v3: added a roles/permissions system, added user management tab on user profile
All checks were successful
Build and Publish Docker Image / build-and-push (push) Successful in 42s

This commit is contained in:
khannurien
2026-06-28 06:21:23 +00:00
parent b567e390d9
commit 810faaf21a
22 changed files with 341 additions and 60 deletions

View File

@@ -4,13 +4,18 @@ import {
APIErrorCode,
APIException,
isLoginUserRequest,
isRole,
isUpdateUserRequest,
type PaginatedData,
validateRegisterUserRequest,
} from "../model/interfaces.ts";
import { createJWT, verifyPassword } from "../lib/jwt.ts";
import { type AuthContext, authMiddleware } from "../middleware/auth.ts";
import {
type AuthContext,
authMiddleware,
requirePermission,
} from "../middleware/auth.ts";
import { parseOptionalAuth } from "../lib/auth.ts";
import { parsePagination } from "../lib/pagination.ts";
import {
@@ -86,7 +91,7 @@ router.post("/register", async (ctx) => {
const authToken = await createJWT({
userId: user.id,
username: user.username,
isAdmin: user.isAdmin,
role: user.role,
});
const { passwordHash: _, ...publicUser } = user;
@@ -124,7 +129,7 @@ router.post("/login", async (ctx) => {
const token = await createJWT({
userId: user.id,
username: user.username,
isAdmin: user.isAdmin,
role: user.role,
});
const { passwordHash: _, ...publicUser } = user;
@@ -250,12 +255,42 @@ router.patch("/me", authMiddleware, async (ctx: AuthContext) => {
"Invalid request",
);
}
const updated = await updateUser(ctx.state.user.userId, body);
// Self-service profile updates must never set the role. Role assignment is
// done out-of-band (DB/seed); stripping it here prevents self-promotion.
const { role: _role, ...safeBody } = body;
const updated = await updateUser(ctx.state.user.userId, safeBody);
const { passwordHash: _, email: _email, ...publicUser } = updated;
broadcastUserUpdated(publicUser);
ctx.response.body = { success: true, data: publicUser };
});
// Set another user's role. Requires the user:manage permission.
router.patch(
"/:userId/role",
authMiddleware,
requirePermission("user:manage"),
async (ctx: AuthContext<"/:userId/role">) => {
const body = await ctx.request.body.json();
const role: unknown = body?.role;
if (!isRole(role)) {
throw new APIException(APIErrorCode.VALIDATION_ERROR, 400, "Invalid role");
}
// Disallow changing your own role: prevents an admin from accidentally
// locking themselves out, and self-promotion is meaningless anyway.
if (ctx.params.userId === ctx.state.user.userId) {
throw new APIException(
APIErrorCode.VALIDATION_ERROR,
400,
"Cannot change your own role",
);
}
const updated = await updateUser(ctx.params.userId, { role });
const { passwordHash: _, email: _email, ...publicUser } = updated;
broadcastUserUpdated(publicUser);
ctx.response.body = { success: true, data: publicUser };
},
);
// User search for @mention autocomplete
router.get("/search", (ctx) => {
const q = (ctx.request.url.searchParams.get("q") ?? "").trim();