Various bug fixes. Improvements to the security. Now with super and manager and others.

2024-08-15 15:35:00 -04:00
parent 35052898b4
commit f526e9094c
17 changed files with 247 additions and 232 deletions
--- a/src/lib/element_data_store.svelte
+++ b/src/lib/element_data_store.svelte
@@ -54,9 +54,9 @@ let ds_code_obj =
        type: ds_type,
        for_type: null, // for_type
        for_id: null, // for_id
-        access_read: null, // 'super', 'administrator', 'trusted', 'anonymous'
-        access_write: null, // 'super', 'administrator', 'trusted', 'anonymous'
-        access_delete: null, // 'super', 'administrator', 'trusted', 'anonymous'
+        access_read: null, // 'super', 'manager', 'administrator', 'trusted', 'authenticated', 'anonymous'
+        access_write: null, // 'super', 'manager', 'administrator', 'trusted', 'authenticated', 'anonymous'
+        access_delete: null, // 'super', 'manager', 'administrator', 'trusted', 'authenticated', 'anonymous'
        html: null,
        json: null,
        md: null,
@@ -523,7 +523,7 @@ async function handle_update__data_store({
            />
        </label>
    {/if}
-    {#if $ae_loc.administrator_access}
+    {#if $ae_loc.manager_access}
        <input
            type="text"
            name="ds_account_id"
@@ -551,7 +551,7 @@ async function handle_update__data_store({
            required
            />
    {/if}
-    {#if $ae_loc.administrator_access}
+    {#if $ae_loc.manager_access}
        <input
            type="text"
            name="ds_type"
@@ -709,7 +709,7 @@ async function handle_update__data_store({
 <!-- {#if mode == 'view'} -->

 {#if !ae_ds_tmp.type && !ae_ds_tmp.html && !ae_ds_tmp.json && !ae_ds_tmp.md && !ae_ds_tmp.text}
-    {#if $ae_loc.administrator_access}
+    {#if $ae_loc.manager_access}
        <span class="variant-soft-warning">No data found! Is the data store correct or new?</span>
    {:else}
        <!-- <span class="variant-soft">loading</span> -->
@@ -719,7 +719,7 @@ async function handle_update__data_store({
 {#if ae_ds_tmp.type == 'html' && ae_ds_tmp.html}
    {@html ae_ds_tmp.html}
 {:else if ae_ds_tmp.type == 'html'}
-    {#if $ae_loc.administrator_access}
+    {#if $ae_loc.manager_access}
        <span class="variant-soft-warning">No HTML found! Is the data store type correct?</span>
    {:else}
        <!-- <span class="variant-soft">loading</span> -->
@@ -729,7 +729,7 @@ async function handle_update__data_store({
 {#if ae_ds_tmp.type == 'text' && ae_ds_tmp.text}
    {ae_ds_tmp.text}
 {:else if ae_ds_tmp.type == 'text'}
-    {#if $ae_loc.administrator_access}
+    {#if $ae_loc.manager_access}
        <span class="variant-soft-warning">No text found! Is the data store type correct?</span>
    {:else}
        <!-- <span class="variant-soft">loading</span> -->
@@ -739,7 +739,7 @@ async function handle_update__data_store({
 <button
    type="button"
    class="ae_btn_edit__ds btn hover:variant-glass-warning text-xs absolute top-0 right-0 opacity-30 hover:opacity-100 transition delay-700 hover:delay-200 m-1 p-1"
-    class:opacity-5={!$ae_loc.administrator_access}
+    class:opacity-5={!$ae_loc.manager_access}
    class:hidden={!show_edit_btn || !$ae_loc.trusted_access}
    on:dblclick={() => {
        trigger = 'load__ds__code';