Implement permission management and enhance user interface for permissions in the application
Add new permission routes and integrate permission checks across various existing routes to ensure proper access control. Update the UserClub model to include role and permissions fields, allowing for more granular user access management. Enhance the frontend by introducing a user dropdown menu for managing permissions and displaying relevant options based on user roles. Improve the overall user experience by implementing permission-based visibility for navigation links and actions throughout the application.
This commit is contained in:
Torsten Schulz (local)
17
backend/migrations/add_permissions_to_user_club.sql
Normal file
17
backend/migrations/add_permissions_to_user_club.sql
Normal file
@@ -0,0 +1,17 @@
|
||||
-- Add role and permissions columns to user_club table
|
||||
ALTER TABLE `user_club`
|
||||
ADD COLUMN `role` VARCHAR(50) DEFAULT 'member' COMMENT 'User role: admin, trainer, team_manager, member' AFTER `approved`,
|
||||
ADD COLUMN `permissions` JSON NULL COMMENT 'Specific permissions: {diary: {read: true, write: true}, members: {...}, ...}' AFTER `role`,
|
||||
ADD COLUMN `is_owner` BOOLEAN DEFAULT FALSE COMMENT 'True if user created the club' AFTER `permissions`;
|
||||
|
||||
-- Create index for faster role lookups
|
||||
CREATE INDEX `idx_user_club_role` ON `user_club` (`role`);
|
||||
CREATE INDEX `idx_user_club_owner` ON `user_club` (`is_owner`);
|
||||
|
||||
-- Set existing approved users as members
|
||||
UPDATE `user_club` SET `role` = 'member' WHERE `approved` = 1 AND `role` IS NULL;
|
||||
|
||||
-- If there's a user who created the club (we need to identify them somehow)
|
||||
-- For now, we'll need to manually set the owner after migration
|
||||
|
||||
|
||||
38
backend/migrations/update_existing_user_club_permissions.sql
Normal file
38
backend/migrations/update_existing_user_club_permissions.sql
Normal file
@@ -0,0 +1,38 @@
|
||||
-- Update existing user_club entries with default permissions
|
||||
-- This migration sets default values for role and is_owner for existing club memberships
|
||||
|
||||
-- Set default role to 'member' for all approved users who don't have a role yet
|
||||
UPDATE `user_club`
|
||||
SET `role` = 'member'
|
||||
WHERE `approved` = 1
|
||||
AND (`role` IS NULL OR `role` = '');
|
||||
|
||||
-- Optionally: Set the first approved user of each club as owner
|
||||
-- This finds the user with the lowest user_id per club (oldest member) and marks them as owner
|
||||
UPDATE `user_club` AS uc1
|
||||
INNER JOIN (
|
||||
SELECT `club_id`, MIN(`user_id`) as `first_user_id`
|
||||
FROM `user_club`
|
||||
WHERE `approved` = 1
|
||||
GROUP BY `club_id`
|
||||
) AS uc2 ON uc1.`club_id` = uc2.`club_id` AND uc1.`user_id` = uc2.`first_user_id`
|
||||
SET
|
||||
uc1.`is_owner` = 1,
|
||||
uc1.`role` = 'admin';
|
||||
|
||||
-- Verify the changes
|
||||
SELECT
|
||||
uc.`club_id`,
|
||||
c.`name` as club_name,
|
||||
uc.`user_id`,
|
||||
u.`email` as user_email,
|
||||
uc.`role`,
|
||||
uc.`is_owner`,
|
||||
uc.`approved`
|
||||
FROM `user_club` uc
|
||||
LEFT JOIN `club` c ON c.`id` = uc.`club_id`
|
||||
LEFT JOIN `user` u ON u.`id` = uc.`user_id`
|
||||
WHERE uc.`approved` = 1
|
||||
ORDER BY uc.`club_id`, uc.`is_owner` DESC, uc.`user_id`;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user