diff options
| author | Paul-Christian Volkmer | 2024-03-01 09:30:07 +0100 |
|---|---|---|
| committer | Paul-Christian Volkmer | 2024-03-01 09:30:07 +0100 |
| commit | 5c15ad4518f70e4523405fa67635c4dff1a73e43 (patch) | |
| tree | dda919da7733b3b63cafc9e71fe1dea0f37f18d3 /src/main/resources | |
| parent | 0b6decf88d9084616874d65827e7eb1e8050d1c5 (diff) | |
feat: add user role database table and role-based permissions
Diffstat (limited to 'src/main/resources')
3 files changed, 20 insertions, 5 deletions
diff --git a/src/main/resources/db/migration/mariadb/V0_3_0__UserRoles.sql b/src/main/resources/db/migration/mariadb/V0_3_0__UserRoles.sql new file mode 100644 index 0000000..99399fd --- /dev/null +++ b/src/main/resources/db/migration/mariadb/V0_3_0__UserRoles.sql @@ -0,0 +1,7 @@ +CREATE TABLE IF NOT EXISTS user_role +( + id int auto_increment primary key, + username varchar(255) not null unique, + role varchar(255) not null, + created_at datetime default utc_timestamp() not null +);
\ No newline at end of file diff --git a/src/main/resources/db/migration/postgresql/V0_3_0__UserRoles.sql b/src/main/resources/db/migration/postgresql/V0_3_0__UserRoles.sql new file mode 100644 index 0000000..7dbfc08 --- /dev/null +++ b/src/main/resources/db/migration/postgresql/V0_3_0__UserRoles.sql @@ -0,0 +1,8 @@ +CREATE TABLE IF NOT EXISTS user_role +( + id serial, + username varchar(255) not null unique, + role varchar(255) not null, + created_at timestamp with time zone default now() not null, + PRIMARY KEY (id) +);
\ No newline at end of file diff --git a/src/main/resources/templates/index.html b/src/main/resources/templates/index.html index 3951f66..be3123b 100644 --- a/src/main/resources/templates/index.html +++ b/src/main/resources/templates/index.html @@ -53,17 +53,17 @@ <td th:style="${request.type.value == 'delete'} ? 'color: red;'"><small>[[ ${request.type} ]]</small></td> <td th:if="not ${request.report}">[[ ${request.uuid} ]]</td> <td th:if="${request.report}"> - <th:block sec:authorize="not authenticated">[[ ${request.uuid} ]]</th:block> - <a th:href="@{/report/{id}(id=${request.uuid})}" sec:authorize="authenticated">[[ ${request.uuid} ]]</a> + <a th:href="@{/report/{id}(id=${request.uuid})}" sec:authorize="hasRole('USER') or hasRole('ADMIN')">[[ ${request.uuid} ]]</a> + <th:block sec:authorize="not (hasRole('USER') or hasRole('ADMIN'))">[[ ${request.uuid} ]]</th:block> </td> <td><time th:datetime="${request.processedAt}">[[ ${request.processedAt} ]]</time></td> - <td class="patient-id" th:if="${patientId != null}" sec:authorize="authenticated"> + <td class="patient-id" th:if="${patientId != null}" sec:authorize="hasRole('USER') or hasRole('ADMIN')"> [[ ${request.patientId} ]] </td> - <td class="patient-id" th:if="${patientId == null}" sec:authorize="authenticated"> + <td class="patient-id" th:if="${patientId == null}" sec:authorize="hasRole('USER') or hasRole('ADMIN')"> <a th:href="@{/patient/{pid}(pid=${request.patientId})}">[[ ${request.patientId} ]]</a> </td> - <td class="patient-id" sec:authorize="not authenticated">***</td> + <td class="patient-id" sec:authorize="not (hasRole('USER') or hasRole('ADMIN'))">***</td> </tr> </tbody> </table> |