feat: enforce user roles

enforces user admin role requirement for - creating / deleting / setting role for organization users - creating / deleting / setting role for project users - updating project name - deleting project hides action elements based on role for - admin console - team settings if team is only visible through project membership - add project tile if not team admin - project name text editor if not team / project admin - add redirect from team page if settings only visible through project membership - add redirect from admin console if not org admin role enforcement is handled on the api side through a custom GraphQL directive `hasRole`. on the client side, role information is fetched in the TopNavbar's `me` query and stored in the `UserContext`. there is a custom hook, `useCurrentUser`, that provides a user object with two functions, `isVisibile` & `isAdmin` which is used to check roles in order to render/hide relevant UI elements.
2020-07-31 20:01:14 -05:00
parent 5dbdc20b36
commit e64f6f8569
63 changed files with 3017 additions and 1905 deletions
--- a/internal/commands/commands.go
+++ b/internal/commands/commands.go
@ -35,6 +35,6 @@ var rootCmd = &cobra.Command{

 func Execute() {
 	rootCmd.SetVersionTemplate(versionTemplate)
-	rootCmd.AddCommand(newWebCmd(), newMigrateCmd())
+	rootCmd.AddCommand(newWebCmd(), newMigrateCmd(), newTokenCmd())
 	rootCmd.Execute()
 }
--- a/internal/commands/migrate.go
+++ b/internal/commands/migrate.go
@ -2,6 +2,8 @@ package commands

 import (
 	"fmt"
+	"net/http"
+
 	"github.com/spf13/cobra"

 	"github.com/golang-migrate/migrate/v4"
@ -10,7 +12,6 @@ import (
 	"github.com/golang-migrate/migrate/v4/source/httpfs"
 	"github.com/jmoiron/sqlx"
 	"github.com/jordanknott/taskcafe/internal/config"
-	"github.com/jordanknott/taskcafe/internal/migrations"
 	log "github.com/sirupsen/logrus"
 )

@ -27,6 +28,12 @@ func (l *MigrateLog) Verbose() bool {
 	return l.verbose
 }

+var migration http.FileSystem
+
+func init() {
+	migration = http.Dir("./migrations")
+}
+
 func newMigrateCmd() *cobra.Command {
 	return &cobra.Command{
 		Use:   "migrate",
@ -53,7 +60,7 @@ func newMigrateCmd() *cobra.Command {
 				return err
 			}

-			src, err := httpfs.New(migrations.Migrations, "./")
+			src, err := httpfs.New(migration, "./")
 			if err != nil {
 				return err
 			}
--- a/internal/commands/migrate_prod.go
+++ b/internal/commands/migrate_prod.go
@ -0,0 +1,13 @@
+// +build prod
+
+package commands
+
+import (
+	"fmt"
+
+	"github.com/jordanknott/taskcafe/internal/migrations"
+)
+
+func init() {
+	migration = migrations.Migrations
+}
--- a/internal/commands/token.go
+++ b/internal/commands/token.go
@ -0,0 +1,27 @@
+package commands
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/jordanknott/taskcafe/internal/auth"
+	log "github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+)
+
+func newTokenCmd() *cobra.Command {
+	return &cobra.Command{
+		Use:   "token",
+		Short: "Create a long lived JWT token for dev purposes",
+		Long:  "Create a long lived JWT token for dev purposes",
+		Args:  cobra.ExactArgs(1),
+		Run: func(cmd *cobra.Command, args []string) {
+			token, err := auth.NewAccessTokenCustomExpiration(args[0], time.Hour*24)
+			if err != nil {
+				log.WithError(err).Error("issue while creating access token")
+				return
+			}
+			fmt.Println(token)
+		},
+	}
+}