Implement updating permissions
This commit is contained in:
parent
b1d02f68a0
commit
e4dc6e3a95
GPG Key ID:
257D284A2A1D3A32
|
|
@ -83,18 +83,24 @@ sendVerificationSecret DBUser {..} = do
|
||||||
sendVerificationEmail secret' pendingEmail' >> pure True
|
sendVerificationEmail secret' pendingEmail' >> pure True
|
||||||
_ -> pure False
|
_ -> pure False
|
||||||
|
|
||||||
updateArgsToData :: (MonadTime m, MonadRandom m, MonadError GQLError m, MonadDB m) =>
|
updateArgsToData :: (MonadTime m, MonadRandom m, MonadError GQLError m, MonadDB m, MonadPermissions m) =>
|
||||||
UpdateArgs -> UserID -> m UpdateData
|
UpdateArgs -> UserID -> m UpdateData
|
||||||
updateArgsToData UpdateArgs {..} user = do
|
updateArgsToData UpdateArgs {..} user = do
|
||||||
when (maybe False T.null name) $ throwError "Name must not be empty"
|
when (maybe False T.null name) $ throwError "Name must not be empty"
|
||||||
when (maybe False T.null password) $ throwError "Password must not be empty"
|
when (maybe False T.null password) $ throwError "Password must not be empty"
|
||||||
when (maybe False T.null homeplace) $ throwError "Homeplace must not be empty"
|
when (maybe False T.null homeplace) $ throwError "Homeplace must not be empty"
|
||||||
isMember <- dbGetUser user >>= liftDBEither >>= fmap isJust . dbUserAccepted
|
requestPermissions <- currentPermissions
|
||||||
|
let permissions' = inputPermissionsToPermissions <$> permissions
|
||||||
|
when (maybe False (> requestPermissions) permissions') $ throwError "Permissions must not be greater than the request's"
|
||||||
|
dbUser <- dbGetUser user >>= liftDBEither
|
||||||
|
isMember <- fmap isJust $ dbUserAccepted $ dbUser
|
||||||
when (isMember && isJust application) $ throwError "Members can't update their applications"
|
when (isMember && isJust application) $ throwError "Members can't update their applications"
|
||||||
passwordHash <- sequence $ hashPassword <$> password
|
passwordHash <- sequence $ hashPassword <$> password
|
||||||
updateTime <- currentTime
|
updateTime <- currentTime
|
||||||
verificationSecret <- genVerificationSecret
|
verificationSecret <- genVerificationSecret
|
||||||
pure UpdateData {..}
|
oldPermissions <- dbUserPermissions dbUser
|
||||||
|
pure UpdateData {permissions = (<> oldPermissions) <$> permissions', ..}
|
||||||
|
-- Map's (and thus Permissions') <> prefers values from the left operand
|
||||||
|
|
||||||
updateUser :: (MonadRandom m, MonadDB m, MonadEmail m,
|
updateUser :: (MonadRandom m, MonadDB m, MonadEmail m,
|
||||||
MonadError GQLError m, MonadTime m, MonadPermissions m) => UserID -> UpdateArgs -> m (User m)
|
MonadError GQLError m, MonadTime m, MonadPermissions m) => UserID -> UpdateArgs -> m (User m)
|
||||||
|
|
@ -204,6 +210,7 @@ data UpdateArgs = UpdateArgs
|
||||||
, nickname :: Maybe Text
|
, nickname :: Maybe Text
|
||||||
, homeplace :: Maybe Text
|
, homeplace :: Maybe Text
|
||||||
, application :: Maybe Text
|
, application :: Maybe Text
|
||||||
|
, permissions :: Maybe [InputScopePermission]
|
||||||
} deriving (Generic, GQLType, Eq, Show)
|
} deriving (Generic, GQLType, Eq, Show)
|
||||||
|
|
||||||
data NewKeyArgs = NewKeyArgs { comment :: Maybe Text, keyData :: Base64, expires :: Maybe Time }
|
data NewKeyArgs = NewKeyArgs { comment :: Maybe Text, keyData :: Base64, expires :: Maybe Time }
|
||||||
|
|
|
||||||
|
|
@ -31,7 +31,10 @@ dbUpdateUser UpdateData {..} = do
|
||||||
, SetUserPhoneNumber <$> phoneNumber
|
, SetUserPhoneNumber <$> phoneNumber
|
||||||
, SetUserApplication <$> application
|
, SetUserApplication <$> application
|
||||||
]
|
]
|
||||||
userUpdates = maybeToList $ (SqlUserPasswordCrypt =.) <$> passwordHash
|
userUpdates = catMaybes
|
||||||
|
[ (SqlUserPasswordCrypt =.) <$> passwordHash
|
||||||
|
, (SqlUserPermissions =.) <$> permissions
|
||||||
|
]
|
||||||
sqlUser <- runQuery $ do
|
sqlUser <- runQuery $ do
|
||||||
Sql.updateUserData user userUpdates memberDataUpdates
|
Sql.updateUserData user userUpdates memberDataUpdates
|
||||||
case email of
|
case email of
|
||||||
|
|
|
||||||
|
|
@ -78,6 +78,7 @@ data UpdateData = UpdateData
|
||||||
, user :: UserID
|
, user :: UserID
|
||||||
, updateTime :: Time
|
, updateTime :: Time
|
||||||
, verificationSecret :: Text
|
, verificationSecret :: Text
|
||||||
|
, permissions :: Maybe Permissions
|
||||||
} deriving (Generic, Eq, Show)
|
} deriving (Generic, Eq, Show)
|
||||||
|
|
||||||
data NewKeyData = NewKeyData
|
data NewKeyData = NewKeyData
|
||||||
|
|
|
||||||
|
|
@ -81,7 +81,7 @@ type Mutation {
|
||||||
apply(email: Email!, phoneNumber: PhoneNumber!, password: String!, name: String!, nickname: String, birthdate: Date!, homeplace: String!, application: String!): User!
|
apply(email: Email!, phoneNumber: PhoneNumber!, password: String!, name: String!, nickname: String, birthdate: Date!, homeplace: String!, application: String!): User!
|
||||||
verifyEmail(secret: String!): Boolean!
|
verifyEmail(secret: String!): Boolean!
|
||||||
resendVerificationEmail(user: UserID): Unit!
|
resendVerificationEmail(user: UserID): Unit!
|
||||||
update(email: Email, phoneNumber: PhoneNumber, password: String, name: String, nickname: String, homeplace: String, application: String, user: UserID): User!
|
update(email: Email, phoneNumber: PhoneNumber, password: String, name: String, nickname: String, homeplace: String, application: String, permissions: [InputScopePermission!], user: UserID): User!
|
||||||
newToken(comment: String, name: String, permissions: [InputScopePermission!]): Token!
|
newToken(comment: String, name: String, permissions: [InputScopePermission!]): Token!
|
||||||
newKey(comment: String, keyData: Base64!, expires: Time): PGPKey!
|
newKey(comment: String, keyData: Base64!, expires: Time): PGPKey!
|
||||||
accept(user: UserID!): Unit!
|
accept(user: UserID!): Unit!
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue