0 8px; box-sizing:border-box; } #taskbar { z-index: 2; position: absolute; width:100%; bottom:0; left:0; height:var(--auto-taskbar-height); overflow:visible; display:flex; flex: 0 0 auto; min-width:0; align-items:center; padding:0 8px; box-sizing:border-box; }
#start-btn { transition: background-color var(--times-transition-colors) ease; padding: 8px 12px; border-radius: 5px; border: none; margin-right:8px; } #start-btn { transition: background-color var(--times-transition-colors) ease; padding: 8px 12px; border-radius: 5px; border: none; margin-right:8px; }
#taskbar-windows { display:flex; gap:6px; align-items:center; flex:1; overflow-y:hidden;overflow-x: auto; min-width: 0;scrollbar-width: thin; } #taskbar-windows { display:flex; gap:6px; align-items:center; flex:1; overflow-y:hidden;overflow-x: auto; min-width: 0;scrollbar-width: thin; }
.taskbar-item { display: flex; position: relative; padding:4px 10px; border-radius:4px; } .taskbar-item { display: flex; position: relative; padding:4px 10px; border-radius:4px; }
@@ -70,7 +70,7 @@ body, html { margin:0; padding:0; height:100%; overflow: hidden; font-family: va
.start-item.has-submenu { position: relative; display: flex; flex-direction: column; padding-bottom: 8px; } .start-item.has-submenu { position: relative; display: flex; flex-direction: column; padding-bottom: 8px; }
.start-item.has-submenu > .submenu { width: 100%; list-style: none; padding-left: 2px; max-height: 0; overflow: hidden; transition: max-height var(--times-transition-transform) ease; margin: 2px 0 0 8px; } .start-item.has-submenu > .submenu { width: 100%; list-style: none; padding-left: 2px; max-height: 0; overflow: hidden; transition: max-height var(--times-transition-transform) ease; margin: 2px 0 0 8px; }
.start-item-sys-container { position: relative; left:0; bottom: -8px; padding: 5px 0px; width:100%; display:flex; height:30px; flex-direction:row; justify-content:flex-end; } .start-item-sys-container { position: relative; left:0; bottom: -10px; padding: 5px 0px; width:100%; display:flex; height:30px; flex-direction:row; justify-content:flex-end; }
.start-sys-item { margin: 0 10px 0 8px !important; } .start-sys-item { margin: 0 10px 0 8px !important; }
.start-submenu-head { position: relative; margin-left: 16px; height:32px; display:flex; flex-direction: row; align-items: center; gap:8px; } .start-submenu-head { position: relative; margin-left: 16px; height:32px; display:flex; flex-direction: row; align-items: center; gap:8px; }
@@ -123,6 +123,7 @@ img.icon { width: auto; height:20px; object-fit: contain; filter: var(--theme-no
#taskbar { #taskbar {
padding: 0 6px; padding: 0 6px;
overflow: hidden; overflow: hidden;
z-index: 9999;
} }
#start-btn { #start-btn {

4
public/views/desktop.hbs
View File

@@ -82,7 +82,7 @@
<!-- Taskbar --> <!-- Taskbar -->
<div id="taskbar"> <div id="taskbar">
<button id="start-btn">☰</button> <button class="" id="start-btn">☰</button>
<div id="taskbar-windows"></div> <div id="taskbar-windows"></div>
<button style="margin-right:0;" class="monolyth notify-button pulse"> <button style="margin-right:0;" class="monolyth notify-button pulse">
<img class="icon" src="/images/notifybubble.png"> <img class="icon" src="/images/notifybubble.png">
@@ -96,7 +96,7 @@
<script src="javascript/contextMenu.js"></script> <script src="javascript/contextMenu.js"></script>
<script src="javascript/tableFilter.js"></script> <script src="javascript/tableFilter.js"></script>
<script src="javascript/requiredFields.js"></script> <script src="javascript/requiredFields.js"></script>
<script src="javascript/loadOnce.js"></script> <script src="javascript/uiEvents.js"></script>
<script src="javascript/JSON.js"></script> <script src="javascript/JSON.js"></script>
<script src="javascript/os.js"></script> <script src="javascript/os.js"></script>
<script> <script>

43
public/views/rbac.hbs
View File

@@ -33,7 +33,22 @@ section {
border: 1px solid #ccc; border: 1px solid #ccc;
border-radius: 8px; border-radius: 8px;
margin: 0 2px 2px 0; margin: 0 2px 2px 0;
transition: background var(--times-transition-colors) ease, border-color var(--times-transition-colors) ease, color var(--times-transition-colors) ease;
} }
section:hover {
background: var(--theme-accent-hover-backcolor);
color: var(--theme-accent-hover-color);
border-color:var(--theme-accent-hover-boder-color);
}
section:active {
background: var(--theme-accent-active-backcolor);
color: var(--theme-accent-active-color);
border-color:var(--theme-accent-active-boder-color);
}
section span { section span {
overflow: hidden; overflow: hidden;
white-space: nowrap; white-space: nowrap;
@@ -47,24 +62,22 @@ input {
</head> </head>
<body> <body>
<!-- USERS --> <!-- USERS -->
<div class="container grid" style="grid-template-columns: calc(50% - 8px) calc(50% - 8px);height:100vh;"> <div class="container static" style="height:100vh;max-width:100vw;flex-direction:row;flex-wrap:wrap">
<div class="card"> <div class="card" style="flex:1 1 auto;min-width:300px">
Users <input id="newUserName" placeholder="sAMAccountName" /> <button class="bluebutton" onclick="createUser()">Create User</button> Users <input id="newUserName" placeholder="sAMAccountName" /> <button class="bluebutton" onclick="createUser()">Create User</button>
<div class="table-wrapper fit-table"> <div class="table-wrapper fit-table">
<table id="rbacUsersTable"> <table id="rbacUsersTable" style="height:100%">
<thead> <thead>
<tr> <tr>
<th class="text-align:left"></th> <th class="text-align:left"></th>
<th class="text-align:left">ObjectGUID</th> <th class="text-align:left">ObjectGUID</th>
<th class="text-align:left">sAMAccountName</th> <th class="text-align:left">sAMAccountName</th>
<th class="text-align:center">Rollen</th>
<th class="text-align:center">Gruppen</th>
<th class="text-align:left">Name</th> <th class="text-align:left">Name</th>
<th class="text-align:left">Vorname</th> <th class="text-align:left">Vorname</th>
<th class="text-align:left">Mail</th> <th class="text-align:left">Mail</th>
<th class="text-align:center">Aktiv</th> <th class="text-align:center">Aktiv</th>
<th class="text-align:center">Online</th>
<th class="text-align:center">Rollen</th>
<th class="text-align:center">Gruppen</th>
<th class="text-align:right">Herkunft</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
@@ -75,28 +88,26 @@ input {
</div> </div>
<!-- GROUPS --> <!-- GROUPS -->
<div class="card static" style="flex:1 0 100vw;"> <div class="card" style="min-width:300px;flex:1 1 calc(300px)">
<input id="newGroupName" placeholder="Gruppenname" /> <button class="bluebutton" onclick="createGroup()">Create Group</button> <input id="newGroupName" placeholder="Gruppenname" /> <button class="bluebutton" onclick="createGroup()">Create Group</button>
<div id="rbacGroupContainer"> <div id="rbacGroupContainer">
<span>GRUPPEN WERDEN GELADEN . . .</span> <span>GRUPPEN WERDEN GELADEN . . .</span>
</div> </div>
<input id="newGroupName" placeholder="Group Name" />
<button class="bluebutton" onclick="createGroup()">Create Group</button>
</div> </div>
<!-- ROLES --> <!-- ROLES -->
<div class="card"> <div class="card" style="min-width:300px;flex:1 1 calc(300px)">
<h3>Roles</h3>
<div id="roleList"></div>
<input id="newRoleName" placeholder="Role Name" /> <input id="newRoleName" placeholder="Role Name" />
<button class="bluebutton" onclick="createRole()">Create Role</button> <button class="bluebutton" onclick="createRole()">Create Role</button>
<div id="rbacGroupContainer">
<span>ROLLEN WERDEN GELADEN . . .</span>
</div>
</div> </div>
<!-- PERMISSIONS --> <!-- PERMISSIONS -->
<div class="card"> <div class="card" style="min-width:300px;flex:1 1 auto">
<h3>Permissions</h3> <h3>Permissions</h3>
<input id="permScope" placeholder="Scope" /> <input id="permScope" placeholder="Scope" />

6
src/models/authenticationModel.js
View File

@@ -42,7 +42,7 @@ module.exports = (sequelize) => {
allowNull: true, allowNull: true,
}, },
userAccountControl_ID: { userAccountControl_ID: {
type: DataTypes.STRING, type: DataTypes.INTEGER,
allowNull: true, allowNull: true,
}, },
telephoneNumber: { telephoneNumber: {
@@ -73,6 +73,10 @@ module.exports = (sequelize) => {
type: DataTypes.BOOLEAN, type: DataTypes.BOOLEAN,
allowNull: true, allowNull: true,
}, },
ObjectSource_ID: {
type: DataTypes.INTEGER,
allowNull: true,
}
}, { }, {
tableName: 'Authentication', // Tabellenname in der Datenbank tableName: 'Authentication', // Tabellenname in der Datenbank
timestamps: false, // Falls du keine createdAt/updatedAt Spalten hast timestamps: false, // Falls du keine createdAt/updatedAt Spalten hast

65
src/routes/adminRoutes.js
View File

@@ -2,8 +2,11 @@ const { exec } = require('child_process');
const fs = require('fs'); const fs = require('fs');
const path = require('path'); const path = require('path');
const { localPath, cache, runtimeFile } = require('@root/globalize.js'); const { localPath, cache, runtimeFile } = require('@root/globalize.js');
const { databaseModel } = require('@root/server.js');
const { raw } = require('body-parser');
let rbacUsers, rbacGroups, rbacRoles, rbacPermissions = []; let rbacUsers, rbacGroups, rbacRoles, rbacPermissions = [];
module.exports = { module.exports = {
route(app, service) { route(app, service) {
// JSON configuration abrufen // JSON configuration abrufen
@@ -85,7 +88,7 @@ module.exports = {
result = await service.get('pluginManager').unload(name); result = await service.get('pluginManager').unload(name);
} }
service.get('eventManager').write(null, result.levelId, name, result.message); service.get('eventManager').write(req.cookies.ObjectGUID, result.levelId, name, result.message);
service.get('socketManager').broadcast('/', 'plugin_status', result); service.get('socketManager').broadcast('/', 'plugin_status', result);
res.status(200).json(result); res.status(200).json(result);
}); });
@@ -107,6 +110,18 @@ module.exports = {
} }
}) })
app.get('/api/rbac/auth/details/:guid', async (req, res) => {
try {
const singleAuth = await databaseModel.get('authentication').findOne({ where: { ObjectGUID: req.params.guid }, raw: true });
const { refreshtoken, password, ...rest} = singleAuth
res.json(rest);
} catch (err) {
service.get('eventManager').writeLog(req.cookies.ObjectGUID, 4, 'RBAC', err);
res.status(500).json({ error: err.message });
}
})
app.post('/api/rbac/auth/create', async (req, res) => { app.post('/api/rbac/auth/create', async (req, res) => {
try { try {
if(rbacUsers.map(user => user.sAMAccountName.toLowerCase() ).includes(req.body.sAMAccountName.toLowerCase())) { if(rbacUsers.map(user => user.sAMAccountName.toLowerCase() ).includes(req.body.sAMAccountName.toLowerCase())) {
@@ -114,9 +129,10 @@ module.exports = {
return res.status(400).json({ error: `${req.body.sAMAccountName} existiert bereits` }); return res.status(400).json({ error: `${req.body.sAMAccountName} existiert bereits` });
} }
const user = await service.get('rbacManager').createAuth(req.body); const user = await service.get('rbacManager').createAuth(req.body);
service.get('eventManager').writeLog(req.cookies.ObjectGUID, 0, 'RBAC', `Benutzer ${user.sAMAccountName} [${user.ObjectGUID}] angelegt`);
res.json(user); res.json(user);
} catch (err) { } catch (err) {
service.get('eventManager').writeLog(null, 4, 'RBAC', err.message); service.get('eventManager').writeLog(req.cookies.ObjectGUID, 4, 'RBAC', err.message);
res.status(500).json({ error: err.message }); res.status(500).json({ error: err.message });
} }
}); });
@@ -130,11 +146,18 @@ module.exports = {
} }
}); });
app.delete('/api/rbac/auth/:id', async (req, res) => { app.delete('/api/rbac/auth/:guid', async (req, res) => {
try { try {
await service.get('rbacManager').deleteAuth(req.params.id); const user = await databaseModel.get('authentication').findOne({ where: { ObjectGUID: req.params.guid }, raw: true });
res.json({ ok: true }); if(!user) {
service.get('eventManager').writeLog(req.cookies.ObjectGUID, 2, 'RBAC', `Authentifizierungs-GUID ${req.params.guid} nicht gefunden`);
res.status(400);
}
service.get('eventManager').writeLog(req.cookies.ObjectGUID, 0, 'RBAC', `Benutzer ${user.sAMAccountName} [${user.ObjectGUID}] gelöscht`);
await service.get('rbacManager').deleteAuth(user.ObjectGUID);
res.status(200).json(user);
} catch (err) { } catch (err) {
service.get('eventManager').writeLog(req.cookies.ObjectGUID, 4, 'RBAC', err);
res.status(500).json({ error: err.message }); res.status(500).json({ error: err.message });
} }
}); });
@@ -158,9 +181,10 @@ module.exports = {
return res.status(400).json({ error: `${req.body.name} existiert bereits` }); return res.status(400).json({ error: `${req.body.name} existiert bereits` });
} }
const group = await service.get('rbacManager').createGroup(req.body); const group = await service.get('rbacManager').createGroup(req.body);
service.get('eventManager').writeLog(req.cookies.ObjectGUID, 0, 'RBAC', `Gruppe ${group.Name} [${group.ObjectGUID}] angelegt`);
res.json(group); res.json(group);
} catch (err) { } catch (err) {
service.get('eventManager').writeLog(null, 4, 'RBAC', err.message); service.get('eventManager').writeLog(req.cookies.ObjectGUID, 4, 'RBAC', err.message);
res.status(500).json({ error: err.message }); res.status(500).json({ error: err.message });
} }
}); });
@@ -174,11 +198,18 @@ module.exports = {
} }
}); });
app.delete('/api/rbac/group/:id', async (req, res) => { app.delete('/api/rbac/group/:guid', async (req, res) => {
try { try {
await service.get('rbacManager').deleteGroup(req.params.id); const group = await databaseModel.get('group').findOne({ where: { ObjectGUID: req.params.guid }, raw: true });
res.json({ ok: true }); if(!group) {
service.get('eventManager').writeLog(req.cookies.ObjectGUID, 2, 'RBAC', `Gruppen-GUID ${req.params.guid} nicht gefunden`);
res.status(400);
}
service.get('eventManager').writeLog(req.cookies.ObjectGUID, 0, 'RBAC', `Gruppe ${group.Name} [${group.ObjectGUID}] gelöscht`);
await service.get('rbacManager').deleteGroup(group.ObjectGUID);
res.status(200).json(group);
} catch (err) { } catch (err) {
service.get('eventManager').writeLog(req.cookies.ObjectGUID, 4, 'RBAC', err);
res.status(500).json({ error: err.message }); res.status(500).json({ error: err.message });
} }
}); });
@@ -188,18 +219,26 @@ module.exports = {
// ========================================================= // =========================================================
app.post('/api/rbac/group/add-user', async (req, res) => { app.post('/api/rbac/group/add-user', async (req, res) => {
const { authGuid, groupGuid } = req.body;
const auth = await databaseModel.get('authentication').findOne({ where: { ObjectGUID: authGuid }, raw: true });
const group = await databaseModel.get('group').findOne({ where: { ObjectGUID: groupGuid }, raw: true });
try { try {
const { authId, groupId } = req.body; const result = await service.get('rbacManager').addUserToGroup(authGuid, groupGuid);
await service.get('rbacManager').addUserToGroup(authId, groupId); if(!result) {
service.get('eventManager').writeLog(req.cookies.ObjectGUID, 2, 'RBAC', `Benuzer ${auth.sAMAccountName} [${auth.ObjectGUID}] bereits in Gruppe ${group.Name} [${group.ObjectGUID}]`);
res.status(400).send('Benutzer bereits in Gruppe enthalten');
return;
}
res.json({ ok: true }); res.json({ ok: true });
} catch (err) { } catch (err) {
service.get('eventManager').writeLog(req.cookies.ObjectGUID, 4, 'RBAC', [ `Fehler beim Hinzufügen von ${auth.sAMAccountName} [${auth.ObjectGUID}] in Gruppe ${group.Name} [${group.ObjectGUID}]` ,err ]);
res.status(500).json({ error: err.message }); res.status(500).json({ error: err.message });
} }
}); });
app.post('/api/group/remove-user', async (req, res) => { app.post('/api/group/remove-user', async (req, res) => {
try { try {
const { authId, groupId } = req.body; const { authGuid, groupId } = req.body;
await service.get('rbacManager').removeUserFromGroup(authId, groupId); await service.get('rbacManager').removeUserFromGroup(authId, groupId);
res.json({ ok: true }); res.json({ ok: true });
} catch (err) { } catch (err) {

1
src/routes/indexRoutes.js
View File

@@ -26,7 +26,6 @@ module.exports = {
context.defaultSize = context.defaultSize =
context.menu.items.find(item => item.label == viewLabel)?.defaultSize || context.menu.items.find(item => item.label == viewLabel)?.defaultSize ||
{ width: 800, height: 600 }; { width: 800, height: 600 };
delete context.config; delete context.config;
res.json({ name, view, viewLabel, context, location, size, state, zIndex }); res.json({ name, view, viewLabel, context, location, size, state, zIndex });
}); });

22
src/services/rbacManager.js
View File

@@ -269,7 +269,11 @@ async updateAuth(id, data) {
async deleteAuth(id) { async deleteAuth(id) {
const Auth = this.db.get('authentication'); const Auth = this.db.get('authentication');
const AuthGroups = this.db.get('authenticationGroupsModel');
await AuthGroups.destroy({
where: { Authentication_ObjectGUID: id }
});
return await Auth.destroy({ return await Auth.destroy({
where: { ObjectGUID: id } where: { ObjectGUID: id }
}); });
@@ -301,6 +305,11 @@ async updateGroup(id, data) {
async deleteGroup(id) { async deleteGroup(id) {
const Group = this.db.get('group'); const Group = this.db.get('group');
const AuthGroups = this.db.get('authenticationGroupsModel');
await AuthGroups.destroy({
where: { Group_ObjectGUID: id }
});
return await Group.destroy({ return await Group.destroy({
where: { ObjectGUID: id } where: { ObjectGUID: id }
@@ -311,13 +320,16 @@ async deleteGroup(id) {
// 🔗 AUTH ↔ GROUP RELATION // 🔗 AUTH ↔ GROUP RELATION
// ========================================================= // =========================================================
async addUserToGroup(authId, groupId) { async addUserToGroup(authGuid, groupGuid) {
const AuthGroups = this.db.get('authenticationGroupsModel'); const AuthGroups = this.db.get('authenticationGroupsModel');
if(await AuthGroups.findOne({ where: { Authentication_ObjectGUID: authGuid } })) { // AuthGroups.
return await AuthGroups.create({ return false
Authentication_ObjectGUID: authId, }
Group_ObjectGUID: groupId const group = await AuthGroups.create({
Authentication_ObjectGUID: authGuid,
Group_ObjectGUID: groupGuid
}); });
return group;
} }
async removeUserFromGroup(authId, groupId) { async removeUserFromGroup(authId, groupId) {