Various bug fixes. Improvements to the security. Now with super and manager and others.

2024-08-15 15:35:00 -04:00
parent 35052898b4
commit f526e9094c
17 changed files with 247 additions and 232 deletions
--- a/src/routes/+layout.svelte
+++ b/src/routes/+layout.svelte
@@ -183,7 +183,7 @@ onMount(() => {
 	if (!$ae_loc.iframe && $ae_loc.trusted_access) {
        $ae_loc.hub.show_element__access_type = true;
        $ae_loc.hub.show_element__cfg = true;
-    } else if ($ae_loc.iframe && $ae_loc.administrator_access) {
+    } else if ($ae_loc.iframe && $ae_loc.manager_access) {
        $ae_loc.hub.show_element__access_type = true;
        $ae_loc.hub.show_element__cfg = true;
    } else {
--- a/src/routes/+page.svelte
+++ b/src/routes/+page.svelte
@@ -25,8 +25,11 @@ onMount(() => {
 <section
 	class="ae_root md:container h-full mx-auto flex flex-col items-center p-4 space-y-12"
 	class:ae_root--auth_access={$ae_loc.auth_access}
+	class:ae_root--public_access={$ae_loc.public_access}
 	class:ae_root--trusted_access={$ae_loc.trusted_access}
 	class:ae_root--administrator_access={$ae_loc.administrator_access}
+	class:ae_root--manager_access={$ae_loc.manager_access}
+	class:ae_root--super_access={$ae_loc.super_access}
 	>

 <Element_data_store
@@ -87,7 +90,7 @@ onMount(() => {
 	for_id={null}
 	ds_name="Default: AE Hub - Site root page footer HTML"
 	display="block"
-	class_li={!$ae_loc.trusted_access && $ae_sess.ds_loaded.hub__site__root_page_footer === false ? 'hidden' : ''}
+	class_li={!$ae_loc.manager_access && $ae_sess.ds_loaded.hub__site__root_page_footer === false ? 'hidden' : ''}
 	bind:ds_loaded={$ae_sess.ds_loaded.hub__site__root_page_footer}
 	/>
 <!-- page footer DS: {$ae_sess.ds_loaded.hub__site__root_page_footer} -->
--- a/src/routes/core/+layout.svelte
+++ b/src/routes/core/+layout.svelte
@@ -68,7 +68,7 @@ onMount(() => {
 </svelte:head>


-{#if $ae_loc.administrator_access && 1==3}
+{#if $ae_loc.manager_access && 1==3}
 <section
    class="submenu flex flex-row justify-center"
    class:hidden={$ae_loc.iframe}
--- a/src/routes/events_pres_mgmt/ae_comp__event_session_obj_li.svelte
+++ b/src/routes/events_pres_mgmt/ae_comp__event_session_obj_li.svelte
@@ -155,7 +155,7 @@ let lq_kv__event_session_obj_li = liveQuery(
            {/if}
        </a>

-        {#if $ae_loc.administrator_access}
+        {#if $ae_loc.manager_access}
        <Comp_event_presenter_obj_li
            link_to_type={'event_session'}
            link_to_id={session_obj?.event_session_id_random}
@@ -165,7 +165,7 @@ let lq_kv__event_session_obj_li = liveQuery(
        {/if}


-        {#if $ae_loc.administrator_access}
+        {#if $ae_loc.manager_access}
        <Element_manage_event_file_li
            link_to_type={'event_session'}
            link_to_id={session_obj?.event_session_id_random}
--- a/src/routes/events_pres_mgmt/ae_comp__event_session_obj_tbl.svelte
+++ b/src/routes/events_pres_mgmt/ae_comp__event_session_obj_tbl.svelte
@@ -80,7 +80,7 @@ let lq_kv__event_session_obj_li = liveQuery(
            >
            <td class="px-4 py-2">
                <a
-                    href="/events/pres_mgmt/{event_session_obj?.event_id_random}/session/{event_session_obj?.event_session_id_random}"
+                    href="/events_pres_mgmt/session/{event_session_obj?.event_session_id_random}"
                    class="text-blue-500 hover:text-blue-800 hover:underline"
                    >
                    {event_session_obj?.name}
--- a/src/routes/events_pres_mgmt/event/[slug]/+page.svelte
+++ b/src/routes/events_pres_mgmt/event/[slug]/+page.svelte
@@ -182,25 +182,6 @@ function process_search_string(search_str: string) {

    console.log(`"${search_str}"`);

-    // let params = {
-    //     'qry__enabled': $events_loc.pres_mgmt.qry_enabled ?? 'enabled',
-    //     'qry__hidden': $events_loc.pres_mgmt.qry_hidden ?? 'not_hidden',
-    //     'qry__limit': $events_loc.pres_mgmt.qry_limit__sessions ?? 35,
-    // }
-
-    // if ($ae_loc.administrator_access) {
-    //     params['qry__enabled'] = 'all';
-    //     params['qry__hidden'] = 'all';
-    //     params['qry__limit'] = 150;
-    // } else if ($ae_loc.trusted_access) {
-    //     params['qry__enabled'] = 'enabled';
-    //     params['qry__hidden'] = 'not_hidden';
-    //     params['qry__limit'] = 75;
-    // } else {
-    //     params['qry__enabled'] = 'enabled';
-    //     params['qry__hidden'] = 'not_hidden';
-    //     params['qry__limit'] = 35;
-    // }

    handle_search__event_session({
        ft_search_str: ft_search_str_new,
--- a/src/routes/events_pres_mgmt/event_page_menu.svelte
+++ b/src/routes/events_pres_mgmt/event_page_menu.svelte
@@ -302,7 +302,7 @@ let ae_triggers: key_val = {};
                </button>
            {/if}

-            {#if $ae_loc.administrator_access}
+            {#if $ae_loc.manager_access}
                {#if $events_loc.pres_mgmt.qry_enabled == 'all'}
                    <button
                        type="button"
--- a/src/routes/events_pres_mgmt/event_reports_page_menu.svelte
+++ b/src/routes/events_pres_mgmt/event_reports_page_menu.svelte
@@ -259,7 +259,7 @@ let ae_triggers: key_val = {};
                </button>
            {/if}

-            {#if $ae_loc.administrator_access}
+            {#if $ae_loc.manager_access}
                {#if $events_loc.pres_mgmt.qry_enabled == 'all'}
                    <button
                        type="button"
--- a/src/routes/events_pres_mgmt/presenter_page_menu.svelte
+++ b/src/routes/events_pres_mgmt/presenter_page_menu.svelte
@@ -328,7 +328,7 @@ let ae_triggers: key_val = {};
                class="btn btn-sm"
                class:variant-ghost-success={$lq__event_presenter_obj?.enable}
                class:variant-ringed-warning={!$lq__event_presenter_obj?.enable}
-                disabled={!$ae_loc.administrator_access}
+                disabled={!$ae_loc.manager_access}
                >
                {#if $lq__event_presenter_obj?.enable}
                    <span class="fas fa-toggle-on m-1"></span>
@@ -348,7 +348,7 @@ let ae_triggers: key_val = {};
        <!-- Group -->


-        {#if $ae_loc.administrator_access}
+        {#if $ae_loc.manager_access}
        <button
            on:click={() => {
                if (!confirm('Are you sure you want to delete this speaker?')) {return false;}
@@ -370,7 +370,7 @@ let ae_triggers: key_val = {};
            <span class="fas fa-minus-circle mx-1"></span>
            Delete
        </button>
-        {:else if $ae_loc.trusted_access}
+        {:else if $ae_loc.administrator_access}
        <button
            on:click={() => {
                if (!confirm('Are you sure you want to remove (disable) this speaker?')) {return false;}
--- a/src/routes/events_pres_mgmt/session_page_menu.svelte
+++ b/src/routes/events_pres_mgmt/session_page_menu.svelte
@@ -279,7 +279,7 @@ let ae_triggers: key_val = {};
                class="btn btn-sm"
                class:variant-ghost-success={$lq__event_session_obj?.enable}
                class:variant-ringed-warning={!$lq__event_session_obj?.enable}
-                disabled={!$ae_loc.administrator_access}
+                disabled={!$ae_loc.manager_access}
                >
                {#if $lq__event_session_obj?.enable}
                    <span class="fas fa-toggle-on m-1"></span>
@@ -299,7 +299,7 @@ let ae_triggers: key_val = {};
        <!-- Group -->


-        {#if $ae_loc.access_type && $ae_loc.access_type != 'anonymous' && $ae_loc.access_type != 'authenticated'}
+        {#if $ae_loc.trusted_access}
            {#if $ae_loc.edit_mode}
                <button
                    on:click={() => {