update Do 5. Mär 22:01:01 CET 2020
This commit is contained in:
Robert Richter
parent
b34ed2f8eb
commit
93784d4f50
@ -123,17 +123,17 @@ module.exports = function(app, app_cfg, db, async, bcrypt, passport, io) {
|
||||
// if(err)
|
||||
if (row) {
|
||||
req.flash('errorMessage', "Es existiert bereits ein Benutzer mit diesem Namen!");
|
||||
res.redirect('/edit_users');
|
||||
res.redirect('/adm_edit_users');
|
||||
} else {
|
||||
bcrypt.hash(req.body.password, app_cfg.global.saltRounds, function(err, hash) {
|
||||
db.run('INSERT INTO waip_users ( user, password, permissions, ip_address ) VALUES( ?, ?, ?, ? )', req.body.username, hash, req.body.permissions, req.body.ip, function(err) {
|
||||
// if(err)
|
||||
if (this.lastID) {
|
||||
req.flash('successMessage', "Neuer Benutzer wurde angelegt.");
|
||||
res.redirect('/edit_users');
|
||||
res.redirect('/adm_edit_users');
|
||||
} else {
|
||||
req.flash('errorMessage', "Da ist etwas schief gegangen...");
|
||||
res.redirect('/edit_users');
|
||||
res.redirect('/adm_edit_users');
|
||||
}
|
||||
});
|
||||
});
|
||||
@ -144,14 +144,14 @@ module.exports = function(app, app_cfg, db, async, bcrypt, passport, io) {
|
||||
function deleteUser(req, res) {
|
||||
if (req.user.id == req.body.id) {
|
||||
req.flash('errorMessage', "Sie können sich nicht selbst löschen!");
|
||||
res.redirect('/edit_users');
|
||||
res.redirect('/adm_edit_users');
|
||||
} else {
|
||||
db.run('DELETE FROM waip_users WHERE id = ?', req.body.id, function(err) {
|
||||
if (err) {
|
||||
//...
|
||||
} else {
|
||||
req.flash('successMessage', "Benutzer \'" + req.body.username + "\' wurde gelöscht!");
|
||||
res.redirect('/edit_users');
|
||||
res.redirect('/adm_edit_users');
|
||||
}
|
||||
});
|
||||
};
|
||||
@ -195,15 +195,15 @@ module.exports = function(app, app_cfg, db, async, bcrypt, passport, io) {
|
||||
//...
|
||||
console.log(err);
|
||||
req.flash('errorMessage', "Da ist etwas schief gegangen...");
|
||||
res.redirect('/edit_users');
|
||||
res.redirect('/adm_edit_users');
|
||||
} else {
|
||||
req.flash('successMessage', "Benutzer aktualisiert.");
|
||||
res.redirect('/edit_users');
|
||||
res.redirect('/adm_edit_users');
|
||||
}
|
||||
});
|
||||
} else {
|
||||
req.flash('errorMessage', "Da ist etwas schief gegangen...");
|
||||
res.redirect('/edit_users');
|
||||
res.redirect('/adm_edit_users');
|
||||
}
|
||||
});
|
||||
};
|
||||
|
||||
@ -170,6 +170,23 @@ module.exports = function(app, sql, uuidv4, app_cfg, passport, auth, waip, udp)
|
||||
var waip_uuid = req.params.waip_uuid;
|
||||
sql.db_get_einsatzdaten_by_uuid(waip_uuid, function(einsatzdaten) {
|
||||
if (einsatzdaten) {
|
||||
|
||||
|
||||
|
||||
sql.db_check_permission(req.user, einsatzdaten.id, function(valid) {
|
||||
//console.log(permissions + ' ' + wachen_nr);
|
||||
//if (permissions == wachen_nr || permissions == 'admin') {} else {
|
||||
if (!valid) {
|
||||
//einsatzdaten.objekt = '';
|
||||
einsatzdaten.besonderheiten = 'nicht angemeldet';
|
||||
//einsatzdaten.strasse = '';
|
||||
//einsatzdaten.wgs84_x = einsatzdaten.wgs84_x.substring(0, einsatzdaten.wgs84_x.indexOf('.') + 3);
|
||||
//einsatzdaten.wgs84_y = einsatzdaten.wgs84_y.substring(0, einsatzdaten.wgs84_y.indexOf('.') + 3);
|
||||
};
|
||||
|
||||
|
||||
|
||||
|
||||
res.render('rmld', {
|
||||
public: app_cfg.public,
|
||||
title: 'Einsatz-Rückmeldung',
|
||||
@ -178,6 +195,7 @@ module.exports = function(app, sql, uuidv4, app_cfg, passport, auth, waip, udp)
|
||||
error: req.flash("errorMessage"),
|
||||
success: req.flash("successMessage")
|
||||
});
|
||||
});
|
||||
} else {
|
||||
var err = new Error('Der angefragte Einsatz ist nicht - oder nicht mehr - vorhanden!');
|
||||
err.status = 404;
|
||||
|
||||
@ -492,11 +492,9 @@ module.exports = function(db, uuidv4, app_cfg) {
|
||||
});
|
||||
};
|
||||
|
||||
function db_check_permission(permissions, waip_id, callback) {
|
||||
if (permissions === undefined) {
|
||||
callback && callback(false);
|
||||
} else {
|
||||
if (permissions == 'admin') {
|
||||
function db_check_permission(user, waip_id, callback) {
|
||||
if (user && user.permissions) {
|
||||
if (user.permissions == 'admin') {
|
||||
callback && callback(true);
|
||||
} else {
|
||||
//permissions -> 52,62,6690,....
|
||||
@ -504,7 +502,7 @@ module.exports = function(db, uuidv4, app_cfg) {
|
||||
left join waip_wachen wa on wa.id = em.waip_wachen_ID
|
||||
where waip_einsaetze_ID = ?`, [waip_id], function(err, row) {
|
||||
if (err == null && row) {
|
||||
var permission_arr = permissions.split(",");
|
||||
var permission_arr = user.permissions.split(",");
|
||||
var wachen_arr = row.wache.split(",");
|
||||
const found = permission_arr.some(r => row.wache.search(RegExp(',' + r + '|\\b' + r)) >= 0);
|
||||
if (found) {
|
||||
@ -517,6 +515,8 @@ module.exports = function(db, uuidv4, app_cfg) {
|
||||
};
|
||||
});
|
||||
};
|
||||
} else {
|
||||
callback && callback(false);
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
@ -36,8 +36,8 @@ module.exports = function(io, sql, async, app_cfg) {
|
||||
sql.db_get_einsatzdaten(waip_id, wachen_nr, io.sockets.sockets[socket_id].request.user.id, function(einsatzdaten) {
|
||||
if (einsatzdaten) {
|
||||
// Berechtigung ueberpruefen
|
||||
var permissions = io.sockets.sockets[socket_id].request.user.permissions;
|
||||
sql.db_check_permission(permissions, waip_id, function(valid) {
|
||||
var user = io.sockets.sockets[socket_id].request.user;
|
||||
sql.db_check_permission(user, waip_id, function(valid) {
|
||||
//console.log(permissions + ' ' + wachen_nr);
|
||||
//if (permissions == wachen_nr || permissions == 'admin') {} else {
|
||||
if (!valid) {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user