topaLE
/
ghostfolio
mirror of https://github.com/ghostfolio/ghostfolio
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Feature/read only mode (#520) 

* Setup read only mode and update permissions dynamically

* Update changelog
pull/526/head
Thomas Kaul 3 years ago
committed by GitHub
parent
069660afe4
commit
d09cad4e05
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
30 changed files with 208 additions and 121 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      CHANGELOG.md
  2. 16
      apps/api/src/app/access/access.controller.ts
  3. 21
      apps/api/src/app/account/account.controller.ts
  4. 21
      apps/api/src/app/admin/admin.controller.ts
  5. 8
      apps/api/src/app/auth-device/auth-device.controller.ts
  6. 6
      apps/api/src/app/auth/auth.module.ts
  7. 9
      apps/api/src/app/info/info.service.ts
  8. 21
      apps/api/src/app/order/order.controller.ts
  9. 36
      apps/api/src/app/user/user.controller.ts
  10. 2
      apps/api/src/app/user/user.module.ts
  11. 38
      apps/api/src/app/user/user.service.ts
  12. 1
      apps/api/src/services/configuration.service.ts
  13. 1
      apps/api/src/services/interfaces/environment.interface.ts
  14. 2
      apps/api/src/services/property/property.service.ts
  15. 49
      apps/client/src/app/components/admin-overview/admin-overview.component.ts
  16. 10
      apps/client/src/app/components/admin-overview/admin-overview.html
  17. 9
      apps/client/src/app/components/admin-overview/admin-overview.module.ts
  18. 2
      apps/client/src/app/components/header/header.component.html
  19. 7
      apps/client/src/app/components/transactions-table/transactions-table.component.html
  20. 1
      apps/client/src/app/components/transactions-table/transactions-table.component.ts
  21. 28
      apps/client/src/app/core/http-response.interceptor.ts
  22. 2
      apps/client/src/app/pages/accounts/accounts-page.component.ts
  23. 4
      apps/client/src/app/pages/portfolio/transactions/transactions-page.component.ts
  24. 1
      apps/client/src/app/pages/portfolio/transactions/transactions-page.html
  25. 4
      apps/client/src/app/pages/register/register-page.component.ts
  26. 2
      apps/client/src/app/pages/register/register-page.html
  27. 1
      libs/common/src/lib/config.ts
  28. 2
      libs/common/src/lib/interfaces/admin-data.interface.ts
  29. 3
      libs/common/src/lib/interfaces/info-item.interface.ts
  30. 21
      libs/common/src/lib/permissions.ts

1
CHANGELOG.md
View File

@ -11,6 +11,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Supported the management of additional currencies in the admin control panel
- Introduced the system message
- Introduced the read only mode
### Changed

16
apps/api/src/app/access/access.controller.ts
View File

@ -1,9 +1,5 @@
import { Access } from '@ghostfolio/common/interfaces';
import {
getPermissions,
hasPermission,
permissions
} from '@ghostfolio/common/permissions';
import { hasPermission, permissions } from '@ghostfolio/common/permissions';
import type { RequestWithUser } from '@ghostfolio/common/types';
import {
Body,
@ -66,10 +62,7 @@ export class AccessController {
@Body() data: CreateAccessDto
): Promise<AccessModel> {
if (
!hasPermission(
getPermissions(this.request.user.role),
permissions.createAccess
)
!hasPermission(this.request.user.permissions, permissions.createAccess)
) {
throw new HttpException(
getReasonPhrase(StatusCodes.FORBIDDEN),
@ -86,10 +79,7 @@ export class AccessController {
@UseGuards(AuthGuard('jwt'))
public async deleteAccess(@Param('id') id: string): Promise<AccessModule> {
if (
!hasPermission(
getPermissions(this.request.user.role),
permissions.deleteAccess
)
!hasPermission(this.request.user.permissions, permissions.deleteAccess)
) {
throw new HttpException(
getReasonPhrase(StatusCodes.FORBIDDEN),

21
apps/api/src/app/account/account.controller.ts
View File

@ -6,11 +6,7 @@ import {
} from '@ghostfolio/api/helper/object.helper';
import { ImpersonationService } from '@ghostfolio/api/services/impersonation.service';
import { Accounts } from '@ghostfolio/common/interfaces';
import {
getPermissions,
hasPermission,
permissions
} from '@ghostfolio/common/permissions';
import { hasPermission, permissions } from '@ghostfolio/common/permissions';
import type { RequestWithUser } from '@ghostfolio/common/types';
import {
Body,
@ -48,10 +44,7 @@ export class AccountController {
@UseGuards(AuthGuard('jwt'))
public async deleteAccount(@Param('id') id: string): Promise<AccountModel> {
if (
!hasPermission(
getPermissions(this.request.user.role),
permissions.deleteAccount
)
!hasPermission(this.request.user.permissions, permissions.deleteAccount)
) {
throw new HttpException(
getReasonPhrase(StatusCodes.FORBIDDEN),
@ -143,10 +136,7 @@ export class AccountController {
@Body() data: CreateAccountDto
): Promise<AccountModel> {
if (
!hasPermission(
getPermissions(this.request.user.role),
permissions.createAccount
)
!hasPermission(this.request.user.permissions, permissions.createAccount)
) {
throw new HttpException(
getReasonPhrase(StatusCodes.FORBIDDEN),
@ -183,10 +173,7 @@ export class AccountController {
@UseGuards(AuthGuard('jwt'))
public async update(@Param('id') id: string, @Body() data: UpdateAccountDto) {
if (
!hasPermission(
getPermissions(this.request.user.role),
permissions.updateAccount
)
!hasPermission(this.request.user.permissions, permissions.updateAccount)
) {
throw new HttpException(
getReasonPhrase(StatusCodes.FORBIDDEN),

21
apps/api/src/app/admin/admin.controller.ts
View File

@ -1,17 +1,12 @@
import { DataGatheringService } from '@ghostfolio/api/services/data-gathering.service';
import { PropertyDto } from '@ghostfolio/api/services/property/property.dto';
import { PropertyService } from '@ghostfolio/api/services/property/property.service';
import { PROPERTY_CURRENCIES } from '@ghostfolio/common/config';
import {
AdminData,
AdminMarketData,
AdminMarketDataDetails
} from '@ghostfolio/common/interfaces';
import {
getPermissions,
hasPermission,
permissions
} from '@ghostfolio/common/permissions';
import { hasPermission, permissions } from '@ghostfolio/common/permissions';
import type { RequestWithUser } from '@ghostfolio/common/types';
import {
Body,
@ -45,7 +40,7 @@ export class AdminController {
public async getAdminData(): Promise<AdminData> {
if (
!hasPermission(
getPermissions(this.request.user.role),
this.request.user.permissions,
permissions.accessAdminControl
)
) {
@ -63,7 +58,7 @@ export class AdminController {
public async gatherMax(): Promise<void> {
if (
!hasPermission(
getPermissions(this.request.user.role),
this.request.user.permissions,
permissions.accessAdminControl
)
) {
@ -87,7 +82,7 @@ export class AdminController {
): Promise<void> {
if (
!hasPermission(
getPermissions(this.request.user.role),
this.request.user.permissions,
permissions.accessAdminControl
)
) {
@ -107,7 +102,7 @@ export class AdminController {
public async gatherProfileData(): Promise<void> {
if (
!hasPermission(
getPermissions(this.request.user.role),
this.request.user.permissions,
permissions.accessAdminControl
)
) {
@ -127,7 +122,7 @@ export class AdminController {
public async getMarketData(): Promise<AdminMarketData> {
if (
!hasPermission(
getPermissions(this.request.user.role),
this.request.user.permissions,
permissions.accessAdminControl
)
) {
@ -147,7 +142,7 @@ export class AdminController {
): Promise<AdminMarketDataDetails> {
if (
!hasPermission(
getPermissions(this.request.user.role),
this.request.user.permissions,
permissions.accessAdminControl
)
) {
@ -168,7 +163,7 @@ export class AdminController {
) {
if (
!hasPermission(
getPermissions(this.request.user.role),
this.request.user.permissions,
permissions.accessAdminControl
)
) {

8
apps/api/src/app/auth-device/auth-device.controller.ts
View File

@ -1,9 +1,5 @@
import { AuthDeviceService } from '@ghostfolio/api/app/auth-device/auth-device.service';
import {
getPermissions,
hasPermission,
permissions
} from '@ghostfolio/common/permissions';
import { hasPermission, permissions } from '@ghostfolio/common/permissions';
import type { RequestWithUser } from '@ghostfolio/common/types';
import {
Controller,
@ -29,7 +25,7 @@ export class AuthDeviceController {
public async deleteAuthDevice(@Param('id') id: string): Promise<void> {
if (
!hasPermission(
getPermissions(this.request.user.role),
this.request.user.permissions,
permissions.deleteAuthDevice
)
) {

6
apps/api/src/app/auth/auth.module.ts
View File

@ -1,7 +1,7 @@
import { AuthDeviceService } from '@ghostfolio/api/app/auth-device/auth-device.service';
import { WebAuthService } from '@ghostfolio/api/app/auth/web-auth.service';
import { SubscriptionModule } from '@ghostfolio/api/app/subscription/subscription.module';
import { UserService } from '@ghostfolio/api/app/user/user.service';
import { UserModule } from '@ghostfolio/api/app/user/user.module';
import { ConfigurationService } from '@ghostfolio/api/services/configuration.service';
import { PrismaService } from '@ghostfolio/api/services/prisma.service';
import { Module } from '@nestjs/common';
@ -19,7 +19,8 @@ import { JwtStrategy } from './jwt.strategy';
secret: process.env.JWT_SECRET_KEY,
signOptions: { expiresIn: '180 days' }
}),
SubscriptionModule
SubscriptionModule,
UserModule
],
providers: [
AuthDeviceService,
@ -28,7 +29,6 @@ import { JwtStrategy } from './jwt.strategy';
GoogleStrategy,
JwtStrategy,
PrismaService,
UserService,
WebAuthService
]
})

9
apps/api/src/app/info/info.service.ts
View File

@ -6,6 +6,7 @@ import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-
import { PrismaService } from '@ghostfolio/api/services/prisma.service';
import { PropertyService } from '@ghostfolio/api/services/property/property.service';
import {
PROPERTY_IS_READ_ONLY_MODE,
PROPERTY_STRIPE_CONFIG,
PROPERTY_SYSTEM_MESSAGE
} from '@ghostfolio/common/config';
@ -36,6 +37,7 @@ export class InfoService {
public async get(): Promise<InfoItem> {
const info: Partial<InfoItem> = {};
let isReadOnlyMode: boolean;
const platforms = await this.prismaService.platform.findMany({
orderBy: { name: 'asc' },
select: { id: true, name: true }
@ -52,6 +54,12 @@ export class InfoService {
globalPermissions.push(permissions.enableImport);
}
if (this.configurationService.get('ENABLE_FEATURE_READ_ONLY_MODE')) {
isReadOnlyMode = (await this.propertyService.getByKey(
PROPERTY_IS_READ_ONLY_MODE
)) as boolean;
}
if (this.configurationService.get('ENABLE_FEATURE_SOCIAL_LOGIN')) {
globalPermissions.push(permissions.enableSocialLogin);
}
@ -77,6 +85,7 @@ export class InfoService {
return {
...info,
globalPermissions,
isReadOnlyMode,
platforms,
systemMessage,
currencies: this.exchangeRateDataService.getCurrencies(),

21
apps/api/src/app/order/order.controller.ts
View File

@ -1,11 +1,7 @@
import { UserService } from '@ghostfolio/api/app/user/user.service';
import { nullifyValuesInObjects } from '@ghostfolio/api/helper/object.helper';
import { ImpersonationService } from '@ghostfolio/api/services/impersonation.service';
import {
getPermissions,
hasPermission,
permissions
} from '@ghostfolio/common/permissions';
import { hasPermission, permissions } from '@ghostfolio/common/permissions';
import type { RequestWithUser } from '@ghostfolio/common/types';
import {
Body,
@ -43,10 +39,7 @@ export class OrderController {
@UseGuards(AuthGuard('jwt'))
public async deleteOrder(@Param('id') id: string): Promise<OrderModel> {
if (
!hasPermission(
getPermissions(this.request.user.role),
permissions.deleteOrder
)
!hasPermission(this.request.user.permissions, permissions.deleteOrder)
) {
throw new HttpException(
getReasonPhrase(StatusCodes.FORBIDDEN),
@ -115,10 +108,7 @@ export class OrderController {
@UseGuards(AuthGuard('jwt'))
public async createOrder(@Body() data: CreateOrderDto): Promise<OrderModel> {
if (
!hasPermission(
getPermissions(this.request.user.role),
permissions.createOrder
)
!hasPermission(this.request.user.permissions, permissions.createOrder)
) {
throw new HttpException(
getReasonPhrase(StatusCodes.FORBIDDEN),
@ -161,10 +151,7 @@ export class OrderController {
@UseGuards(AuthGuard('jwt'))
public async update(@Param('id') id: string, @Body() data: UpdateOrderDto) {
if (
!hasPermission(
getPermissions(this.request.user.role),
permissions.updateOrder
)
!hasPermission(this.request.user.permissions, permissions.updateOrder)
) {
throw new HttpException(
getReasonPhrase(StatusCodes.FORBIDDEN),

36
apps/api/src/app/user/user.controller.ts
View File

@ -1,7 +1,10 @@
import { ConfigurationService } from '@ghostfolio/api/services/configuration.service';
import { PropertyService } from '@ghostfolio/api/services/property/property.service';
import { PROPERTY_IS_READ_ONLY_MODE } from '@ghostfolio/common/config';
import { User } from '@ghostfolio/common/interfaces';
import {
getPermissions,
hasPermission,
hasRole,
permissions
} from '@ghostfolio/common/permissions';
import type { RequestWithUser } from '@ghostfolio/common/types';
@ -20,7 +23,7 @@ import {
import { REQUEST } from '@nestjs/core';
import { JwtService } from '@nestjs/jwt';
import { AuthGuard } from '@nestjs/passport';
import { Provider } from '@prisma/client';
import { Provider, Role } from '@prisma/client';
import { User as UserModel } from '@prisma/client';
import { StatusCodes, getReasonPhrase } from 'http-status-codes';
@ -34,7 +37,9 @@ import { UserService } from './user.service';
@Controller('user')
export class UserController {
public constructor(
private readonly configurationService: ConfigurationService,
private jwtService: JwtService,
private readonly propertyService: PropertyService,
@Inject(REQUEST) private readonly request: RequestWithUser,
private readonly userService: UserService
) {}
@ -43,10 +48,7 @@ export class UserController {
@UseGuards(AuthGuard('jwt'))
public async deleteUser(@Param('id') id: string): Promise<UserModel> {
if (
!hasPermission(
getPermissions(this.request.user.role),
permissions.deleteUser
) ||
!hasPermission(this.request.user.permissions, permissions.deleteUser) ||
id === this.request.user.id
) {
throw new HttpException(
@ -68,6 +70,19 @@ export class UserController {
@Post()
public async signupUser(): Promise<UserItem> {
if (this.configurationService.get('ENABLE_FEATURE_READ_ONLY_MODE')) {
const isReadOnlyMode = (await this.propertyService.getByKey(
PROPERTY_IS_READ_ONLY_MODE
)) as boolean;
if (isReadOnlyMode) {
throw new HttpException(
getReasonPhrase(StatusCodes.FORBIDDEN),
StatusCodes.FORBIDDEN
);
}
}
const { accessToken, id } = await this.userService.createUser({
provider: Provider.ANONYMOUS
});
@ -85,7 +100,7 @@ export class UserController {
public async updateUserSetting(@Body() data: UpdateUserSettingDto) {
if (
!hasPermission(
getPermissions(this.request.user.role),
this.request.user.permissions,
permissions.updateUserSettings
)
) {
@ -111,7 +126,7 @@ export class UserController {
public async updateUserSettings(@Body() data: UpdateUserSettingsDto) {
if (
!hasPermission(
getPermissions(this.request.user.role),
this.request.user.permissions,
permissions.updateUserSettings
)
) {
@ -127,10 +142,7 @@ export class UserController {
};
if (
hasPermission(
getPermissions(this.request.user.role),
permissions.updateViewMode
)
hasPermission(this.request.user.permissions, permissions.updateViewMode)
) {
userSettings.viewMode = data.viewMode;
}

2
apps/api/src/app/user/user.module.ts
View File

@ -1,6 +1,7 @@
import { SubscriptionModule } from '@ghostfolio/api/app/subscription/subscription.module';
import { ConfigurationService } from '@ghostfolio/api/services/configuration.service';
import { PrismaService } from '@ghostfolio/api/services/prisma.service';
import { PropertyModule } from '@ghostfolio/api/services/property/property.module';
import { Module } from '@nestjs/common';
import { JwtModule } from '@nestjs/jwt';
@ -13,6 +14,7 @@ import { UserService } from './user.service';
secret: process.env.JWT_SECRET_KEY,
signOptions: { expiresIn: '30 days' }
}),
PropertyModule,
SubscriptionModule
],
controllers: [UserController],

38
apps/api/src/app/user/user.service.ts
View File

@ -1,12 +1,21 @@
import { SubscriptionService } from '@ghostfolio/api/app/subscription/subscription.service';
import { ConfigurationService } from '@ghostfolio/api/services/configuration.service';
import { PrismaService } from '@ghostfolio/api/services/prisma.service';
import { baseCurrency, locale } from '@ghostfolio/common/config';
import { PropertyService } from '@ghostfolio/api/services/property/property.service';
import {
PROPERTY_IS_READ_ONLY_MODE,
baseCurrency,
locale
} from '@ghostfolio/common/config';
import { User as IUser, UserWithSettings } from '@ghostfolio/common/interfaces';
import { getPermissions, permissions } from '@ghostfolio/common/permissions';
import {
getPermissions,
hasRole,
permissions
} from '@ghostfolio/common/permissions';
import { SubscriptionType } from '@ghostfolio/common/types/subscription.type';
import { Injectable } from '@nestjs/common';
import { Prisma, Provider, User, ViewMode } from '@prisma/client';
import { Prisma, Provider, Role, User, ViewMode } from '@prisma/client';
import { UserSettingsParams } from './interfaces/user-settings-params.interface';
import { UserSettings } from './interfaces/user-settings.interface';
@ -20,6 +29,7 @@ export class UserService {
public constructor(
private readonly configurationService: ConfigurationService,
private readonly prismaService: PrismaService,
private readonly propertyService: PropertyService,
private readonly subscriptionService: SubscriptionService
) {}
@ -74,12 +84,32 @@ export class UserService {
const user: UserWithSettings = userFromDatabase;
const currentPermissions = getPermissions(userFromDatabase.role);
let currentPermissions = getPermissions(userFromDatabase.role);
if (this.configurationService.get('ENABLE_FEATURE_FEAR_AND_GREED_INDEX')) {
currentPermissions.push(permissions.accessFearAndGreedIndex);
}
if (this.configurationService.get('ENABLE_FEATURE_READ_ONLY_MODE')) {
if (hasRole(user, Role.ADMIN)) {
currentPermissions.push(permissions.toggleReadOnlyMode);
}
const isReadOnlyMode = (await this.propertyService.getByKey(
PROPERTY_IS_READ_ONLY_MODE
)) as boolean;
if (isReadOnlyMode) {
currentPermissions = currentPermissions.filter((permission) => {
return !(
permission.startsWith('create') ||
permission.startsWith('delete') ||
permission.startsWith('update')
);
});
}
}
user.permissions = currentPermissions;
if (userFromDatabase?.Settings) {

1
apps/api/src/services/configuration.service.ts
View File

@ -18,6 +18,7 @@ export class ConfigurationService {
ENABLE_FEATURE_CUSTOM_SYMBOLS: bool({ default: false }),
ENABLE_FEATURE_FEAR_AND_GREED_INDEX: bool({ default: false }),
ENABLE_FEATURE_IMPORT: bool({ default: true }),
ENABLE_FEATURE_READ_ONLY_MODE: bool({ default: false }),
ENABLE_FEATURE_SOCIAL_LOGIN: bool({ default: false }),
ENABLE_FEATURE_STATISTICS: bool({ default: false }),
ENABLE_FEATURE_SUBSCRIPTION: bool({ default: false }),

1
apps/api/src/services/interfaces/environment.interface.ts
View File

@ -9,6 +9,7 @@ export interface Environment extends CleanedEnvAccessors {
ENABLE_FEATURE_CUSTOM_SYMBOLS: boolean;
ENABLE_FEATURE_FEAR_AND_GREED_INDEX: boolean;
ENABLE_FEATURE_IMPORT: boolean;
ENABLE_FEATURE_READ_ONLY_MODE: boolean;
ENABLE_FEATURE_SOCIAL_LOGIN: boolean;
ENABLE_FEATURE_STATISTICS: boolean;
ENABLE_FEATURE_SUBSCRIPTION: boolean;

2
apps/api/src/services/property/property.service.ts
View File

@ -14,7 +14,7 @@ export class PropertyService {
public async get() {
const response: {
[key: string]: object | string | string[];
[key: string]: boolean | object | string | string[];
} = {
[PROPERTY_CURRENCIES]: []
};

49
apps/client/src/app/components/admin-overview/admin-overview.component.ts
View File

@ -1,4 +1,5 @@
import { ChangeDetectorRef, Component, OnDestroy, OnInit } from '@angular/core';
import { MatSlideToggleChange } from '@angular/material/slide-toggle';
import { AdminService } from '@ghostfolio/client/services/admin.service';
import { CacheService } from '@ghostfolio/client/services/cache.service';
import { DataService } from '@ghostfolio/client/services/data.service';
@ -6,6 +7,7 @@ import { UserService } from '@ghostfolio/client/services/user/user.service';
import {
DEFAULT_DATE_FORMAT,
PROPERTY_CURRENCIES,
PROPERTY_IS_READ_ONLY_MODE,
PROPERTY_SYSTEM_MESSAGE
} from '@ghostfolio/common/config';
import { InfoItem, User } from '@ghostfolio/common/interfaces';
@ -32,6 +34,7 @@ export class AdminOverviewComponent implements OnDestroy, OnInit {
public defaultDateFormat = DEFAULT_DATE_FORMAT;
public exchangeRates: { label1: string; label2: string; value: number }[];
public hasPermissionForSystemMessage: boolean;
public hasPermissionToToggleReadOnlyMode: boolean;
public info: InfoItem;
public lastDataGathering: string;
public transactionCount: number;
@ -52,27 +55,32 @@ export class AdminOverviewComponent implements OnDestroy, OnInit {
) {
this.info = this.dataService.fetchInfo();
this.hasPermissionForSystemMessage = hasPermission(
this.info.globalPermissions,
permissions.enableSystemMessage
);
}
/**
* Initializes the controller
*/
public ngOnInit() {
this.fetchAdminData();
this.userService.stateChanged
.pipe(takeUntil(this.unsubscribeSubject))
.subscribe((state) => {
if (state?.user) {
this.user = state.user;
this.hasPermissionForSystemMessage = hasPermission(
this.info.globalPermissions,
permissions.enableSystemMessage
);
this.hasPermissionToToggleReadOnlyMode = hasPermission(
this.user.permissions,
permissions.toggleReadOnlyMode
);
}
});
}
/**
* Initializes the controller
*/
public ngOnInit() {
this.fetchAdminData();
}
public formatDistanceToNow(aDateString: string) {
if (aDateString) {
const distanceString = formatDistanceToNowStrict(parseISO(aDateString), {
@ -147,6 +155,10 @@ export class AdminOverviewComponent implements OnDestroy, OnInit {
.subscribe(() => {});
}
public onReadOnlyModeChange(aEvent: MatSlideToggleChange) {
this.setReadOnlyMode(aEvent.checked);
}
public onSetSystemMessage() {
const systemMessage = prompt('Please set your system message:');
@ -223,4 +235,17 @@ export class AdminOverviewComponent implements OnDestroy, OnInit {
}, 300);
});
}
private setReadOnlyMode(aValue: boolean) {
this.dataService
.putAdminSetting(PROPERTY_IS_READ_ONLY_MODE, {
value: aValue ? 'true' : ''
})
.pipe(takeUntil(this.unsubscribeSubject))
.subscribe(() => {
setTimeout(() => {
window.location.reload();
}, 300);
});
}
}

10
apps/client/src/app/components/admin-overview/admin-overview.html
View File

@ -146,6 +146,16 @@
</button>
</div>
</div>
<div *ngIf="hasPermissionToToggleReadOnlyMode" class="d-flex my-3">
<div class="w-50" i18n>Read-only Mode</div>
<div class="w-50">
<mat-slide-toggle
color="primary"
[checked]="info?.isReadOnlyMode"
(change)="onReadOnlyModeChange($event)"
></mat-slide-toggle>
</div>
</div>
</mat-card-content>
</mat-card>
</div>

9
apps/client/src/app/components/admin-overview/admin-overview.module.ts
View File

@ -2,6 +2,7 @@ import { CommonModule } from '@angular/common';
import { CUSTOM_ELEMENTS_SCHEMA, NgModule } from '@angular/core';
import { MatButtonModule } from '@angular/material/button';
import { MatCardModule } from '@angular/material/card';
import { MatSlideToggleModule } from '@angular/material/slide-toggle';
import { CacheService } from '@ghostfolio/client/services/cache.service';
import { GfValueModule } from '@ghostfolio/ui/value';
@ -10,7 +11,13 @@ import { AdminOverviewComponent } from './admin-overview.component';
@NgModule({
declarations: [AdminOverviewComponent],
exports: [],
imports: [CommonModule, GfValueModule, MatButtonModule, MatCardModule],
imports: [
CommonModule,
GfValueModule,
MatButtonModule,
MatCardModule,
MatSlideToggleModule
],
providers: [CacheService],
schemas: [CUSTOM_ELEMENTS_SCHEMA]
})

2
apps/client/src/app/components/header/header.component.html
View File

@ -270,7 +270,7 @@
Sign In
</button>
<a
*ngIf="currentRoute !== 'register'"
*ngIf="currentRoute !== 'register' && !info?.isReadOnlyMode"
class="d-none d-sm-block"
color="primary"
i18n

7
apps/client/src/app/components/transactions-table/transactions-table.component.html
View File

@ -273,7 +273,12 @@
}"
></ngx-skeleton-loader>
<div *ngIf="dataSource.data.length === 0 && !isLoading" class="p-3 text-center">
<div
*ngIf="
dataSource.data.length === 0 && hasPermissionToCreateOrder && !isLoading
"
class="p-3 text-center"
>
<gf-no-transactions-info-indicator
[hasBorder]="false"
></gf-no-transactions-info-indicator>

1
apps/client/src/app/components/transactions-table/transactions-table.component.ts
View File

@ -43,6 +43,7 @@ export class TransactionsTableComponent
{
@Input() baseCurrency: string;
@Input() deviceType: string;
@Input() hasPermissionToCreateOrder: boolean;
@Input() hasPermissionToImportOrders: boolean;
@Input() locale: string;
@Input() showActions: boolean;

28
apps/client/src/app/core/http-response.interceptor.ts
View File

@ -15,22 +15,28 @@ import {
} from '@angular/material/snack-bar';
import { Router } from '@angular/router';
import { WebAuthnService } from '@ghostfolio/client/services/web-authn.service';
import { InfoItem } from '@ghostfolio/common/interfaces';
import { StatusCodes } from 'http-status-codes';
import { Observable, throwError } from 'rxjs';
import { catchError, tap } from 'rxjs/operators';
import { TokenStorageService } from '../services/token-storage.service';
import { DataService } from '@ghostfolio/client/services/data.service';
import { TokenStorageService } from '@ghostfolio/client/services/token-storage.service';
@Injectable()
export class HttpResponseInterceptor implements HttpInterceptor {
public info: InfoItem;
public snackBarRef: MatSnackBarRef<TextOnlySnackBar>;
public constructor(
private dataService: DataService,
private router: Router,
private tokenStorageService: TokenStorageService,
private snackBar: MatSnackBar,
private webAuthnService: WebAuthnService
) {}
) {
this.info = this.dataService.fetchInfo();
}
public intercept(
request: HttpRequest<any>,
@ -63,11 +69,19 @@ export class HttpResponseInterceptor implements HttpInterceptor {
catchError((error: HttpErrorResponse) => {
if (error.status === StatusCodes.FORBIDDEN) {
if (!this.snackBarRef) {
this.snackBarRef = this.snackBar.open(
'This feature requires a subscription.',
'Upgrade Plan',
{ duration: 6000 }
);
if (this.info.isReadOnlyMode) {
this.snackBarRef = this.snackBar.open(
'This feature is currently unavailable. Please try again later.',
undefined,
{ duration: 6000 }
);
} else {
this.snackBarRef = this.snackBar.open(
'This feature requires a subscription.',
'Upgrade Plan',
{ duration: 6000 }
);
}
this.snackBarRef.afterDismissed().subscribe(() => {
this.snackBarRef = undefined;

2
apps/client/src/app/pages/accounts/accounts-page.component.ts
View File

@ -51,7 +51,7 @@ export class AccountsPageComponent implements OnDestroy, OnInit {
this.route.queryParams
.pipe(takeUntil(this.unsubscribeSubject))
.subscribe((params) => {
if (params['createDialog']) {
if (params['createDialog'] && this.hasPermissionToCreateAccount) {
this.openCreateAccountDialog();
} else if (params['editDialog']) {
if (this.accounts) {

4
apps/client/src/app/pages/portfolio/transactions/transactions-page.component.ts
View File

@ -61,7 +61,7 @@ export class TransactionsPageComponent implements OnDestroy, OnInit {
this.routeQueryParams = route.queryParams
.pipe(takeUntil(this.unsubscribeSubject))
.subscribe((params) => {
if (params['createDialog']) {
if (params['createDialog'] && this.hasPermissionToCreateOrder) {
this.openCreateTransactionDialog();
} else if (params['editDialog']) {
if (this.transactions) {
@ -130,7 +130,7 @@ export class TransactionsPageComponent implements OnDestroy, OnInit {
.subscribe((response) => {
this.transactions = response;
if (this.transactions?.length <= 0) {
if (this.hasPermissionToCreateOrder && this.transactions?.length <= 0) {
this.router.navigate([], { queryParams: { createDialog: true } });
}

1
apps/client/src/app/pages/portfolio/transactions/transactions-page.html
View File

@ -5,6 +5,7 @@
<gf-transactions-table
[baseCurrency]="user?.settings?.baseCurrency"
[deviceType]="deviceType"
[hasPermissionToCreateOrder]="hasPermissionToCreateOrder"
[hasPermissionToImportOrders]="hasPermissionToImportOrders"
[locale]="user?.settings?.locale"
[showActions]="!hasImpersonationId && hasPermissionToDeleteOrder && !user.settings.isRestrictedView"

4
apps/client/src/app/pages/register/register-page.component.ts
View File

@ -3,6 +3,7 @@ import { MatDialog } from '@angular/material/dialog';
import { Router } from '@angular/router';
import { DataService } from '@ghostfolio/client/services/data.service';
import { TokenStorageService } from '@ghostfolio/client/services/token-storage.service';
import { InfoItem } from '@ghostfolio/common/interfaces';
import { hasPermission, permissions } from '@ghostfolio/common/permissions';
import { LineChartItem } from '@ghostfolio/ui/line-chart/interfaces/line-chart.interface';
import { format } from 'date-fns';
@ -24,6 +25,7 @@ export class RegisterPageComponent implements OnDestroy, OnInit {
public deviceType: string;
public hasPermissionForSocialLogin: boolean;
public historicalDataItems: LineChartItem[];
public info: InfoItem;
private unsubscribeSubject = new Subject<void>();
@ -37,6 +39,8 @@ export class RegisterPageComponent implements OnDestroy, OnInit {
private router: Router,
private tokenStorageService: TokenStorageService
) {
this.info = this.dataService.fetchInfo();
this.tokenStorageService.signOut();
}

2
apps/client/src/app/pages/register/register-page.html
View File

@ -22,7 +22,7 @@
color="primary"
i18n
mat-flat-button
[disabled]="!demoAuthToken"
[disabled]="!demoAuthToken || info?.isReadOnlyMode"
(click)="createAccount()"
>
Create Account

1
libs/common/src/lib/config.ts
View File

@ -31,6 +31,7 @@ export const DEFAULT_DATE_FORMAT = 'dd.MM.yyyy';
export const DEFAULT_DATE_FORMAT_MONTH_YEAR = 'MMM yyyy';
export const PROPERTY_CURRENCIES = 'CURRENCIES';
export const PROPERTY_IS_READ_ONLY_MODE = 'IS_READ_ONLY_MODE';
export const PROPERTY_LAST_DATA_GATHERING = 'LAST_DATA_GATHERING';
export const PROPERTY_LOCKED_DATA_GATHERING = 'LOCKED_DATA_GATHERING';
export const PROPERTY_STRIPE_CONFIG = 'STRIPE_CONFIG';

2
libs/common/src/lib/interfaces/admin-data.interface.ts
View File

@ -4,7 +4,7 @@ export interface AdminData {
dataGatheringProgress?: number;
exchangeRates: { label1: string; label2: string; value: number }[];
lastDataGathering?: Date | 'IN_PROGRESS';
settings: { [key: string]: object | string | string[] };
settings: { [key: string]: boolean | object | string | string[] };
transactionCount: number;
userCount: number;
users: {

3
libs/common/src/lib/interfaces/info-item.interface.ts
View File

@ -7,11 +7,12 @@ export interface InfoItem {
currencies: string[];
demoAuthToken: string;
globalPermissions: string[];
isReadOnlyMode?: boolean;
lastDataGathering?: Date;
systemMessage?: string;
platforms: { id: string; name: string }[];
primaryDataSource: DataSource;
statistics: Statistics;
stripePublicKey?: string;
subscriptions: Subscription[];
systemMessage?: string;
}

21
libs/common/src/lib/permissions.ts
View File

@ -1,5 +1,7 @@
import { Role } from '@prisma/client';
import { UserWithSettings } from './interfaces';
export const permissions = {
accessAdminControl: 'accessAdminControl',
accessFearAndGreedIndex: 'accessFearAndGreedIndex',
@ -18,6 +20,7 @@ export const permissions = {
enableStatistics: 'enableStatistics',
enableSubscription: 'enableSubscription',
enableSystemMessage: 'enableSystemMessage',
toggleReadOnlyMode: 'toggleReadOnlyMode',
updateAccount: 'updateAccount',
updateAuthDevice: 'updateAuthDevice',
updateOrder: 'updateOrder',
@ -25,13 +28,6 @@ export const permissions = {
updateViewMode: 'updateViewMode'
};
export function hasPermission(
aPermissions: string[] = [],
aPermission: string
) {
return aPermissions.includes(aPermission);
}
export function getPermissions(aRole: Role): string[] {
switch (aRole) {
case 'ADMIN':
@ -75,3 +71,14 @@ export function getPermissions(aRole: Role): string[] {
return [];
}
}
export function hasPermission(
aPermissions: string[] = [],
aPermission: string
) {
return aPermissions.includes(aPermission);
}
export function hasRole(aUser: UserWithSettings, aRole: Role): boolean {
return aUser?.role === aRole;
}

Write Preview
Loading…
Cancel
Save