Commit Graph

7 Commits

Author SHA1 Message Date
branchmispredictor
1bac555ebb fix: respect jwt validation errors 2020-12-29 17:42:38 -06:00
Jordan Knott
52c60abcd7 fix: secret key is no longer hard coded
the secret key for signing JWT tokens is now read from server.secret.

if that does not exist, then a random UUID v4 is generated and used
instead. a log warning is also shown.
2020-09-12 18:03:17 -05:00
Jordan Knott
9dba566660 feat: add pre-commit hooks & refactor code to pass linting 2020-08-20 18:37:36 -05:00
Jordan Knott
e64f6f8569 feat: enforce user roles
enforces user admin role requirement for
- creating / deleting / setting role for organization users
- creating / deleting / setting role for project users
- updating project name
- deleting project

hides action elements based on role for
- admin console
- team settings if team is only visible through project membership
- add project tile if not team admin
- project name text editor if not team / project admin
- add redirect from team page if settings only visible through project
  membership
- add redirect from admin console if not org admin

role enforcement is handled on the api side through a custom GraphQL
directive `hasRole`. on the client side, role information is fetched in
the TopNavbar's `me` query and stored in the `UserContext`.

there is a custom hook, `useCurrentUser`, that provides a user object
with two functions, `isVisibile` & `isAdmin` which is used to check
roles in order to render/hide relevant UI elements.
2020-08-11 21:03:21 -05:00
Jordan Knott
5dbdc20b36 chore: rename Citadel to Taskcafe 2020-08-06 20:50:35 -05:00
Jordan Knott
2cf6be082c feature: add first time install process 2020-07-16 19:40:23 -05:00
Jordan Knott
e5d5e6da01 arch: move web folder into api & move api to top level 2020-07-04 18:08:37 -05:00