Mirrors/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-12-27 04:35:12 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat(frontend): add group permissions (#721)

Browse Source 
* style(frontend): 💄 add darktheme custom

* add dummy users in dev mode

* feat(frontend):  add group permissions editor UI

* feat(backend):  add group permissions setters

* test(backend):  tests for basic permission get/set (WIP)

Needs more testing

* remove old test

* chore(backend): copy template.env on setup

* feat(frontend):  enable send invitation via email

* feat(backend):  enable send invitation via email

* feat:  add app config checker for site-settings

* refactor(frontend): ♻️ consolidate bool checks

Co-authored-by: Hayden <hay-kot@pm.me>
This commit is contained in:
Hayden
2021-10-04 20:16:37 -08:00
committed by GitHub
parent b7b8aa9a08
commit 5d43fac7c9
43 changed files with 652 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
mealie/db/data_initialization/init_users.py Normal file
View File

@@ -0,0 +1,61 @@
from mealie.core import root_logger
from mealie.core.config import settings
from mealie.core.security import hash_password
from mealie.db.data_access_layer.access_model_factory import Database
logger = root_logger.get_logger("init_users")
def dev_users() -> list[dict]:
return [
{
"full_name": "Jason",
"username": "jason",
"email": "jason@email.com",
"password": hash_password(settings.DEFAULT_PASSWORD),
"group": settings.DEFAULT_GROUP,
"admin": False,
},
{
"full_name": "Bob",
"username": "bob",
"email": "bob@email.com",
"password": hash_password(settings.DEFAULT_PASSWORD),
"group": settings.DEFAULT_GROUP,
"admin": False,
},
{
"full_name": "Sarah",
"username": "sarah",
"email": "sarah@email.com",
"password": hash_password(settings.DEFAULT_PASSWORD),
"group": settings.DEFAULT_GROUP,
"admin": False,
},
{
"full_name": "Sammy",
"username": "sammy",
"email": "sammy@email.com",
"password": hash_password(settings.DEFAULT_PASSWORD),
"group": settings.DEFAULT_GROUP,
"admin": False,
},
]
def default_user_init(db: Database):
default_user = {
"full_name": "Change Me",
"username": "admin",
"email": settings.DEFAULT_EMAIL,
"password": hash_password(settings.DEFAULT_PASSWORD),
"group": settings.DEFAULT_GROUP,
"admin": True,
}
logger.info("Generating Default User")
db.users.create(default_user)
if not settings.PRODUCTION:
for user in dev_users():
db.users.create(user)

16
mealie/db/init_db.py
View File

@@ -1,8 +1,8 @@
from mealie.core import root_logger
from mealie.core.config import settings
from mealie.core.security import hash_password
from mealie.db.data_access_layer.access_model_factory import Database
from mealie.db.data_initialization.init_units_foods import default_recipe_unit_init
from mealie.db.data_initialization.init_users import default_user_init
from mealie.db.database import get_database
from mealie.db.db_setup import create_session, engine
from mealie.db.models._model_base import SqlAlchemyBase
@@ -37,20 +37,6 @@ def default_group_init(db: Database):
create_new_group(db, GroupBase(name=settings.DEFAULT_GROUP))
def default_user_init(db: Database):
default_user = {
"full_name": "Change Me",
"username": "admin",
"email": settings.DEFAULT_EMAIL,
"password": hash_password(settings.DEFAULT_PASSWORD),
"group": settings.DEFAULT_GROUP,
"admin": True,
}
logger.info("Generating Default User")
db.users.create(default_user)
def main():
create_all_models()

30
mealie/db/models/users/users.py
View File

@@ -34,8 +34,12 @@ class User(SqlAlchemyBase, BaseMixins):
group_id = Column(Integer, ForeignKey("groups.id"))
group = orm.relationship("Group", back_populates="users")
# Recipes
# Group Permissions
can_manage = Column(Boolean, default=False)
can_invite = Column(Boolean, default=False)
can_organize = Column(Boolean, default=False)
# Recipes
tokens: list[LongLiveToken] = orm.relationship(
LongLiveToken, back_populates="user", cascade="all, delete, delete-orphan", single_parent=True
)
@@ -59,6 +63,9 @@ class User(SqlAlchemyBase, BaseMixins):
group: str = settings.DEFAULT_GROUP,
admin=False,
advanced=False,
can_manage=False,
can_invite=False,
can_organize=False,
**_
) -> None:
@@ -71,6 +78,15 @@ class User(SqlAlchemyBase, BaseMixins):
self.password = password
self.advanced = advanced
if self.admin:
self.can_manage = True
self.can_invite = True
self.can_organize = True
else:
self.can_manage = can_manage
self.can_invite = can_invite
self.can_organize = can_organize
self.favorite_recipes = []
if self.username is None:
@@ -87,6 +103,9 @@ class User(SqlAlchemyBase, BaseMixins):
favorite_recipes=None,
password=None,
advanced=False,
can_manage=False,
can_invite=False,
can_organize=False,
**_
):
favorite_recipes = favorite_recipes or []
@@ -103,6 +122,15 @@ class User(SqlAlchemyBase, BaseMixins):
if password:
self.password = password
if self.admin:
self.can_manage = True
self.can_invite = True
self.can_organize = True
else:
self.can_manage = can_manage
self.can_invite = can_invite
self.can_organize = can_organize
def update_password(self, password):
self.password = password

14
mealie/routes/admin/admin_about.py
View File

@@ -4,7 +4,7 @@ from sqlalchemy.orm.session import Session
from mealie.core.config import APP_VERSION, get_settings
from mealie.db.database import get_database
from mealie.db.db_setup import generate_session
from mealie.schema.admin.about import AdminAboutInfo, AppStatistics
from mealie.schema.admin.about import AdminAboutInfo, AppStatistics, CheckAppConfig
router = APIRouter(prefix="/about")
@@ -36,3 +36,15 @@ async def get_app_statistics(session: Session = Depends(generate_session)):
total_users=db.users.count_all(),
total_groups=db.groups.count_all(),
)
@router.get("/check", response_model=CheckAppConfig)
async def check_app_config():
settings = get_settings()
url_set = settings.BASE_URL != "http://localhost:8080"
return CheckAppConfig(
email_ready=settings.SMTP_ENABLE,
base_url_set=url_set,
)

7
mealie/routes/groups/invitations.py
View File

@@ -1,6 +1,6 @@
from fastapi import APIRouter, Depends, status
from mealie.schema.group.invite_token import CreateInviteToken, ReadInviteToken
from mealie.schema.group.invite_token import CreateInviteToken, EmailInitationResponse, EmailInvitation, ReadInviteToken
from mealie.services.group_services.group_service import GroupSelfService
router = APIRouter()
@@ -14,3 +14,8 @@ def get_invite_tokens(g_service: GroupSelfService = Depends(GroupSelfService.pri
@router.post("", response_model=ReadInviteToken, status_code=status.HTTP_201_CREATED)
def create_invite_token(uses: CreateInviteToken, g_service: GroupSelfService = Depends(GroupSelfService.private)):
return g_service.create_invite_token(uses.uses)
@router.post("/email", response_model=EmailInitationResponse)
def email_invitation(invite: EmailInvitation, g_service: GroupSelfService = Depends(GroupSelfService.private)):
return g_service.email_invitation(invite)

17
mealie/routes/groups/self_service.py
View File

@@ -1,7 +1,8 @@
from fastapi import Depends
from mealie.routes.routers import UserAPIRouter
from mealie.schema.user.user import GroupInDB
from mealie.schema.group.group_permissions import SetPermissions
from mealie.schema.user.user import GroupInDB, UserOut
from mealie.services.group_services.group_service import GroupSelfService
user_router = UserAPIRouter(prefix="/groups", tags=["Groups: Self Service"])
@@ -10,5 +11,17 @@ user_router = UserAPIRouter(prefix="/groups", tags=["Groups: Self Service"])
@user_router.get("/self", response_model=GroupInDB)
async def get_logged_in_user_group(g_service: GroupSelfService = Depends(GroupSelfService.write_existing)):
""" Returns the Group Data for the Current User """
return g_service.item
@user_router.get("/members", response_model=list[UserOut])
async def get_group_members(g_service: GroupSelfService = Depends(GroupSelfService.write_existing)):
""" Returns the Group of user lists """
return g_service.get_members()
@user_router.put("/permissions", response_model=UserOut)
async def set_member_permissions(
payload: SetPermissions, g_service: GroupSelfService = Depends(GroupSelfService.manage_existing)
):
return g_service.set_member_permissions(payload)

5
mealie/schema/admin/about.py
View File

@@ -23,3 +23,8 @@ class AdminAboutInfo(AppInfo):
db_type: str
db_url: Path
default_group: str
class CheckAppConfig(CamelModel):
email_ready: bool = False
base_url_set: bool = False

8
mealie/schema/group/group_permissions.py Normal file
View File

@@ -0,0 +1,8 @@
from fastapi_camelcase import CamelModel
class SetPermissions(CamelModel):
user_id: int
can_manage: bool = False
can_invite: bool = False
can_organize: bool = False

10
mealie/schema/group/invite_token.py
View File

@@ -18,3 +18,13 @@ class ReadInviteToken(CamelModel):
class Config:
orm_mode = True
class EmailInvitation(CamelModel):
email: str
token: str
class EmailInitationResponse(CamelModel):
success: bool
error: str = None

4
mealie/schema/user/user.py
View File

@@ -55,6 +55,10 @@ class UserBase(CamelModel):
advanced: bool = False
favorite_recipes: Optional[list[str]] = []
can_invite: bool = False
can_manage: bool = False
can_organize: bool = False
class Config:
orm_mode = True

2
mealie/services/email/email_service.py
View File

@@ -55,7 +55,7 @@ class EmailService(BaseService):
def send_invitation(self, address: str, invitation_url: str) -> bool:
invitation = EmailTemplate(
subject="Invitation to join Mealie",
header_text="Invitation",
header_text="Your Invited!",
message_top="You have been invited to join Mealie.",
message_bottom="Please click the button below to accept the invitation.",
button_link=invitation_url,

2
mealie/services/email/templates/default.html
View File

@@ -419,7 +419,7 @@
"
>
<div style="text-align: center">
{{ data.bottom_message}}
{{ data.message_bottom}}
</div>
</div>
</td>

52
mealie/services/group_services/group_service.py
View File

@@ -2,15 +2,17 @@ from __future__ import annotations
from uuid import uuid4
from fastapi import Depends
from fastapi import Depends, HTTPException, status
from mealie.core.dependencies.grouped import UserDeps
from mealie.core.root_logger import get_logger
from mealie.schema.group.group_permissions import SetPermissions
from mealie.schema.group.group_preferences import UpdateGroupPreferences
from mealie.schema.group.invite_token import ReadInviteToken, SaveInviteToken
from mealie.schema.group.invite_token import EmailInitationResponse, EmailInvitation, ReadInviteToken, SaveInviteToken
from mealie.schema.recipe.recipe_category import CategoryBase
from mealie.schema.user.user import GroupInDB
from mealie.schema.user.user import GroupInDB, PrivateUser, UserOut
from mealie.services._base_http_service.http_services import UserHttpService
from mealie.services.email import EmailService
from mealie.services.events import create_group_event
logger = get_logger(module=__name__)
@@ -31,10 +33,38 @@ class GroupSelfService(UserHttpService[int, str]):
"""Override parent method to remove `item_id` from arguments"""
return super().write_existing(item_id=0, deps=deps)
@classmethod
def manage_existing(cls, deps: UserDeps = Depends()):
"""Override parent method to remove `item_id` from arguments"""
if not deps.user.can_manage:
raise HTTPException(status.HTTP_403_FORBIDDEN)
return super().write_existing(item_id=0, deps=deps)
def populate_item(self, _: str = None) -> GroupInDB:
self.item = self.db.groups.get(self.group_id)
return self.item
# ====================================================================
# Manage Menbers
def get_members(self) -> list[UserOut]:
return self.db.users.multi_query(query_by={"group_id": self.item.id}, override_schema=UserOut)
def set_member_permissions(self, permissions: SetPermissions) -> PrivateUser:
target_user = self.db.users.get(permissions.user_id)
if not target_user:
raise HTTPException(status.HTTP_404_NOT_FOUND, detail="User not found")
if target_user.group_id != self.group_id:
raise HTTPException(status.HTTP_403_FORBIDDEN, detail="User is not a member of this group")
target_user.can_invite = permissions.can_invite
target_user.can_manage = permissions.can_manage
target_user.can_organize = permissions.can_organize
return self.db.users.update(permissions.user_id, target_user)
# ====================================================================
# Meal Categories
@@ -53,11 +83,27 @@ class GroupSelfService(UserHttpService[int, str]):
# Group Invites
def create_invite_token(self, uses: int = 1) -> None:
if not self.user.can_invite:
raise HTTPException(status.HTTP_403_FORBIDDEN, detail="User is not allowed to create invite tokens")
token = SaveInviteToken(uses_left=uses, group_id=self.group_id, token=uuid4().hex)
return self.db.group_invite_tokens.create(token)
def get_invite_tokens(self) -> list[ReadInviteToken]:
return self.db.group_invite_tokens.multi_query({"group_id": self.group_id})
def email_invitation(self, invite: EmailInvitation) -> EmailInitationResponse:
email_service = EmailService()
url = f"{self.settings.BASE_URL}/register?token={invite.token}"
success = False
error = None
try:
success = email_service.send_invitation(address=invite.email, invitation_url=url)
except Exception as e:
error = str(e)
return EmailInitationResponse(success=success, error=error)
# ====================================================================
# Export / Import Recipes

15
mealie/services/user_services/registration_service.py
View File

@@ -23,25 +23,21 @@ class RegistrationService(PublicHttpService[int, str]):
logger.info(f"Registering user {registration.username}")
token_entry = None
new_group = False
if registration.group:
new_group = True
group = self._register_new_group()
elif registration.group_token and registration.group_token != "":
token_entry = self.db.group_invite_tokens.get(registration.group_token)
print("Token Entry", token_entry)
if not token_entry:
raise HTTPException(status.HTTP_400_BAD_REQUEST, {"message": "Invalid group token"})
group = self.db.groups.get(token_entry.group_id)
else:
raise HTTPException(status.HTTP_400_BAD_REQUEST, {"message": "Missing group"})
user = self._create_new_user(group)
user = self._create_new_user(group, new_group)
if token_entry and user:
token_entry.uses_left = token_entry.uses_left - 1
@@ -54,7 +50,7 @@ class RegistrationService(PublicHttpService[int, str]):
return user
def _create_new_user(self, group: GroupInDB) -> PrivateUser:
def _create_new_user(self, group: GroupInDB, new_group=bool) -> PrivateUser:
new_user = UserIn(
email=self.registration.email,
username=self.registration.username,
@@ -62,6 +58,9 @@ class RegistrationService(PublicHttpService[int, str]):
full_name=self.registration.username,
advanced=self.registration.advanced,
group=group.name,
can_invite=new_group,
can_manage=new_group,
can_organize=new_group,
)
return self.db.users.create(new_user)