open-source-mirrors
/
Ombi
mirror of https://github.com/Ombi-app/Ombi
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

New role to enable users to remove their own requests

Browse Source
pull/2580/head^2
Anojh 6 years ago
parent 5e0f04a2f6
commit 0b2b3d2f30
7 changed files with 31 additions and 5 deletions
Show Stats Download Patch File Download Diff File

1
src/Ombi.Helpers/OmbiRoles.cs
Unescape View File

@ -14,5 +14,6 @@
public const string RequestMusic = nameof(RequestMusic);
public const string Disabled = nameof(Disabled);
public const string ReceivesNewsletter = nameof(ReceivesNewsletter);
public const string ManageOwnRequests = nameof(ManageOwnRequests);
}
}

10
src/Ombi.Store/Context/OmbiContext.cs
Unescape View File

@ -145,6 +145,16 @@ namespace Ombi.Store.Context
SaveChanges();
}
var manageOwnRequestsRole = Roles.Where(x => x.Name == OmbiRoles.ManageOwnRequests);
if (!manageOwnRequestsRole.Any())
{
Roles.Add(new IdentityRole(OmbiRoles.ManageOwnRequests)
{
NormalizedName = OmbiRoles.ManageOwnRequests.ToUpper()
});
SaveChanges();
}
// Make sure we have the API User
var apiUserExists = Users.Any(x => x.UserName.Equals("Api", StringComparison.CurrentCultureIgnoreCase));
if (!apiUserExists)

14
src/Ombi/Attributes/UserAttribute.cs
Unescape View File

@ -0,0 +1,14 @@
using Microsoft.AspNetCore.Authorization;
using Ombi.Helpers;
namespace Ombi.Attributes
{
public class UserAttribute : AuthorizeAttribute
{
public UserAttribute()
{
Roles = "ManageOwnRequests";
}
}
}

2
src/Ombi/ClientApp/app/requests/music/musicrequests.component.html
Unescape View File

@ -186,7 +186,7 @@
</div>
<div *ngIf="isAdmin || isRequestUser(request)">
<form id="removeBtn" class="col-md-6">
<form id="removeBtn">
<button (click)="removeRequest(request)" style="text-align: right" class="btn btn-sm btn-danger-outline delete">
<i class="fa fa-minus"></i> {{ 'Requests.Remove' | translate }}
</button>

1
src/Ombi/Controllers/IdentityController.cs
Unescape View File

@ -240,6 +240,7 @@ namespace Ombi.Controllers
await CreateRole(OmbiRoles.RequestTv);
await CreateRole(OmbiRoles.Disabled);
await CreateRole(OmbiRoles.ReceivesNewsletter);
await CreateRole(OmbiRoles.ManageOwnRequests);
}
private async Task CreateRole(string role)

2
src/Ombi/Controllers/MusicRequestController.cs
Unescape View File

@ -88,7 +88,7 @@ namespace Ombi.Controllers
/// <param name="requestId">The request identifier.</param>
/// <returns></returns>
[HttpDelete("{requestId:int}")]
[PowerUser]
[Authorize(Roles = "Admin,PowerUser,ManageOwnRequests")]
public async Task DeleteRequest(int requestId)
{
await _engine.RemoveAlbumRequest(requestId);

6
src/Ombi/Controllers/RequestController.cs
Unescape View File

@ -95,7 +95,7 @@ namespace Ombi.Controllers
/// <param name="requestId">The request identifier.</param>
/// <returns></returns>
[HttpDelete("movie/{requestId:int}")]
[PowerUser]
[Authorize(Roles = "Admin,PowerUser,ManageOwnRequests")]
public async Task DeleteRequest(int requestId)
{
await MovieRequestEngine.RemoveMovieRequest(requestId);
@ -269,7 +269,7 @@ namespace Ombi.Controllers
/// <param name="requestId">The request identifier.</param>
/// <returns></returns>
[HttpDelete("tv/{requestId:int}")]
[PowerUser]
[Authorize(Roles = "Admin,PowerUser,ManageOwnRequests")]
public async Task DeleteTvRequest(int requestId)
{
await TvRequestEngine.RemoveTvRequest(requestId);
@ -380,7 +380,7 @@ namespace Ombi.Controllers
/// </summary>
/// <param name="requestId">The model.</param>
/// <returns></returns>
[PowerUser]
[Authorize(Roles = "Admin,PowerUser,ManageOwnRequests")]
[HttpDelete("tv/child/{requestId:int}")]
public async Task<bool> DeleteChildRequest(int requestId)
{

Write Preview
Loading…
Cancel
Save