From 82331276488ca1f544806e54487e4e11d87eb5e5 Mon Sep 17 00:00:00 2001
From: "kelly.nguyen" <kelly.nguyen@etu.hesge.ch>
Date: Wed, 28 Feb 2024 18:27:33 +0100
Subject: [PATCH] add check privileges to user list

---
 .../user/subcommands/UserChangeRoleCommand.ts  | 18 +++++++++++-------
 .../user/subcommands/UserListCommand.ts        | 17 ++++++++++++++++-
 2 files changed, 27 insertions(+), 8 deletions(-)

diff --git a/NodeApp/src/commander/user/subcommands/UserChangeRoleCommand.ts b/NodeApp/src/commander/user/subcommands/UserChangeRoleCommand.ts
index 4061c14..23164f8 100644
--- a/NodeApp/src/commander/user/subcommands/UserChangeRoleCommand.ts
+++ b/NodeApp/src/commander/user/subcommands/UserChangeRoleCommand.ts
@@ -15,16 +15,12 @@ class UserChangeRoleCommand extends CommanderCommand {
      }
      
      protected async commandAction(id: string, newRole : string): Promise<void> {
+          // TODO : newRole -> type UserRole
+          // check privileges
           {               
                console.log(chalk.cyan('Please wait while we are changing the role of the user...'));
                
-               const spinner = ora({
-                    text  : 'Retrieving gitlab tokens',
-                    indent: 4
-               }).start();
-               // TODO : newRole -> type UserRole
-               // TODO : Can't modify own role
-               
+               // check if ADMIN
                const sessionResult = await SessionManager.testSession(true, [ 'admin' ]);
                console.log(sessionResult);
                console.log(SessionManager.profile?.id);
@@ -32,6 +28,14 @@ class UserChangeRoleCommand extends CommanderCommand {
                if ( !sessionResult || !sessionResult.admin ) {
                     return ;
                }
+          }
+          
+          // change role
+          {
+               const spinner = ora({
+                    text  : 'Updating role',
+                    indent: 4
+               }).start();
                
                try {
                     if (SessionManager.profile?.id != +id) {
diff --git a/NodeApp/src/commander/user/subcommands/UserListCommand.ts b/NodeApp/src/commander/user/subcommands/UserListCommand.ts
index 511cbd0..db99164 100644
--- a/NodeApp/src/commander/user/subcommands/UserListCommand.ts
+++ b/NodeApp/src/commander/user/subcommands/UserListCommand.ts
@@ -3,6 +3,7 @@ import CommanderCommand from "../../CommanderCommand";
 import DojoBackendManager from "../../../managers/DojoBackendManager";
 import User from "../../../sharedByClients/models/User";
 import ora from "ora";
+import SessionManager from "../../../managers/SessionManager";
 
 class UserListCommand extends CommanderCommand {
      protected commandName : string = 'list';
@@ -16,9 +17,23 @@ class UserListCommand extends CommanderCommand {
      
      protected async commandAction(): Promise<void> {
           let users : User[] = [];
+          // check privileges
+          {               
+               console.log(chalk.cyan('Please wait while we are retrieving the users...'));
+               
+               // check if ADMIN
+               const sessionResult = await SessionManager.testSession(true, [ 'admin' ]);
+               console.log(sessionResult);
+               console.log(SessionManager.profile?.id);
+               
+               if ( !sessionResult || !sessionResult.admin ) {
+                    return ;
+               }
+          }
+          
           // Retrieve data
           {
-               console.log(chalk.cyan('Please wait while we are retrieving the users...'));
+               // TODO : display data in table
                users = await DojoBackendManager.getAllUsers();
                users.forEach(user => {
                     const oraInfo = (message: string) => {
-- 
GitLab