From 5a3c3fbfb9ebf91cf7a92fed931f5f5d4dd19dd6 Mon Sep 17 00:00:00 2001
From: scammo <sbrinkmann@54gradsoftware.de>
Date: Thu, 4 Jan 2024 16:34:58 +0100
Subject: [PATCH] root can create users and read all users

---
 .../app/Http/Controllers/UserController.php   |  27 +++++
 backend/database/seeders/DatabaseSeeder.php   |   8 +-
 backend/routes/api.php                        |   2 +
 frontend/src/components/Header.vue            |   5 +-
 frontend/src/router/index.js                  |   9 +-
 frontend/src/views/orga/Profile.vue           |   2 +-
 frontend/src/views/orga/Root.vue              | 101 ++++++++++++++++++
 frontend/src/views/orga/RootTracks.vue        |  44 --------
 8 files changed, 140 insertions(+), 58 deletions(-)
 create mode 100644 frontend/src/views/orga/Root.vue
 delete mode 100644 frontend/src/views/orga/RootTracks.vue

diff --git a/backend/app/Http/Controllers/UserController.php b/backend/app/Http/Controllers/UserController.php
index d3fb581..b80b6b3 100644
--- a/backend/app/Http/Controllers/UserController.php
+++ b/backend/app/Http/Controllers/UserController.php
@@ -10,6 +10,16 @@
 
 class UserController extends Controller
 {
+    public function index(){
+        if (!Auth::check()){
+            abort(403);
+        }
+        if(Auth::user()->username != "root"){
+            abort(403);
+        }
+        return User::all();
+    }
+
     public function me(){
         if (!Auth::check()){
             abort(403);
@@ -29,6 +39,23 @@ public function update(User $user, Request $request){
         $user->save();
         return $user;
     }
+
+
+    public function create(Request $request){
+        if (!Auth::check()){
+            abort(403);
+        }
+        if(Auth::user()->username != "root"){
+            abort(403);
+        }
+        $user = new User();
+        $user->username = $request->username;
+        $user->email = $request->email;
+        $user->password = Hash::make($request->password);
+        $user->save();
+        return $user;
+    }
+
     public function updatePassword(User $user, Request $request){
         if (!Auth::check()){
             abort(403);
diff --git a/backend/database/seeders/DatabaseSeeder.php b/backend/database/seeders/DatabaseSeeder.php
index 6fd870c..f452eae 100644
--- a/backend/database/seeders/DatabaseSeeder.php
+++ b/backend/database/seeders/DatabaseSeeder.php
@@ -14,18 +14,12 @@ class DatabaseSeeder extends Seeder
      */
     public function run(): void
     {
+
         $rootUser = new User();
         $rootUser->username = 'root';
         $rootUser->email = 'root@chaostreff-flensburg.de';
         $rootUser->password = Hash::make('password');
         $rootUser->email_verified_at = now();
         $rootUser->save();
-
-        $rootUser = new User();
-        $rootUser->username = 'scammo';
-        $rootUser->email = 'samuel@chaostreff-flensburg.de';
-        $rootUser->password = Hash::make('test123');
-        $rootUser->email_verified_at = now();
-        $rootUser->save();
     }
 }
diff --git a/backend/routes/api.php b/backend/routes/api.php
index 99e952b..fc5623c 100644
--- a/backend/routes/api.php
+++ b/backend/routes/api.php
@@ -33,5 +33,7 @@
 
 
 Route::get('user', [\App\Http\Controllers\UserController::class, 'me']);
+Route::get('users', [\App\Http\Controllers\UserController::class, 'index']);
+Route::post('user', [\App\Http\Controllers\UserController::class, 'create']);
 Route::post('user/{user}', [\App\Http\Controllers\UserController::class, 'update']);
 Route::post('user/{user}/password', [\App\Http\Controllers\UserController::class, 'updatePassword']);
diff --git a/frontend/src/components/Header.vue b/frontend/src/components/Header.vue
index 40a41dd..8ac8f8a 100644
--- a/frontend/src/components/Header.vue
+++ b/frontend/src/components/Header.vue
@@ -1,12 +1,11 @@
 <script setup>
-import { useRoute, useRouter } from "vue-router";
+import { useRouter } from "vue-router";
 import { setLogout } from '../lib/api'
 import lf from "localforage";
 import Menubar from "primevue/menubar";
 import Button from "primevue/button";
 
 const router = useRouter();
-const route = useRoute();
 
 const logout = async () => {
   await lf.clear();
@@ -34,7 +33,7 @@ const items = [
 <template>
   <header>
     <Menubar :model="items">
-      <template #start> #CCS Pretty Good Propopsal </template>
+      <template #start> Pretty Good Propopsal V2 </template>
       <template #end>
         <Button label="Logout" @click="logout" />
       </template>
diff --git a/frontend/src/router/index.js b/frontend/src/router/index.js
index 1ddfc09..4500776 100644
--- a/frontend/src/router/index.js
+++ b/frontend/src/router/index.js
@@ -11,7 +11,7 @@ import Profile from "../views/orga/Profile.vue";
 import Faq from "../views/orga/Faq.vue";
 import Error from "../views/Error.vue";
 
-import RootTracks from '../views/orga/RootTracks.vue';
+import Root from '../views/orga/Root.vue';
 
 const router = createRouter({
   history: createWebHashHistory(),
@@ -75,9 +75,12 @@ const router = createRouter({
           },
         },
         {
-          path: "/root/tracks",
+          path: "/orga/root",
           name: "tracks",
-          component: RootTracks,
+          component: Root,
+          meta: {
+            requiresAuth: true,
+          },
         },
       ],
     },
diff --git a/frontend/src/views/orga/Profile.vue b/frontend/src/views/orga/Profile.vue
index b14c49f..3d59156 100644
--- a/frontend/src/views/orga/Profile.vue
+++ b/frontend/src/views/orga/Profile.vue
@@ -73,7 +73,7 @@ loadUser()
       <InputText class="w-full" v-model="email" type="email" required />
     </div>
     <div class="field">
-      <label>Benutzer (andere Benutzer aus dem selben Track können diesen sehen)</label>
+      <label>Benutzername (andere Benutzer aus dem selben Track können diesen sehen)</label>
       <InputText class="w-full" v-model="username" type="text" required />
     </div>
     <Button :disabled="loading" type="submit" label="Speichern" />
diff --git a/frontend/src/views/orga/Root.vue b/frontend/src/views/orga/Root.vue
new file mode 100644
index 0000000..d2e68d7
--- /dev/null
+++ b/frontend/src/views/orga/Root.vue
@@ -0,0 +1,101 @@
+<script setup>
+import { ref } from "vue";
+import { client } from "../../lib/api";
+import CreateTrack from "../../components/CreateTrack.vue";
+import InputText from "primevue/inputtext";
+import Button from "primevue/button";
+
+const tracks = ref([])
+const users = ref([])
+const usernameInput = ref([])
+
+const email = ref("")
+const username = ref("")
+const password = ref("")
+
+const loadTracks = async () => {
+    const response = await client.get('tracks')
+    tracks.value = response.data
+}
+const loadUsers = async () => {
+    const response = await client.get('users')
+    users.value = response.data
+}
+const addUserToTrack = async (track_id) => {
+    const response = await client.post('track/users', {
+        username: usernameInput.value[track_id],
+        track_id: track_id
+    })
+    console.log(response)
+    if (response.status === 200) {
+        alert('Benutzer wurde hinzugefügt')
+    } else {
+        alert('Benutzer konnte nicht hinzugefügt werden')
+    }
+    usernameInput.value[track_id] = ''
+}
+const onSubmitNewUser = async () => {
+    const response = await client.post('user', {
+        email: email.value,
+        username: username.value,
+        password: password.value
+    })
+    console.log(response)
+    if (response.status === 201) {
+        alert('Benutzer wurde erstellt')
+    } else {
+        alert('Benutzer konnte nicht erstellt werden')
+    }
+    email.value = ''
+    username.value = ''
+    password.value = ''
+    loadUsers()
+}
+loadTracks()
+loadUsers()
+</script>
+<template>
+    <h1>Root Verwaltung</h1>
+    <h2>Tracks</h2>
+    <section v-if="tracks.length">
+        <ul>
+            <li v-for="track in tracks" :key="track.id">
+                {{ track.name }} |
+                Benutzy Hinzufügen
+                <InputText v-model="usernameInput[track.id]" type="text" required />
+                <Button type="button" label="Hinzufügen" @click="addUserToTrack(track.id)" />
+            </li>
+        </ul>
+    </section>
+    <section v-else>
+        <p>Keine Tracks vorhanden</p>
+    </section>
+
+    <CreateTrack />
+    <h2>Benutzy Erstellen</h2>
+
+    <form @submit.prevent="onSubmitNewUser">
+        <div class="field">
+            <label>E-Mail-Adresse</label>
+            <InputText class="w-full" v-model="email" type="email" required />
+        </div>
+        <div class="field">
+            <label>Benutzername</label>
+            <InputText class="w-full" v-model="username" type="text" required />
+        </div>
+        <div class="field">
+            <label>Passwort</label>
+            <InputText class="w-full" v-model="password" type="password" required />
+        </div>
+        <Button :disabled="loading" type="submit" label="Speichern" />
+    </form>
+    <h2>Liste aller Benutzy</h2>
+    <section v-if="users.length">
+        <ul>
+            <li v-for="user in users" :key="user.id">
+                {{ user.username }} | {{ user.email }}
+            </li>
+        </ul>
+    </section>
+    <hr />
+</template>
\ No newline at end of file
diff --git a/frontend/src/views/orga/RootTracks.vue b/frontend/src/views/orga/RootTracks.vue
deleted file mode 100644
index d2004fe..0000000
--- a/frontend/src/views/orga/RootTracks.vue
+++ /dev/null
@@ -1,44 +0,0 @@
-<script setup>
-import { ref } from "vue";
-import { client } from "../../lib/api";
-import CreateTrack from "../../components/CreateTrack.vue";
-import InputText from "primevue/inputtext";
-import Button from "primevue/button";
-
-const tracks = ref([])
-const usernameInput = ref([])
-
-const loadTracks = async () => {
-    const response = await client.get('tracks')
-    tracks.value = response.data
-}
-const addUser = async (track_id) => {
-    const response = await client.post('track/users', {
-        username: usernameInput.value[track_id],
-        track_id: track_id
-    })
-    console.log(response)
-    usernameInput.value[track_id] = ''
-}
-loadTracks()
-</script>
-<template>
-    <h1>Tracks</h1>
-    <section v-if="tracks.length">
-        <ul>
-            <li v-for="track in tracks" :key="track.id">
-                {{ track.name }} |
-                Benuty Hinzufügen
-                <InputText v-model="usernameInput[track.id]" type="text" required />
-                <Button type="button" label="Hinzufügen" @click="addUser(track.id)" />
-            </li>
-        </ul>
-        <h2>Benuty Hinzufügen</h2>
-
-    </section>
-    <section v-else>
-        <p>Keine Tracks vorhanden</p>
-    </section>
-    <hr />
-    <CreateTrack />
-</template>
\ No newline at end of file