diff --git a/messages/en.json b/messages/en.json
index 9fe4566..c552f95 100644
--- a/messages/en.json
+++ b/messages/en.json
@@ -21,11 +21,11 @@
"studios": "Studios",
"requests": "Requests",
"submitalbum": "Submit Album",
- "admingrounds": "Admin Grounds",
- "managealbums": "Manage Albums",
- "manageusers": "Manage Users",
- "managerequests": "Manage Requests",
- "managesubmissions": "Manage Submissions",
+ "adminGrounds": "Admin Grounds",
+ "manageAlbums": "Manage Albums",
+ "manageUsers": "Manage Users",
+ "manageRequests": "Manage Requests",
+ "manageSubmissions": "Manage Submissions",
"profilePic": "Profile picture",
"emailSuccess": "An email with further instructions has been sent to the address linked to the account. Check your spam folder.",
"close": "Close",
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
index 94e110b..bbdab2c 100644
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -520,7 +520,7 @@ model users {
updatedAt DateTime @db.DateTime(0)
image String? @db.VarChar(255)
- roles User_Role[]
+ roleList User_Role[]
albumHistories albumHistories[]
comments comments[]
favorites favorites[]
diff --git a/src/components/Header.astro b/src/components/Header.astro
index 163e6d5..5b232f3 100644
--- a/src/components/Header.astro
+++ b/src/components/Header.astro
@@ -14,6 +14,7 @@ import prismaClient from 'utils/prisma-client.js'
const { value: bannerId } = (await prismaClient.config.findUnique({ where: { name: 'banner' } })) ?? {}
const { value: bannerPosition } = (await prismaClient.config.findUnique({ where: { name: 'banner-position' } })) ?? {}
+const { session } = Astro.locals
---
@@ -67,20 +68,33 @@ const { value: bannerPosition } = (await prismaClient.config.findUnique({ where:
-
-
-
+ {
+ session ? (
+ <>
+
+ {m.requests()}
+
+ {m.submitalbum()}
+
+ {m.adminGrounds()}
+
+
+ {m.manageAlbums()}
+
+
+ {m.manageUsers()}
+
+
+ {m.manageRequests()}
+
+
+ {m.manageSubmissions()}
+
+
+
+
+ ) : null
+ }
diff --git a/src/components/header/DropdownItem.astro b/src/components/header/DropdownItem.astro
index 440c0ca..504801a 100644
--- a/src/components/header/DropdownItem.astro
+++ b/src/components/header/DropdownItem.astro
@@ -1,10 +1,14 @@
---
-const { class: className, href } = Astro.props
+const { class: className, href, perms = false } = Astro.props
+const { pages } = Astro.locals
+
+const show = !perms || pages.includes(href)
---
-
-
-
+{
+ show ? (
+
+
+
+ ) : null
+}
diff --git a/src/env.d.ts b/src/env.d.ts
index 6ae6167..3c2ae49 100644
--- a/src/env.d.ts
+++ b/src/env.d.ts
@@ -4,5 +4,7 @@ declare namespace App {
interface Locals {
user: import('better-auth').User | null
session: import('better-auth').Session | null
+ permissions: string[]
+ pages: string[]
}
}
diff --git a/src/middleware.ts b/src/middleware.ts
index 17ce791..00d5d17 100644
--- a/src/middleware.ts
+++ b/src/middleware.ts
@@ -1,6 +1,9 @@
import { auth } from 'auth'
import { defineMiddleware } from 'astro:middleware'
+import PAGES from 'utils/pages.json'
+import prismaClient from 'utils/prisma-client'
+
export const onRequest = defineMiddleware(async (context, next) => {
const isAuthed = await auth.api.getSession({
headers: context.request.headers
@@ -9,9 +12,21 @@ export const onRequest = defineMiddleware(async (context, next) => {
if (isAuthed) {
context.locals.user = isAuthed.user
context.locals.session = isAuthed.session
+
+ const user = await prismaClient.users.findUnique({
+ select: { roleList: { select: { roles: { select: { permissions: true } } } } },
+ where: { id: isAuthed.user.id }
+ })
+ const permissions = (user?.roleList.map((r) => r.roles.permissions).flat() as string[]) ?? []
+ const pages = PAGES.filter((p) => p.perms.some((r) => permissions.includes(r))).map((p) => p.url)
+
+ context.locals.permissions = permissions
+ context.locals.pages = pages
} else {
context.locals.user = null
context.locals.session = null
+ context.locals.permissions = []
+ context.locals.pages = []
}
return next()
diff --git a/src/utils/pages.json b/src/utils/pages.json
new file mode 100644
index 0000000..5598f4b
--- /dev/null
+++ b/src/utils/pages.json
@@ -0,0 +1,26 @@
+[
+ {
+ "url": "/admin/1",
+ "perms": ["UPDATE"]
+ },
+ {
+ "url": "/admin/user",
+ "perms": ["MANAGE_USER"]
+ },
+ {
+ "url": "/admin/album/add",
+ "perms": ["CREATE", "UPDATE"]
+ },
+ {
+ "url": "/admin/album/:id",
+ "perms": ["UPDATE"]
+ },
+ {
+ "url": "/admin/request",
+ "perms": ["REQUESTS"]
+ },
+ {
+ "url": "/admin/submission",
+ "perms": ["REQUESTS"]
+ }
+]