All site access and bug fixes

Author: datajohnson

db/scripts/June_updates.sql

@@ -0,0 +1,18 @@
+INSERT INTO
+  SECURITY.SiteAccessType
+VALUES
+  (4, 'All Sites');
+
+CREATE TABLE [dbo].[PlaceTheme](
+  [Id] [int] IDENTITY(1, 1) NOT NULL,
+  [Category] [nvarchar](100) NOT NULL,
+  [Type] [nvarchar](100) NOT NULL,
+  CONSTRAINT [PK_PlaceTheme] PRIMARY KEY CLUSTERED ([Id] ASC) WITH (
+    PAD_INDEX = OFF,
+    STATISTICS_NORECOMPUTE = OFF,
+    IGNORE_DUP_KEY = OFF,
+    ALLOW_ROW_LOCKS = ON,
+    ALLOW_PAGE_LOCKS = ON
+  ) ON [PRIMARY]
+) ON [PRIMARY]
+GO

src/api/models/site-access-type.ts

@@ -18,4 +18,7 @@ export class SiteAccesType {
 	static get FIRST_NATION(): number {
 		return 3;
 	}
+	static get ALL_SITES(): number {
+		return 4;
+	}
 }

src/api/models/user.ts

@@ -119,4 +119,11 @@ export class User {
 			.filter((a) => a.accessTypeId == SiteAccesType.FIRST_NATION)
 			.map((a) => toInteger(a.accessText));
 	}
+
+	get canAccessAllSites(): boolean {
+		return (
+			this.siteAccess.filter((a) => a.accessTypeId == SiteAccesType.ALL_SITES)
+				.length > 0
+		);
+	}
 }

src/api/policies/base-policy-scope.ts

@@ -19,6 +19,10 @@ export abstract class BasePolicyScope {
 		return this.scope.whereRaw('(1=0)');
 	}
 
+	get unlimitedAccessScope(): Knex.QueryBuilder {
+		return this.scope.whereRaw('(1=1)');
+	}
+
 	get scope(): Knex.QueryBuilder {
 		return this._scope.clone();
 	}

src/api/policies/place-policy-scope.ts

@@ -1,8 +1,7 @@
 import { isEmpty, intersection } from 'lodash';
-import { Knex } from 'knex';
 
 import { BasePolicyScope } from '.';
-import { User, UserRoles } from '../models';
+import { UserRoles } from '../models';
 
 export class PlacePolicyScope extends BasePolicyScope {
 	resolve() {
@@ -29,7 +28,9 @@ export class PlacePolicyScope extends BasePolicyScope {
 			return this.emptyScope;
 		}
 
-		let clauses = [];
+		if (this.user.canAccessAllSites) return this.unlimitedAccessScope;
+
+		const clauses = [];
 		if (!isEmpty(this.user.permittedMapSheets)) {
 			const permittedMapSheets = this.user.permittedMapSheets.join(', ');
 			clauses.push(`NTSMapSheet IN ('${permittedMapSheets}')`);

src/api/policies/place-policy.ts

@@ -10,6 +10,8 @@ export class PlacePolicy extends BasePolicy<Place> {
 
 	show() {
 		if (this.user.roleList.includes(UserRoles.ADMINISTRATOR)) return true;
+		if (this.user.canAccessAllSites) return true;
+
 		if (
 			isEmpty(
 				intersection(this.user.roleList, [

src/api/services/place-service.ts

@@ -567,26 +567,31 @@ export class PlaceService {
 		}
 
 		if (user.site_access) {
-			let mapSheets = user.site_access
+			const mapSheets = user.site_access
 				.filter((a) => a.access_type_id == 1)
 				.map((a) => a.access_text);
-			let communities = user.site_access
+			const communities = user.site_access
 				.filter((a) => a.access_type_id == 2)
 				.map((a) => a.access_text);
-			let firstNations = user.site_access
+			const firstNations = user.site_access
 				.filter((a) => a.access_type_id == 3)
 				.map((a) => a.access_text);
+			const allAccess = user.site_access.find((a) => a.access_type_id == 4);
 
 			let scope = '(1=0';
 
-			if (mapSheets.length > 0)
-				scope += ` OR NTSMapSheet IN ('${mapSheets.join("','")}')`;
-			if (communities.length > 0)
-				scope += ` OR CommunityId IN (${communities.join(',')})`;
-			if (firstNations.length > 0)
-				scope += ` OR [FirstNationAssociation].[FirstNationId] IN (${firstNations.join(
-					','
-				)})`;
+			if (allAccess) {
+				scope += ' OR 1=1';
+			} else {
+				if (mapSheets.length > 0)
+					scope += ` OR NTSMapSheet IN ('${mapSheets.join("','")}')`;
+				if (communities.length > 0)
+					scope += ` OR CommunityId IN (${communities.join(',')})`;
+				if (firstNations.length > 0)
+					scope += ` OR [FirstNationAssociation].[FirstNationId] IN (${firstNations.join(
+						','
+					)})`;
+			}
 
 			scope += ')';
 

src/api/services/user-service.ts

@@ -27,25 +27,23 @@ export class UserService {
 	}
 
 	async getByEmail(email: string): Promise<User | undefined> {
-		let user = await this.knex("Security.User").where({ email }).first();
+		let user = await this.knex('Security.User').where({ email }).first();
 
-		if (user)
-			return this.loadDetails(user);
+		if (user) return this.loadDetails(user);
 
 		return undefined;
 	}
 
 	async getById(id: number): Promise<User | undefined> {
-		let user = await this.knex("Security.User").where({ id }).first();
+		let user = await this.knex('Security.User').where({ id }).first();
 
-		if (user)
-			return this.loadDetails(user);
+		if (user) return this.loadDetails(user);
 
 		return undefined;
 	}
 
 	async getAll(): Promise<User[]> {
-		let list = await this.knex("Security.User");
+		let list = await this.knex('Security.User');
 
 		for (let user of list) {
 			await this.loadDetails(user);
@@ -68,8 +66,8 @@ export class UserService {
 				return [];
 			});
 
-		let allCommunities = await this.knex("Community");
-		let allFirstNations = await this.knex("FirstNation")
+		let allCommunities = await this.knex('Community');
+		let allFirstNations = await this.knex('FirstNation');
 
 		for (let access of user.site_access) {
 			switch (access.access_type_id) {
@@ -80,16 +78,22 @@ export class UserService {
 				case SiteAccesType.COMMUNITY:
 					access.access_type_name = 'Community';
 					access.access_text = parseInt(access.access_text.toString());
-					let cm = allCommunities.filter((c: any) => c.Id == access.access_text)
-					if (cm.length > 0)
-						access.access_text_name = cm[0].Name;
+					let cm = allCommunities.filter(
+						(c: any) => c.Id == access.access_text
+					);
+					if (cm.length > 0) access.access_text_name = cm[0].Name;
 					break;
 				case SiteAccesType.FIRST_NATION:
 					access.access_type_name = 'First Nation';
 					access.access_text = parseInt(access.access_text.toString());
-					let fn = allFirstNations.filter((c: any) => c.Id == access.access_text)
-					if (fn.length > 0)
-						access.access_text_name = fn[0].Description;
+					let fn = allFirstNations.filter(
+						(c: any) => c.Id == access.access_text
+					);
+					if (fn.length > 0) access.access_text_name = fn[0].Description;
+					break;
+				case SiteAccesType.ALL_SITES:
+					access.access_type_name = 'All Sites';
+					access.access_text = '';
 					break;
 			}
 		}
@@ -98,34 +102,46 @@ export class UserService {
 	}
 
 	async update(id: any, value: any) {
-		if (value.role_list)
-			value.roles = value.role_list.join(", ");
-		else
-			value.roles = "";
+		if (value.role_list) value.roles = value.role_list.join(', ');
+		else value.roles = '';
 
 		delete value.role_list;
-		await this.knex("Security.User").where({ id }).update(value);
+		await this.knex('Security.User').where({ id }).update(value);
 	}
 
-	async create(email: string, first_name: string, last_name: string): Promise<User[]> {
+	async create(
+		email: string,
+		first_name: string,
+		last_name: string
+	): Promise<User[]> {
 		email = email.toLocaleLowerCase();
-		console.log("-- Creating User account for " + email);
-		return this.knex("Security.User").insert({ email, first_name, last_name, last_login_date: new Date(), status: "Pending" }).returning("*")
+		console.log('-- Creating User account for ' + email);
+		return this.knex('Security.User')
+			.insert({
+				email,
+				first_name,
+				last_name,
+				last_login_date: new Date(),
+				status: 'Pending',
+			})
+			.returning('*');
 	}
 
 	async updateLoginDate(user: User): Promise<any> {
-		return this.knex("Security.User").where({ id: user.id }).update({ last_login_date: new Date() });
+		return this.knex('Security.User')
+			.where({ id: user.id })
+			.update({ last_login_date: new Date() });
 	}
 
 	createAccess(value: any): Promise<any> {
-		return this.knex("Security.UserSiteAccess").insert(value);
+		return this.knex('Security.UserSiteAccess').insert(value);
 	}
 
 	updateAccess(id: any, value: any): Promise<any> {
-		return this.knex("Security.UserSiteAccess").where({ id }).update(value);
+		return this.knex('Security.UserSiteAccess').where({ id }).update(value);
 	}
 
 	deleteAccess(id: any): Promise<any> {
-		return this.knex("Security.UserSiteAccess").where({ id }).delete()
+		return this.knex('Security.UserSiteAccess').where({ id }).delete();
 	}
 }