Added Multi-Company Support
This commit is contained in:
@@ -17,8 +17,12 @@ const userSelect = `
|
||||
LEFT JOIN teams t ON t.id = u.team_id
|
||||
`;
|
||||
|
||||
const companies = require('../services/companies');
|
||||
|
||||
function publicAdminUser(id) {
|
||||
return one(`${userSelect} WHERE u.id = ?`, [id]);
|
||||
const user = one(`${userSelect} WHERE u.id = ?`, [id]);
|
||||
if (user) user.company_ids = companies.assignedCompanyIds(user.id);
|
||||
return user;
|
||||
}
|
||||
|
||||
function validateRole(role) {
|
||||
@@ -45,7 +49,8 @@ router.put('/settings', requireCapability('admin.settings'), (req, res) => {
|
||||
});
|
||||
|
||||
router.get('/users', requireCapability('admin.users'), (req, res) => {
|
||||
res.json({ users: all(`${userSelect} ORDER BY u.name`) });
|
||||
const users = all(`${userSelect} ORDER BY u.name`).map((u) => ({ ...u, company_ids: companies.assignedCompanyIds(u.id) }));
|
||||
res.json({ users });
|
||||
});
|
||||
|
||||
router.post('/users', requireCapability('admin.users'), (req, res) => {
|
||||
@@ -77,6 +82,9 @@ router.post('/users', requireCapability('admin.users'), (req, res) => {
|
||||
]
|
||||
);
|
||||
passwordPolicy.recordPassword(result.lastInsertRowid, hash);
|
||||
// Assign company access: the supplied list, else default to the creating admin's active company.
|
||||
const companyIds = Array.isArray(req.body.company_ids) && req.body.company_ids.length ? req.body.company_ids : (req.companyId ? [req.companyId] : []);
|
||||
companies.setUserCompanies(result.lastInsertRowid, companyIds, req.user.id);
|
||||
audit(req.user.id, 'create', 'user', result.lastInsertRowid, null, { ...req.body, password: '[redacted]' });
|
||||
res.status(201).json({ user: publicAdminUser(result.lastInsertRowid) });
|
||||
});
|
||||
@@ -145,6 +153,10 @@ router.put('/users/:id', requireCapability('admin.users'), (req, res) => {
|
||||
passwordPolicy.recordPassword(req.params.id, hash);
|
||||
}
|
||||
|
||||
if (req.body.company_ids !== undefined) {
|
||||
companies.setUserCompanies(req.params.id, req.body.company_ids, req.user.id);
|
||||
}
|
||||
|
||||
const user = publicAdminUser(req.params.id);
|
||||
audit(req.user.id, 'update', 'user', req.params.id, before, { ...user, password: req.body.password ? '[changed]' : undefined });
|
||||
return res.json({ user });
|
||||
|
||||
Reference in New Issue
Block a user