From 9a1d022d5a4d9d152c8f692d2ff064664e00a190 Mon Sep 17 00:00:00 2001 From: Scott Idem Date: Tue, 19 Nov 2024 13:48:51 -0500 Subject: [PATCH] Work on permissions for IDAA members in Novi --- src/lib/element_access_type.svelte | 2 + src/routes/idaa/(idaa)/+layout.svelte | 16 +- src/routes/idaa/(idaa)/hold_main.ts | 73 ------- src/routes/idaa/(idaa)/hold_stores.ts | 196 ------------------- src/routes/idaa/(idaa)/hold_stores_ae_api.js | 40 ---- 5 files changed, 17 insertions(+), 310 deletions(-) delete mode 100644 src/routes/idaa/(idaa)/hold_main.ts delete mode 100644 src/routes/idaa/(idaa)/hold_stores.ts delete mode 100644 src/routes/idaa/(idaa)/hold_stores_ae_api.js diff --git a/src/lib/element_access_type.svelte b/src/lib/element_access_type.svelte index 7f8f01ff..50df47ed 100644 --- a/src/lib/element_access_type.svelte +++ b/src/lib/element_access_type.svelte @@ -46,6 +46,8 @@ $: if (trigger && $ae_loc.access_type) { function handle_check_access_type_passcode() { console.log(`*** handle_check_access_type_passcode() *** passcode list:`, $ae_loc.site_access_code_kv); + // Reminder: super > manager > administrator > trusted > public > authenticated > anonymous + if (entered_passcode && entered_passcode.length >= 5) { if ($ae_loc.site_access_code_kv.super == entered_passcode) { diff --git a/src/routes/idaa/(idaa)/+layout.svelte b/src/routes/idaa/(idaa)/+layout.svelte index c9a8f830..e9c15e39 100644 --- a/src/routes/idaa/(idaa)/+layout.svelte +++ b/src/routes/idaa/(idaa)/+layout.svelte @@ -20,6 +20,18 @@ if (browser) { // console.log(`$idaa_loc.novi_uuid:`, $idaa_loc.novi_uuid); // console.log(`$idaa_loc.novi_admin_li:`, $idaa_loc.novi_admin_li); + // Reminder: super > manager > administrator > trusted > public > authenticated > anonymous + + if ($ae_loc.iframe && $idaa_loc?.novi_uuid?.length == 36 && $idaa_loc?.novi_email?.length > 3 && $idaa_loc?.novi_full_name?.length > 0) { + $ae_loc.access_type = 'authenticated'; + $ae_loc.authenticated_access = true; + $ae_loc.anonymous_access = true; + } else if ($ae_loc.iframe) { + $ae_loc.access_type = 'anonymous'; + $ae_loc.authenticated_access = false; + $ae_loc.anonymous_access = true; + } + // NOTE: Check if the novi_uuid is in the novi_admin_li list if ($idaa_loc.novi_uuid && $idaa_loc.novi_admin_li) { if ($idaa_loc.novi_admin_li.includes($idaa_loc.novi_uuid)) { @@ -30,6 +42,7 @@ if (browser) { $ae_loc.trusted_access = true; $ae_loc.public_access = true; $ae_loc.authenticated_access = true; + $ae_loc.anonymous_access = true; } } // NOTE: Check if the novi_uuid is in the novi_trusted_li list @@ -42,6 +55,7 @@ if (browser) { $ae_loc.trusted_access = true; $ae_loc.public_access = true; $ae_loc.authenticated_access = true; + $ae_loc.anonymous_access = true; } } @@ -114,7 +128,7 @@ $: if ($ae_loc.iframe_height && $ae_loc.iframe_height_modal_body) { -{#if ($ae_loc.trusted_access)} +{#if ($ae_loc.authenticated_access)}
diff --git a/src/routes/idaa/(idaa)/hold_main.ts b/src/routes/idaa/(idaa)/hold_main.ts deleted file mode 100644 index f8cae26c..00000000 --- a/src/routes/idaa/(idaa)/hold_main.ts +++ /dev/null @@ -1,73 +0,0 @@ -import { ae } from "aether_npm_lib"; -import "./app.pcss"; -import App from "./App.svelte"; -import Archives from "./0_archives__main.svelte"; -import Events from "./0_events__main.svelte"; -import Posts from "./0_posts__main.svelte"; - -let url_params = ae.util.get_url_params(); -// console.log(url_params); -// IMPORTANT: The URL paramater 'uuid' is used to determine if the user is logged in or not. If the user is logged in, the uuid will be passed in as a url param. If the user is not logged in, the uuid will not be passed in as a url param. - -if (document.getElementById("app")) { - const app = new App({ - target: document.getElementById("app"), - }); -} - -if (document.querySelector(".svelte_target.idaa_archives_main")) { - const archives_main_app = new Archives({ - target: document.querySelector(".svelte_target.idaa_archives_main"), - props: { - archive_id: url_params.archive_id, - novi_uuid: url_params.uuid ? url_params.uuid : false, - novi_email: decodeURIComponent(url_params.email), // decodeURIComponent() is needed because the email is passed in as a url param. Should this be takenc are of by the ae.util.get_url_params() function? - novi_full_name: decodeURIComponent(url_params.full_name), - novi_admin_li: ["2b078deb-b4e7-4203-99da-9f7cd62159a5"], - novi_trusted_li: [ - "c9ea07b5-06b0-4a43-a2d0-8d06558c8a82", - "58db22ee-4b0a-49a7-9f34-53d2ba85a84b", - ], - results_limit_administrator: 200, - results_limit_trusted: 75, - results_limit_authenticated: 50, - }, - }); -} - -if (document.querySelector(".svelte_target.idaa_events_main")) { - const events_main_app = new Events({ - target: document.querySelector(".svelte_target.idaa_events_main"), - props: { - event_id: url_params.event_id, - novi_uuid: url_params.uuid ? url_params.uuid : false, - novi_email: decodeURIComponent(url_params.email), // decodeURIComponent() is needed because the email is passed in as a url param. Should this be takenc are of by the ae.util.get_url_params() function? - novi_full_name: decodeURIComponent(url_params.full_name), - novi_admin_li: ["2b078deb-b4e7-4203-99da-9f7cd62159a5"], - novi_trusted_li: [ - "c9ea07b5-06b0-4a43-a2d0-8d06558c8a82", - "58db22ee-4b0a-49a7-9f34-53d2ba85a84b", - ], - results_limit_administrator: 200, - results_limit_trusted: 200, - results_limit_authenticated: 50, - }, - }); -} - -if (document.querySelector(".svelte_target.idaa_posts_main")) { - const posts_main_app = new Posts({ - target: document.querySelector(".svelte_target.idaa_posts_main"), - props: { - post_id: url_params.post_id, - novi_uuid: url_params.uuid ? url_params.uuid : false, - novi_email: url_params.email, - novi_full_name: url_params.full_name, - novi_admin_li: ["2b078deb-b4e7-4203-99da-9f7cd62159a5"], - novi_trusted_li: [ - "c9ea07b5-06b0-4a43-a2d0-8d06558c8a82", - "58db22ee-4b0a-49a7-9f34-53d2ba85a84b", - ], - }, - }); -} diff --git a/src/routes/idaa/(idaa)/hold_stores.ts b/src/routes/idaa/(idaa)/hold_stores.ts deleted file mode 100644 index d85c514c..00000000 --- a/src/routes/idaa/(idaa)/hold_stores.ts +++ /dev/null @@ -1,196 +0,0 @@ -import { readable, writable } from 'svelte/store'; -// console.log('*** stores.ts ***'); - -/* FAKE TESTING DATA */ - -let fake_app_base_url = 'https://dev-app.oneskyit.com'; -let fake_app_base_url_backup = 'https://bak-app.oneskyit.com'; -let fake_api_base_url = 'https://dev-api.oneskyit.com'; -let fake_api_base_url_backup = 'https://bak-api.oneskyit.com'; -let fake_api_secret_key = 'dFP6J9DVj9hUgIMn-fNIqg'; -let fake_ae_account_id = 'Q8lR8Ai8hx2FjbQ3C_EH1Q'; // IDAA Q8lR8Ai8hx2FjbQ3C_EH1Q (13) -let fake_ae_api_jwt_key="EHmSXZFKfMEW65E8kxCKmQ" // 22 characters; super secret Aether JWT signing key - -let fake_api_temporary_token = ''; - -let fake_access_type = 'anonymous'; -let fake_administrator_access: boolean = false; -let fake_trusted_access: boolean = false; - -/* FAKE TESTING DATA */ - -type key_val = { - [key: string]: any; // variable key - // name: string; -}; - -export const account_id = fake_ae_account_id; - -let ae_cfg_data: key_val = {}; - -// NOTE: This API CRUD super key thing being here should be short term! -2023-05-02 - -ae_cfg_data['api'] = {}; -ae_cfg_data['app'] = {}; - -// ae_cfg_data['api']['api_crud_super_key'] = 'zp5PtX4zUsI'; - -let ae_api_cfg_data: key_val = {}; -if (api_base_url) { - ae_api_cfg_data['base_url'] = api_base_url; -} else { - console.log(`WARNING: api_base_url not set. Using fake_api_base_url: ${fake_api_base_url}`); - ae_api_cfg_data['base_url'] = fake_api_base_url; -} -if (api_base_url_backup) { - ae_api_cfg_data['base_url_backup'] = api_base_url_backup; -} else { - console.log(`WARNING: api_base_url_backup not set. Using fake_api_base_url_backup: ${fake_api_base_url_backup}`); - ae_api_cfg_data['base_url_backup'] = fake_api_base_url_backup; -} - -ae_api_cfg_data['api_crud_super_key'] = 'zp5PtX4zUsI'; - -ae_api_cfg_data['headers'] = {}; -ae_api_cfg_data['headers']['Access-Control-Allow-Origin'] = '*'; -ae_api_cfg_data['headers']['content-type'] = 'application/json'; -ae_api_cfg_data['headers']['x-aether-api-key'] = fake_api_secret_key; -ae_api_cfg_data['headers']['x-aether-api-token'] = 'fake-temp-token'; -ae_api_cfg_data['headers']['x-aether-api-expire-on'] = ''; -ae_api_cfg_data['headers']['x-account-id'] = fake_ae_account_id; - -console.log(`Aether API Config Data:`, ae_api_cfg_data); - -ae_cfg_data['api']['headers'] = ae_api_cfg_data['headers']; - -let ae_app_cfg_data: key_val = {}; -if (app_base_url) { - ae_app_cfg_data['base_url'] = app_base_url; -} else { - console.log(`WARNING: app_base_url not set. Using fake_app_base_url: ${fake_app_base_url}`); - ae_app_cfg_data['base_url'] = fake_app_base_url; -} -ae_cfg_data['app'] = ae_app_cfg_data; - -console.log(`All Aether App and API Config Data:`, ae_cfg_data); -window.localStorage.setItem('ae_cfg', JSON.stringify(ae_cfg_data)); // Also set in main HTML template files -export const ae_cfg = readable(ae_cfg_data); - - - -/* *** BEGIN *** Initialize slct variable */ -// Updated 2023-11-01 -export let slct_trigger: any = writable(null); -let slct_obj_template: key_val = { 'event_id': null, 'event_obj': {}, 'post_id': null, 'post_obj': {}, 'post_obj_li': [], 'post_comment_id': null, 'post_comment_obj': {}, 'post_comment_obj_li': [] }; -export let slct = writable(slct_obj_template); - -let novi_api_cfg_data: key_val = {}; - - -/* *** BEGIN *** Initialize IDAA app structure variable (JS object) */ -// Updated 2023-11-01 -let ae_app_data_version = .5; - -let ae_app_struct: key_val = { - 'ver': ae_app_data_version, - 'app': ae_cfg_data.app, // Includes AE app base_url {'base_url': ae_cfg_data.app.base_url}, - 'ae_api': ae_api_cfg_data, // Includes the AE API headers - 'novi_api': novi_api_cfg_data, // Includes the Novi API headers - - 'access_type': fake_access_type, - 'administrator_access': fake_administrator_access, - 'trusted_access': fake_trusted_access, - - 'account_id': account_id, - - // YYYY-MM-DD string of the current date - 'current_date_str': new Date().toISOString().slice(0, 10), - - 'novi_uuid': null, - 'novi_email': null, - 'novi_full_name': null, - 'novi_admin_li': [], - - // Module - Archives (IDAA Archives) - 'archives':{ - // 'show_start_new_view_help': true, // getting ready to start new submission - // 'show_active_submission_view_help': true, // started in progress submission - // 'show_grant_list': false, - - 'show_archive_new_form': false, - 'show_archive_content_new_form': false, - 'show_archive_content_view': false, - 'show_archive_content_crud': false, - 'show_archive_content_crud_new': false, - 'show_list__archive_content_li_group': null, - - // all, disabled, enabled - 'enabled': 'enabled', // all or nothing... easier for now - - // all, hidden, not_hidden - 'hidden': 'not_hidden', // all or nothing... easier for now - - 'limit': 250, // all or nothing... easier for now - 'offset': 0, // all or nothing... easier for now - 'archive_group_sort': 'ASC', // ASC or DESC - 'content_group_sort': 'ASC', // ASC or DESC - - 'archive_id': null, - 'archive_content_id': null, - - 'ds':{}, - }, - - // Module - Events (IDAA Recovery Meetings) - 'events':{ - 'show_event_id_view': false, - 'show_event_id_edit': false, - - 'filter_meeting_type': 'all', // all, idaa, al-anon - 'filter_meeting_group': 'all', // all, in-person, virtual - 'filter_location': 'all', // all, something something - - // all, disabled, enabled - 'enabled': 'enabled', // all or nothing... easier for now - - // all, hidden, not_hidden - 'hidden': 'not_hidden', // all or nothing... easier for now - - 'limit': 250, // all or nothing... easier for now - 'offset': 0, // all or nothing... easier for now - - 'event_id': null, - - 'ds':{}, - }, - - // Module - Posts (IDAA Support BB) - 'posts':{ - 'show_post_new_form': false, - 'show_post_comment_new_form': false, - 'show_view__post_id': false, - 'show_post_comment_crud': false, - - 'show_post_comment_list': true, - - // all, disabled, enabled - 'enabled': 'enabled', // all or nothing... easier for now - - // all, hidden, not_hidden - 'hidden': 'not_hidden', // all or nothing... easier for now - - 'limit': 250, // all or nothing... easier for now - 'offset': 0, // all or nothing... easier for now - - 'post_id': null, - 'post_comment_id': null, - - 'ds':{}, - }, - - 'ds':{}, - - 'testing': null -} -export let ae_app = writable(ae_app_struct); -console.log(ae_app); diff --git a/src/routes/idaa/(idaa)/hold_stores_ae_api.js b/src/routes/idaa/(idaa)/hold_stores_ae_api.js deleted file mode 100644 index abde2c57..00000000 --- a/src/routes/idaa/(idaa)/hold_stores_ae_api.js +++ /dev/null @@ -1,40 +0,0 @@ -console.log('*** stores_data_store_api.js Stores ***'); -import { get } from 'svelte/store'; -import { ae_app } from './hold_stores'; -import { api } from 'aether_npm_lib'; - - -/* BEGIN: IDAA Recover Meetings Related */ -export let get_account_event_obj_list = async function get_account_event_obj_list({account_id, enabled='enabled', hidden='not_hidden', limit=100, params={}, timeout=50000, log_lvl=0}) { - console.log('*** stores_meetings_api.js: get_account_event_obj_list() ***'); - - const endpoint = `/account/${account_id}/event/meeting_list_flat`; - - let allowed_enabled_list = ['all', 'enabled', 'not_enabled'] - if (allowed_enabled_list.includes(enabled) ) { - params['enabled'] = enabled; - } - - let allowed_hidden_list = ['all', 'hidden', 'not_hidden']; - if (allowed_hidden_list.includes(hidden) ) { - params['hidden'] = hidden; - } - - if (limit) { - params['limit'] = limit; - } - - let event_obj_list_get_promise = await api.get_object({api_cfg: get(ae_app).ae_api, endpoint: endpoint, params: params, timeout: timeout, log_lvl: log_lvl}); - - // if (event_obj_list_get_promise === false) { - // console.log('Event - RUN AGAIN WITH BACKUP'); - - // let temp_api = get(cfg).api; - // temp_api['base_url'] = temp_api['base_url_backup'] - - // event_obj_list_get_promise = await api.get_object({api_cfg: temp_api, endpoint: endpoint, params: params, timeout: timeout, log_lvl: log_lvl}); - // } - - let event_obj_list = event_obj_list_get_promise; - return event_obj_list; -}