Marmelator/red-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1.4k Wiki Activity

RED-4661 - RED_USER_ADMIN should not be able to delete RED_ADMINs

Browse Source
This commit is contained in:
Valentin Mihai 2022-07-18 19:20:22 +03:00
parent 16b781318c
commit 2a72f3a4d9
2 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/red-ui/src/app/modules/admin/screens/user-listing/user-listing-screen.component.html
View File

@ -73,7 +73,7 @@
<iqser-circle-button
(action)="openDeleteUsersDialog([user.id], $event)"
[disabled]="user.id === userService.currentUser.id"
[disabled]="deleteDisabled(user)"
[tooltip]="'user-listing.action.delete' | translate"
[type]="circleButtonTypes.dark"
icon="iqser:trash"

16
apps/red-ui/src/app/modules/admin/screens/user-listing/user-listing-screen.component.ts
View File

@ -43,7 +43,7 @@ export class UserListingScreenComponent extends ListingComponent<User> implement
readonly translations = rolesTranslations;
readonly iconButtonTypes = IconButtonTypes;
readonly circleButtonTypes = CircleButtonTypes;
readonly currentUser = this.userService.currentUser;
readonly currentUser = this._userService.currentUser;
readonly canDeleteSelected$ = this.#canDeleteSelected$;
readonly tableHeaderLabel = _('user-listing.table-header.title');
readonly tableColumnConfigs: TableColumnConfig<User>[] = [
@ -58,14 +58,14 @@ export class UserListingScreenComponent extends ListingComponent<User> implement
action: (): void => this.openAddEditUserDialog(),
type: IconButtonTypes.primary,
icon: 'iqser:plus',
disabled$: this.userService.currentUser$.pipe(map(user => !user.isAdmin)),
disabled$: this._userService.currentUser$.pipe(map(user => !user.isAdmin)),
},
];
collapsedDetails = false;
chartConfig: DonutChartConfig[] = [];
constructor(
readonly userService: UserService,
private readonly _userService: UserService,
private readonly _loadingService: LoadingService,
private readonly _dialogService: AdminDialogService,
private readonly _translateService: TranslateService,
@ -110,7 +110,7 @@ export class UserListingScreenComponent extends ListingComponent<User> implement
async toggleActive(user: User) {
this._loadingService.start();
const requestBody = { ...user, roles: user.isActive ? [] : ['RED_USER'] };
await firstValueFrom(this.userService.updateProfile(requestBody, user.id));
await firstValueFrom(this._userService.updateProfile(requestBody, user.id));
await this.#loadData();
}
@ -119,7 +119,7 @@ export class UserListingScreenComponent extends ListingComponent<User> implement
}
async #loadData() {
await firstValueFrom(this.userService.loadAll());
await firstValueFrom(this._userService.loadAll());
this.#computeStats();
this._loadingService.stop();
}
@ -145,4 +145,10 @@ export class UserListingScreenComponent extends ListingComponent<User> implement
};
this.filterService.addFilterGroups([roleFiltersGroup]);
}
deleteDisabled(user: User): boolean {
const userAdmin = user.roles.includes('RED_ADMIN');
const currentUserAdmin = this._userService.currentUser.roles.includes('RED_ADMIN');
return user.id === this._userService.currentUser.id || (userAdmin && !currentUserAdmin);
}
}