You've already forked obsidian-visualiser
Add page and user monitoring in admin. Add permission editing in administration.
This commit is contained in:
@@ -1,3 +1,50 @@
|
||||
export default defineEventHandler((e) => {
|
||||
return [];
|
||||
import { ne, sql } from 'drizzle-orm';
|
||||
import useDatabase from '~/composables/useDatabase';
|
||||
import { explorerContentTable } from '~/db/schema';
|
||||
import { hasPermissions } from '~/shared/auth.util';
|
||||
|
||||
export default defineEventHandler(async (e) => {
|
||||
const session = await getUserSession(e);
|
||||
|
||||
if(!session || !session.user || !hasPermissions(session.user.permissions, ['admin']))
|
||||
{
|
||||
throw createError({
|
||||
statusCode: 401,
|
||||
message: 'Unauthorized',
|
||||
});
|
||||
}
|
||||
|
||||
const db = useDatabase();
|
||||
const content = db.select({
|
||||
path: explorerContentTable.path,
|
||||
owner: explorerContentTable.owner,
|
||||
title: explorerContentTable.title,
|
||||
type: explorerContentTable.type,
|
||||
size: sql<number>`CASE WHEN ${explorerContentTable.content} IS NULL THEN 0 ELSE length(${explorerContentTable.content}) END`.as('size'),
|
||||
navigable: explorerContentTable.navigable,
|
||||
private: explorerContentTable.private,
|
||||
order: explorerContentTable.order,
|
||||
visit: explorerContentTable.visit,
|
||||
timestamp: explorerContentTable.timestamp,
|
||||
}).from(explorerContentTable).all();
|
||||
|
||||
content.sort((a, b) => {
|
||||
return a.path.split('/').length - b.path.split('/').length;
|
||||
});
|
||||
|
||||
for(let i = 0; i < content.length; i++)
|
||||
{
|
||||
const path = content[i].path.substring(0, content[i].path.lastIndexOf('/'));
|
||||
if(path !== '')
|
||||
{
|
||||
const parent = content.find(e => e.path === path);
|
||||
|
||||
if(parent)
|
||||
{
|
||||
content[i].private = content[i].private || parent.private;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return content.filter(e => e.type !== 'folder');
|
||||
})
|
||||
55
server/api/admin/user/[id]/permissions.post.ts
Normal file
55
server/api/admin/user/[id]/permissions.post.ts
Normal file
@@ -0,0 +1,55 @@
|
||||
import { hasPermissions } from "~/shared/auth.util";
|
||||
import useDatabase from '~/composables/useDatabase';
|
||||
import { and, eq, notInArray } from "drizzle-orm";
|
||||
import { z } from "zod";
|
||||
import { userPermissionsTable } from "~/db/schema";
|
||||
|
||||
const schema = z.array(z.string());
|
||||
|
||||
export default defineEventHandler(async (e) => {
|
||||
const session = await getUserSession(e);
|
||||
|
||||
if(!session || !session.user || !hasPermissions(session.user.permissions, ['admin']))
|
||||
{
|
||||
throw createError({
|
||||
statusCode: 401,
|
||||
message: 'Unauthorized',
|
||||
});
|
||||
}
|
||||
|
||||
const param = getRouterParam(e, 'id');
|
||||
|
||||
if(!param)
|
||||
{
|
||||
throw createError({
|
||||
statusCode: 403,
|
||||
message: 'Forbidden',
|
||||
});
|
||||
}
|
||||
|
||||
const body = await readValidatedBody(e, schema.safeParse);
|
||||
|
||||
if(!body.success)
|
||||
{
|
||||
throw createError({
|
||||
statusCode: 403,
|
||||
message: 'Forbidden',
|
||||
});
|
||||
}
|
||||
|
||||
try {
|
||||
const id = parseInt(param, 10);
|
||||
|
||||
const db = useDatabase();
|
||||
const permissions = body.data.map(e => ({ id: id, permission: e }));
|
||||
|
||||
db.transaction((tx) => {
|
||||
tx.delete(userPermissionsTable).where(eq(userPermissionsTable.id, id)).run();
|
||||
tx.insert(userPermissionsTable).values(permissions).run();
|
||||
});
|
||||
} catch(e) {
|
||||
console.error(e);
|
||||
|
||||
throw e;
|
||||
}
|
||||
});
|
||||
@@ -1,3 +1,34 @@
|
||||
export default defineEventHandler((e) => {
|
||||
return [];
|
||||
import { sql } from 'drizzle-orm';
|
||||
import useDatabase from '~/composables/useDatabase';
|
||||
import { userSessionsTable } from '~/db/schema';
|
||||
import { hasPermissions } from '~/shared/auth.util';
|
||||
|
||||
export default defineEventHandler(async (e) => {
|
||||
const session = await getUserSession(e);
|
||||
|
||||
if(!session || !session.user || !hasPermissions(session.user.permissions, ['admin']))
|
||||
{
|
||||
throw createError({
|
||||
statusCode: 401,
|
||||
message: 'Unauthorized',
|
||||
});
|
||||
}
|
||||
|
||||
const db = useDatabase();
|
||||
return db.query.usersTable.findMany({
|
||||
columns: {
|
||||
email: false,
|
||||
hash: false,
|
||||
},
|
||||
with: {
|
||||
data: true,
|
||||
permission: true,
|
||||
session: {
|
||||
columns: {
|
||||
timestamp: false,
|
||||
user_id: false,
|
||||
}
|
||||
}
|
||||
}
|
||||
}).sync();
|
||||
})
|
||||
Reference in New Issue
Block a user