Commit Graph

18 Commits

Author SHA1 Message Date
Jordan Knott
fe84f97f18 fix: url encode avatar filename when showing path
fixes #61
2020-09-12 18:12:12 -05:00
Jordan Knott
52c60abcd7 fix: secret key is no longer hard coded
the secret key for signing JWT tokens is now read from server.secret.

if that does not exist, then a random UUID v4 is generated and used
instead. a log warning is also shown.
2020-09-12 18:03:17 -05:00
Jordan Knott
e2ef8a1a19 fix: initial access token after install is now set correctly 2020-09-12 03:24:09 -05:00
Jordan Knott
ba9fc64fd9 fix: do not add localhost:3333 url to avatar urls
fixes #58
2020-09-12 01:23:48 -05:00
Jordan Knott
009d717d80 fix: uploading avatar image failing due to invalid UUID key
fixes #55
2020-09-11 13:57:02 -05:00
Jordan Knott
0a1bdc19f3 fix: remove cors middleware
fixes #51
2020-09-02 20:30:38 -05:00
Jordan Knott
314bf224ea fix: use correct context keys when retrieving userID & role 2020-08-21 23:08:30 -05:00
Jordan Knott
9dba566660 feat: add pre-commit hooks & refactor code to pass linting 2020-08-20 18:37:36 -05:00
Sam
4e56ae88d6 Fix: remove debug statements when logging in with incorrect password 2020-08-18 16:50:10 -05:00
Jordan Knott
c2ef8a7d56 feat: replace config system with viper based system
allows for config settings to be easily set through ENV variables,
config files, or CLI flags

adds flag to run migration on web server start (fixes #29)
2020-08-12 22:30:53 -05:00
Jordan Knott
e64f6f8569 feat: enforce user roles
enforces user admin role requirement for
- creating / deleting / setting role for organization users
- creating / deleting / setting role for project users
- updating project name
- deleting project

hides action elements based on role for
- admin console
- team settings if team is only visible through project membership
- add project tile if not team admin
- project name text editor if not team / project admin
- add redirect from team page if settings only visible through project
  membership
- add redirect from admin console if not org admin

role enforcement is handled on the api side through a custom GraphQL
directive `hasRole`. on the client side, role information is fetched in
the TopNavbar's `me` query and stored in the `UserContext`.

there is a custom hook, `useCurrentUser`, that provides a user object
with two functions, `isVisibile` & `isAdmin` which is used to check
roles in order to render/hide relevant UI elements.
2020-08-11 21:03:21 -05:00
Jordan Knott
5dbdc20b36 chore: rename Citadel to Taskcafe 2020-08-06 20:50:35 -05:00
Jordan Knott
20b5188662 fix: remove log containing user password
fixes issue #12
2020-07-20 17:34:57 -05:00
Jordan Knott
6f33cc5799 fix: update api import paths & fix Dockerfile not copying frontend build
fixes issue #7 & #9

also remove agGrid dependency from package.json to reduce download size
2020-07-19 17:25:58 -05:00
Jordan Knott
d3f29134e0 fix: ignore system user in users query & add full name to user in install route 2020-07-16 21:57:02 -05:00
Jordan Knott
2cf6be082c feature: add first time install process 2020-07-16 19:40:23 -05:00
Jordan Knott
90515f6aa4 feature: add web & migrate commands 2020-07-15 18:22:25 -05:00
Jordan Knott
e5d5e6da01 arch: move web folder into api & move api to top level 2020-07-04 18:08:37 -05:00