This enum makes it possible which permissions a user needs to hold to access a specific resource
Signed-off-by: Philip Molares <philip.molares@udo.edu>
The parameters of the permission checking methods were missing a null value for not set user. This is the case if user is not logged in and operating as guest.
Signed-off-by: Yannick Bungers <git@innay.de>
To make the create method easier to use in conjunction
with the authentication framework, this commit changes the type of
the `owner` parameter from `User | undefined` to `User | null`.
Signed-off-by: David Mehren <git@herrmehren.de>
To make the create method more consistent with the
guidelines,
this commit removes the default value from the `primary` parameter.
Signed-off-by: David Mehren <git@herrmehren.de>
To make the create method more consistent with the
guidelines,
this commit removes the default value from the `syncSource` parameter.
An Identity will be created as sync source,
when the associated account is created using an external provider.
Signed-off-by: David Mehren <git@herrmehren.de>
To make the create method more consistent with the
guidelines, this commit adds the `special` flag to
the parameters.
As this function will only be used to create the two hard-coded groups
and to handle API requests at one or two places, adding the parameter
should not be too problematic.
Signed-off-by: David Mehren <git@herrmehren.de>
This was done to give better typings to the function signatures of entities `create` methods.
It also ensures that each field that should be set to `null` is set to `null` and doesn't leave that up to the typeorm handlers.
See: #1641
Signed-off-by: Philip Molares <philip.molares@udo.edu>
The previously used HTTP error 400 'Bad Request' is not really
applicable here, as the client did not send a malformed message.
Signed-off-by: David Mehren <git@herrmehren.de>
This adds a reverse proxy to the backend, that automatically
redirects requests that are not handled by the backend to the React
dev server running on port 3001.
The reverse proxy is only enabled when NODE_ENV is set to
'development'.
Signed-off-by: David Mehren <git@herrmehren.de>
Previously, when an error was encountered while validating
the request, only an HTTP 400 status code was returned to the client.
This adds logging of the error message,
so invalid requests can be debugged.
Signed-off-by: David Mehren <git@herrmehren.de>
This commit makes it possible to identifier notes via any alias in the note and history service.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
One of the aliases can be primary for each note, but all can be used to get information from the apis.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
These guards check if the login or registration are enabled in the config. If so the guarded method is executed, if not the client will get the HTTP Error 400 Forbidden as an answer
Signed-off-by: Philip Molares <philip.molares@udo.edu>
