2018-07-06 09:38:25 +02:00
|
|
|
import { Injectable } from '@angular/core';
|
2018-07-12 14:11:31 +02:00
|
|
|
import { HttpClient } from '@angular/common/http';
|
2019-01-31 13:40:27 +01:00
|
|
|
|
|
|
|
import { Observable, BehaviorSubject } from 'rxjs';
|
|
|
|
|
2018-07-12 14:11:31 +02:00
|
|
|
import { OpenSlidesComponent } from 'app/openslides.component';
|
2018-07-23 16:42:17 +02:00
|
|
|
import { Group } from 'app/shared/models/users/group';
|
2018-08-22 11:26:53 +02:00
|
|
|
import { User } from '../../shared/models/users/user';
|
2018-08-23 16:49:51 +02:00
|
|
|
import { environment } from 'environments/environment';
|
2018-09-13 14:40:04 +02:00
|
|
|
import { DataStoreService } from './data-store.service';
|
2018-10-26 10:23:14 +02:00
|
|
|
import { OfflineService } from './offline.service';
|
2018-07-06 09:38:25 +02:00
|
|
|
|
2018-08-28 11:07:10 +02:00
|
|
|
/**
|
|
|
|
* Permissions on the client are just strings. This makes clear, that
|
|
|
|
* permissions instead of arbitrary strings should be given.
|
|
|
|
*/
|
|
|
|
export type Permission = string;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Response format of the WHoAMI request.
|
|
|
|
*/
|
2018-10-26 10:23:14 +02:00
|
|
|
export interface WhoAmIResponse {
|
2018-08-28 11:07:10 +02:00
|
|
|
user_id: number;
|
|
|
|
guest_enabled: boolean;
|
|
|
|
user: User;
|
|
|
|
}
|
|
|
|
|
2018-07-12 14:11:31 +02:00
|
|
|
/**
|
|
|
|
* The operator represents the user who is using OpenSlides.
|
|
|
|
*
|
|
|
|
* Changes in operator can be observed, directives do so on order to show
|
|
|
|
* or hide certain information.
|
|
|
|
*
|
|
|
|
* The operator is an {@link OpenSlidesComponent}.
|
|
|
|
*/
|
2018-07-06 09:38:25 +02:00
|
|
|
@Injectable({
|
|
|
|
providedIn: 'root'
|
|
|
|
})
|
2018-07-12 14:11:31 +02:00
|
|
|
export class OperatorService extends OpenSlidesComponent {
|
|
|
|
/**
|
2018-08-28 11:07:10 +02:00
|
|
|
* The operator.
|
2018-07-12 14:11:31 +02:00
|
|
|
*/
|
2018-08-28 11:07:10 +02:00
|
|
|
private _user: User;
|
2018-07-06 09:38:25 +02:00
|
|
|
|
2018-07-12 14:11:31 +02:00
|
|
|
/**
|
2018-08-28 11:07:10 +02:00
|
|
|
* Get the user that corresponds to operator.
|
2018-07-12 14:11:31 +02:00
|
|
|
*/
|
2018-08-29 13:21:25 +02:00
|
|
|
public get user(): User {
|
2018-08-28 11:07:10 +02:00
|
|
|
return this._user;
|
2018-07-06 09:38:25 +02:00
|
|
|
}
|
|
|
|
|
2018-07-12 14:11:31 +02:00
|
|
|
/**
|
2018-08-28 11:07:10 +02:00
|
|
|
* Sets the current operator.
|
|
|
|
*
|
|
|
|
* The permissions are updated and the new user published.
|
2018-07-12 14:11:31 +02:00
|
|
|
*/
|
2018-08-29 13:21:25 +02:00
|
|
|
public set user(user: User) {
|
2018-08-28 11:07:10 +02:00
|
|
|
this._user = user;
|
|
|
|
this.updatePermissions();
|
2018-07-06 09:38:25 +02:00
|
|
|
}
|
|
|
|
|
2018-10-16 12:41:46 +02:00
|
|
|
public get isAnonymous(): boolean {
|
|
|
|
return !this.user || this.user.id === 0;
|
|
|
|
}
|
|
|
|
|
2018-07-12 14:11:31 +02:00
|
|
|
/**
|
2018-08-28 11:07:10 +02:00
|
|
|
* Save, if quests are enabled.
|
2018-07-12 14:11:31 +02:00
|
|
|
*/
|
2018-08-28 11:07:10 +02:00
|
|
|
public guestsEnabled: boolean;
|
2018-07-06 09:38:25 +02:00
|
|
|
|
2018-07-12 14:11:31 +02:00
|
|
|
/**
|
2018-08-28 11:07:10 +02:00
|
|
|
* The permissions of the operator. Updated via {@method updatePermissions}.
|
2018-07-12 14:11:31 +02:00
|
|
|
*/
|
2018-08-28 11:07:10 +02:00
|
|
|
private permissions: Permission[] = [];
|
2018-07-06 09:38:25 +02:00
|
|
|
|
2018-07-12 14:11:31 +02:00
|
|
|
/**
|
2018-08-28 11:07:10 +02:00
|
|
|
* The subject that can be observed by other instances using observing functions.
|
2018-07-12 14:11:31 +02:00
|
|
|
*/
|
2018-09-07 13:12:59 +02:00
|
|
|
private operatorSubject: BehaviorSubject<User> = new BehaviorSubject<User>(null);
|
2018-07-06 09:38:25 +02:00
|
|
|
|
2018-07-12 14:11:31 +02:00
|
|
|
/**
|
2018-10-26 10:23:14 +02:00
|
|
|
* Sets up an observer for watching changes in the DS. If the operator user or groups are changed,
|
|
|
|
* the operator's permissions are updated.
|
|
|
|
*
|
2018-08-28 11:07:10 +02:00
|
|
|
* @param http HttpClient
|
2018-10-26 10:23:14 +02:00
|
|
|
* @param DS
|
|
|
|
* @param offlineService
|
2018-07-12 14:11:31 +02:00
|
|
|
*/
|
2018-10-26 10:23:14 +02:00
|
|
|
public constructor(private http: HttpClient, private DS: DataStoreService, private offlineService: OfflineService) {
|
2018-08-28 11:07:10 +02:00
|
|
|
super();
|
2018-07-06 09:38:25 +02:00
|
|
|
|
2018-09-07 12:51:16 +02:00
|
|
|
this.DS.changeObservable.subscribe(newModel => {
|
2018-08-28 11:07:10 +02:00
|
|
|
if (this._user) {
|
|
|
|
if (newModel instanceof Group) {
|
|
|
|
this.updatePermissions();
|
|
|
|
}
|
2018-08-22 11:26:53 +02:00
|
|
|
|
2018-08-28 11:07:10 +02:00
|
|
|
if (newModel instanceof User && this._user.id === newModel.id) {
|
|
|
|
this._user = newModel;
|
|
|
|
this.updatePermissions();
|
|
|
|
}
|
|
|
|
} else if (newModel instanceof Group && newModel.id === 1) {
|
|
|
|
// Group 1 (default) for anonymous changed
|
|
|
|
this.updatePermissions();
|
2018-08-22 11:26:53 +02:00
|
|
|
}
|
2018-07-06 09:38:25 +02:00
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2018-07-12 14:11:31 +02:00
|
|
|
/**
|
2018-08-28 11:07:10 +02:00
|
|
|
* Calls `/apps/users/whoami` to find out the real operator.
|
2018-10-26 10:23:14 +02:00
|
|
|
* @returns The response of the WhoAmI request.
|
2018-07-12 14:11:31 +02:00
|
|
|
*/
|
2018-10-26 10:23:14 +02:00
|
|
|
public async whoAmI(): Promise<WhoAmIResponse> {
|
|
|
|
try {
|
|
|
|
const response = await this.http.get<WhoAmIResponse>(environment.urlPrefix + '/users/whoami/').toPromise();
|
|
|
|
if (response && response.user) {
|
|
|
|
this.user = new User(response.user);
|
|
|
|
}
|
|
|
|
return response;
|
|
|
|
} catch (e) {
|
|
|
|
// TODO: Implement the offline service. Currently a guest-whoami response is returned and
|
|
|
|
// the DS cleared.
|
|
|
|
this.offlineService.goOfflineBecauseFailedWhoAmI();
|
|
|
|
return this.offlineService.getLastWhoAmI();
|
|
|
|
}
|
2018-07-06 09:38:25 +02:00
|
|
|
}
|
|
|
|
|
2018-07-12 14:11:31 +02:00
|
|
|
/**
|
2018-08-28 11:07:10 +02:00
|
|
|
* Returns the operatorSubject as an observable.
|
2018-07-12 14:11:31 +02:00
|
|
|
*
|
|
|
|
* Services an components can use it to get informed when something changes in
|
|
|
|
* the operator
|
|
|
|
*/
|
2018-09-07 13:12:59 +02:00
|
|
|
public getObservable(): Observable<User> {
|
2018-07-06 09:38:25 +02:00
|
|
|
return this.operatorSubject.asObservable();
|
|
|
|
}
|
|
|
|
|
2018-07-12 14:11:31 +02:00
|
|
|
/**
|
2018-08-28 11:07:10 +02:00
|
|
|
* Checks, if the operator has at least one of the given permissions.
|
2018-09-18 18:27:14 +02:00
|
|
|
* @param checkPerms The permissions to check, if at least one matches.
|
2018-07-12 14:11:31 +02:00
|
|
|
*/
|
2018-09-18 18:27:14 +02:00
|
|
|
public hasPerms(...checkPerms: Permission[]): boolean {
|
2018-10-09 13:44:38 +02:00
|
|
|
if (this._user && this._user.groups_id.includes(2)) {
|
|
|
|
return true;
|
|
|
|
}
|
2018-09-18 18:27:14 +02:00
|
|
|
return checkPerms.some(permission => {
|
|
|
|
return this.permissions.includes(permission);
|
2018-08-28 11:07:10 +02:00
|
|
|
});
|
2018-07-06 09:38:25 +02:00
|
|
|
}
|
|
|
|
|
2018-10-16 12:41:46 +02:00
|
|
|
/**
|
|
|
|
* Returns true, if the operator is in at least one group or he is in the admin group.
|
|
|
|
* @param groups The groups to check
|
|
|
|
*/
|
|
|
|
public isInGroup(...groups: Group[]): boolean {
|
|
|
|
return this.isInGroupIds(...groups.map(group => group.id));
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Returns true, if the operator is in at least one group or he is in the admin group.
|
|
|
|
* @param groups The group ids to check
|
|
|
|
*/
|
|
|
|
public isInGroupIds(...groupIds: number[]): boolean {
|
|
|
|
if (!this.user) {
|
|
|
|
return groupIds.includes(1); // any anonymous is in the default group.
|
|
|
|
}
|
|
|
|
if (this.user.groups_id.includes(2)) {
|
|
|
|
// An admin has all perms and is technically in every group.
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return groupIds.some(id => this.user.groups_id.includes(id));
|
|
|
|
}
|
|
|
|
|
2018-07-12 14:11:31 +02:00
|
|
|
/**
|
2018-08-28 11:07:10 +02:00
|
|
|
* Update the operators permissions and publish the operator afterwards.
|
2018-07-12 14:11:31 +02:00
|
|
|
*/
|
2018-08-28 11:07:10 +02:00
|
|
|
private updatePermissions(): void {
|
|
|
|
this.permissions = [];
|
2019-01-31 11:15:21 +01:00
|
|
|
// Anonymous or users in the default group.
|
|
|
|
if (!this.user || this.user.groups_id.length === 0) {
|
2018-09-10 08:57:53 +02:00
|
|
|
const defaultGroup = this.DS.get<Group>('users/group', 1);
|
2018-08-28 11:07:10 +02:00
|
|
|
if (defaultGroup && defaultGroup.permissions instanceof Array) {
|
|
|
|
this.permissions = defaultGroup.permissions;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
const permissionSet = new Set();
|
2018-09-13 14:40:04 +02:00
|
|
|
this.DS.getMany(Group, this.user.groups_id).forEach(group => {
|
2018-08-28 11:07:10 +02:00
|
|
|
group.permissions.forEach(permission => {
|
|
|
|
permissionSet.add(permission);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
this.permissions = Array.from(permissionSet.values());
|
2018-07-06 09:38:25 +02:00
|
|
|
}
|
2018-08-28 11:07:10 +02:00
|
|
|
// publish changes in the operator.
|
|
|
|
this.operatorSubject.next(this.user);
|
2018-08-22 11:26:53 +02:00
|
|
|
}
|
2018-07-06 09:38:25 +02:00
|
|
|
}
|