Fixes #26 Ui to reload server db

model/access.js

@@ -14,7 +14,8 @@ const ACCESS_TO = {
     item: 1,
     tag: 2,
     meta: 3,
-    everything: 4
+    everything: 4,
+    admin: 5
 };
 
 const ACCESS_GRANT = {

router/api.js

@@ -6,7 +6,7 @@ const Security = require('../src/security.js');
 const MediaService = require('../model/mediaService.js');
 const MediaFileMetaModel = require('../model/mediaItemMeta.js').MediaFileMetaModel;
 const MediaFileTagModel = require('../model/mediaItemTag.js').MediaFileTagModel;
-const { AccessModel, ACCESS_TYPE, ACCESS_GRANT } = require('../model/access.js');
+const { AccessModel, ACCESS_TYPE, ACCESS_GRANT, ACCESS_TO } = require('../model/access.js');
 
 function MediaToJson(mediaData) {
     if (!mediaData)
@@ -37,18 +37,25 @@ module.exports = { register: app => {
             return app.routerUtils.httpResponse(res, 400, "Missing argument");
         try {
             for (let i of JSON.parse(req.post.linkIds)) {
-                if (await app.databaseHelper.findOne(AccessModel, { type: ACCESS_TYPE.link, typeData: i }))
-                    Security.addLinkToSession(req, i);
+                const access = await app.databaseHelper.findOne(AccessModel, { type: ACCESS_TYPE.link, typeData: i });
+                if (access) {
+                    Security.addLinkToSession(req, access.id, i);
+                    if (access.accessTo == ACCESS_TO.admin)
+                        Security.setAdmin(req, true);
+                }
             }
         }
         catch (err) {
+            console.error(err);
             return app.routerUtils.onBadRequest(res);
         }
         app.routerUtils.jsonResponse(res, req.sessionObj.accessList);
     });
-    app.router.del("/api/access/:id", (req, res) => {
+    app.router.del("/api/access/:id", async (req, res) => {
         app.routerUtils.onApiRequest(req, res);
-        const result = Security.removeFromSession(req, req.params.id);
+        Security.removeFromSession(req, req.params.id);
+        const access = await app.databaseHelper.fetch(AccessModel, { id: Object.keys(req.sessionObj.accessList).map(i => req.sessionObj.accessList[i]).filter(x => x.dbId).map(x => x.dbId), accessTo: ACCESS_TO.admin });
+        const result = Security.setAdmin(req, !!(access?.length || 0));
         app.routerUtils.jsonResponse(res, result);
     });
     app.router.post("/api/media/:id/tag/del/:tag", async (req, res) => {

src/library.js

@@ -5,7 +5,7 @@ const md5Stats = require('craftlabhttpserver/src/md5sum').stats;
 const md5String = require('craftlabhttpserver/src/md5sum.js').string;
 const FileTypeManager = require('./fileTypeManager.js');
 
-const { ACCESS_TO, AccessModel } = require("../model/access.js");
+const { AccessModel } = require("../model/access.js");
 const CreateConfigLoader = require('../model/configModel.js').ConfigLoader;
 const MediaFileModel = require("../model/mediaItem.js").MediaFileModel;
 const MediaFileMetaModel = require("../model/mediaItemMeta.js").MediaFileMetaModel;

src/security.js

@@ -12,6 +12,7 @@ function getAccessList(cookieObject) {
 }
 
 function Access() {
+    this.dbId = "";
 }
 Access.prototype.id = function() { return ""; }
 
@@ -43,11 +44,19 @@ module.exports.createSession = req => {
     req.cookies[module.exports.SESSION_COOKIE] = sessionKey;
     return { key: sessionKey, data: sessionInfos.data };
 };
-module.exports.addLinkToSession = (req, linkId) => {
+module.exports.setAdmin = (req, val) => {
+    let session = module.exports.getSessionObj(req.cookies);
+    if (!session)
+        return;
+    session.accessList.isAdmin = val;
+    return session.accessList;
+};
+module.exports.addLinkToSession = (req, dbId, linkId) => {
     let session = module.exports.getSessionObj(req.cookies);
     if (!session)
         return;
     let accessItem = new LinkAccess(linkId);
+    accessItem.dbId = dbId;
     session.accessList[accessItem.id()] = accessItem;
     return session.accessList;
 };

static/public/js/uiAccess.js

@@ -73,6 +73,7 @@ window.ReloadAccessList = function(accessList) {
     let items = rootNode.querySelectorAll("li.accessItem");
     for (let i =0; i < items.length; ++i)
         items[i].remove();
+    delete accessList.isAdmin;
     if (Object.keys(accessList||{}).length) {
         let li = document.createElement("li");
         li.classList.add("accessItem");