root can create users and read all users

chaostreff-flensburg · Jan 4, 2024 · 5a3c3fb · 5a3c3fb
1 parent 6f9cba8
commit 5a3c3fb
Show file tree

Hide file tree

Showing 8 changed files with 140 additions and 58 deletions.
diff --git a/backend/app/Http/Controllers/UserController.php b/backend/app/Http/Controllers/UserController.php
@@ -10,6 +10,16 @@
 
 class UserController extends Controller
 {
+    public function index(){
+        if (!Auth::check()){
+            abort(403);
+        }
+        if(Auth::user()->username != "root"){
+            abort(403);
+        }
+        return User::all();
+    }
+
     public function me(){
         if (!Auth::check()){
             abort(403);
@@ -29,6 +39,23 @@ public function update(User $user, Request $request){
         $user->save();
         return $user;
     }
+
+
+    public function create(Request $request){
+        if (!Auth::check()){
+            abort(403);
+        }
+        if(Auth::user()->username != "root"){
+            abort(403);
+        }
+        $user = new User();
+        $user->username = $request->username;
+        $user->email = $request->email;
+        $user->password = Hash::make($request->password);
+        $user->save();
+        return $user;
+    }
+
     public function updatePassword(User $user, Request $request){
         if (!Auth::check()){
             abort(403);

diff --git a/backend/database/seeders/DatabaseSeeder.php b/backend/database/seeders/DatabaseSeeder.php
@@ -14,18 +14,12 @@ class DatabaseSeeder extends Seeder
      */
     public function run(): void
     {
+
         $rootUser = new User();
         $rootUser->username = 'root';
         $rootUser->email = '[email protected]';
         $rootUser->password = Hash::make('password');
         $rootUser->email_verified_at = now();
         $rootUser->save();
-
-        $rootUser = new User();
-        $rootUser->username = 'scammo';
-        $rootUser->email = '[email protected]';
-        $rootUser->password = Hash::make('test123');
-        $rootUser->email_verified_at = now();
-        $rootUser->save();
     }
 }
diff --git a/backend/routes/api.php b/backend/routes/api.php
@@ -33,5 +33,7 @@
 
 
 Route::get('user', [\App\Http\Controllers\UserController::class, 'me']);
+Route::get('users', [\App\Http\Controllers\UserController::class, 'index']);
+Route::post('user', [\App\Http\Controllers\UserController::class, 'create']);
 Route::post('user/{user}', [\App\Http\Controllers\UserController::class, 'update']);
 Route::post('user/{user}/password', [\App\Http\Controllers\UserController::class, 'updatePassword']);
diff --git a/frontend/src/components/Header.vue b/frontend/src/components/Header.vue
@@ -1,12 +1,11 @@
 <script setup>
-import { useRoute, useRouter } from "vue-router";
+import { useRouter } from "vue-router";
 import { setLogout } from '../lib/api'
 import lf from "localforage";
 import Menubar from "primevue/menubar";
 import Button from "primevue/button";
 
 const router = useRouter();
-const route = useRoute();
 
 const logout = async () => {
   await lf.clear();
@@ -34,7 +33,7 @@ const items = [
 <template>
   <header>
     <Menubar :model="items">
-      <template #start> #CCS Pretty Good Propopsal </template>
+      <template #start> Pretty Good Propopsal V2 </template>
       <template #end>
         <Button label="Logout" @click="logout" />
       </template>

diff --git a/frontend/src/router/index.js b/frontend/src/router/index.js
@@ -11,7 +11,7 @@ import Profile from "../views/orga/Profile.vue";
 import Faq from "../views/orga/Faq.vue";
 import Error from "../views/Error.vue";
 
-import RootTracks from '../views/orga/RootTracks.vue';
+import Root from '../views/orga/Root.vue';
 
 const router = createRouter({
   history: createWebHashHistory(),
@@ -75,9 +75,12 @@ const router = createRouter({
           },
         },
         {
-          path: "/root/tracks",
+          path: "/orga/root",
           name: "tracks",
-          component: RootTracks,
+          component: Root,
+          meta: {
+            requiresAuth: true,
+          },
         },
       ],
     },

diff --git a/frontend/src/views/orga/Profile.vue b/frontend/src/views/orga/Profile.vue
@@ -73,7 +73,7 @@ loadUser()
       <InputText class="w-full" v-model="email" type="email" required />
     </div>
     <div class="field">
-      <label>Benutzer (andere Benutzer aus dem selben Track können diesen sehen)</label>
+      <label>Benutzername (andere Benutzer aus dem selben Track können diesen sehen)</label>
       <InputText class="w-full" v-model="username" type="text" required />
     </div>
     <Button :disabled="loading" type="submit" label="Speichern" />

diff --git a/frontend/src/views/orga/Root.vue b/frontend/src/views/orga/Root.vue
@@ -0,0 +1,101 @@
+<script setup>
+import { ref } from "vue";
+import { client } from "../../lib/api";
+import CreateTrack from "../../components/CreateTrack.vue";
+import InputText from "primevue/inputtext";
+import Button from "primevue/button";
+
+const tracks = ref([])
+const users = ref([])
+const usernameInput = ref([])
+
+const email = ref("")
+const username = ref("")
+const password = ref("")
+
+const loadTracks = async () => {
+    const response = await client.get('tracks')
+    tracks.value = response.data
+}
+const loadUsers = async () => {
+    const response = await client.get('users')
+    users.value = response.data
+}
+const addUserToTrack = async (track_id) => {
+    const response = await client.post('track/users', {
+        username: usernameInput.value[track_id],
+        track_id: track_id
+    })
+    console.log(response)
+    if (response.status === 200) {
+        alert('Benutzer wurde hinzugefügt')
+    } else {
+        alert('Benutzer konnte nicht hinzugefügt werden')
+    }
+    usernameInput.value[track_id] = ''
+}
+const onSubmitNewUser = async () => {
+    const response = await client.post('user', {
+        email: email.value,
+        username: username.value,
+        password: password.value
+    })
+    console.log(response)
+    if (response.status === 201) {
+        alert('Benutzer wurde erstellt')
+    } else {
+        alert('Benutzer konnte nicht erstellt werden')
+    }
+    email.value = ''
+    username.value = ''
+    password.value = ''
+    loadUsers()
+}
+loadTracks()
+loadUsers()
+</script>
+<template>
+    <h1>Root Verwaltung</h1>
+    <h2>Tracks</h2>
+    <section v-if="tracks.length">
+        <ul>
+            <li v-for="track in tracks" :key="track.id">
+                {{ track.name }} |
+                Benutzy Hinzufügen
+                <InputText v-model="usernameInput[track.id]" type="text" required />
+                <Button type="button" label="Hinzufügen" @click="addUserToTrack(track.id)" />
+            </li>
+        </ul>
+    </section>
+    <section v-else>
+        <p>Keine Tracks vorhanden</p>
+    </section>
+
+    <CreateTrack />
+    <h2>Benutzy Erstellen</h2>
+
+    <form @submit.prevent="onSubmitNewUser">
+        <div class="field">
+            <label>E-Mail-Adresse</label>
+            <InputText class="w-full" v-model="email" type="email" required />
+        </div>
+        <div class="field">
+            <label>Benutzername</label>
+            <InputText class="w-full" v-model="username" type="text" required />
+        </div>
+        <div class="field">
+            <label>Passwort</label>
+            <InputText class="w-full" v-model="password" type="password" required />
+        </div>
+        <Button :disabled="loading" type="submit" label="Speichern" />
+    </form>
+    <h2>Liste aller Benutzy</h2>
+    <section v-if="users.length">
+        <ul>
+            <li v-for="user in users" :key="user.id">
+                {{ user.username }} | {{ user.email }}
+            </li>
+        </ul>
+    </section>
+    <hr />
+</template>
diff --git a/frontend/src/views/orga/RootTracks.vue b/frontend/src/views/orga/RootTracks.vue