From 167af90f20ffe5318f67ee1c49281497262a0f9d Mon Sep 17 00:00:00 2001
From: Sven Heidemann <sven.heidemann@sh-edraft.de>
Date: Mon, 21 Feb 2022 18:27:20 +0100
Subject: [PATCH] Improved permissions

---
 src/app/app-routing.module.ts                        |  2 +-
 src/app/components/sidebar/sidebar.component.ts      |  2 +-
 src/app/models/auth/auth-roles.enum.ts               |  4 ++--
 src/app/models/auth/register-error-messages.enum.ts  |  1 +
 .../components/auth-user/auth-user.component.ts      |  8 ++++++--
 src/app/modules/shared/guards/auth/auth.guard.ts     | 12 +++++++-----
 src/app/services/auth/auth.service.ts                |  2 +-
 src/assets/i18n/de.json                              |  2 ++
 src/assets/i18n/en.json                              |  2 ++
 9 files changed, 23 insertions(+), 12 deletions(-)

diff --git a/src/app/app-routing.module.ts b/src/app/app-routing.module.ts
index 8832205..d6fb859 100644
--- a/src/app/app-routing.module.ts
+++ b/src/app/app-routing.module.ts
@@ -10,7 +10,7 @@ const routes: Routes = [
   { path: 'home', component: HomeComponent, pathMatch: 'full' },
   { path: 'host', loadChildren: () => import('./modules/view/host/host.module').then(m => m.HostModule), canActivate: [AuthGuard], data: { role: AuthRoles.Admin } },
   { path: 'gameserver', loadChildren: () => import('./modules/view/gameserver/gameserver.module').then(m => m.GameserverModule), canActivate: [AuthGuard], data: { role: AuthRoles.User } },
-  { path: 'support', loadChildren: () => import('./modules/view/support/support.module').then(m => m.SupportModule), canActivate: [AuthGuard], data: { role: AuthRoles.Support } },
+  { path: 'support', loadChildren: () => import('./modules/view/support/support.module').then(m => m.SupportModule), canActivate: [AuthGuard], data: { role: AuthRoles.Supporter } },
   { path: 'change-password', loadChildren: () => import('./modules/view/change-password/change-password.module').then(m => m.ChangePasswordModule), canActivate: [AuthGuard] },
   { path: 'user-settings', loadChildren: () => import('./modules/view/user-settings/user-settings.module').then(m => m.UserSettingsModule), canActivate: [AuthGuard] },
   { path: 'auth', loadChildren: () => import('./modules/auth/auth.module').then(m => m.AuthModule) },
diff --git a/src/app/components/sidebar/sidebar.component.ts b/src/app/components/sidebar/sidebar.component.ts
index 7ce0d94..6378fd8 100644
--- a/src/app/components/sidebar/sidebar.component.ts
+++ b/src/app/components/sidebar/sidebar.component.ts
@@ -38,7 +38,7 @@ export class SidebarComponent implements OnInit, OnChanges {
       );
     }
 
-    if (await this.authService.hasUserPermission(AuthRoles.Support) && !await this.authService.hasUserPermission(AuthRoles.Admin)) {
+    if (await this.authService.hasUserPermission(AuthRoles.Supporter) && !await this.authService.hasUserPermission(AuthRoles.Admin)) {
       this.menuItems.push(
         { label: isSidebarOpen ? this.translateService.instant('sidebar.support') : '', icon: 'pi pi-ticket', routerLink: 'support' },
       );
diff --git a/src/app/models/auth/auth-roles.enum.ts b/src/app/models/auth/auth-roles.enum.ts
index 9bfee1a..8fccf85 100644
--- a/src/app/models/auth/auth-roles.enum.ts
+++ b/src/app/models/auth/auth-roles.enum.ts
@@ -1,5 +1,5 @@
 export enum AuthRoles {
-    User = 0,
-    Support = 1,
+    Supporter = 0,
+    User = 1,
     Admin = 2
 }
diff --git a/src/app/models/auth/register-error-messages.enum.ts b/src/app/models/auth/register-error-messages.enum.ts
index 31ffc50..3bfabbe 100644
--- a/src/app/models/auth/register-error-messages.enum.ts
+++ b/src/app/models/auth/register-error-messages.enum.ts
@@ -1,4 +1,5 @@
 export enum RegisterErrorMessages {
     InvalidEMail = "Invalid E-Mail",
     UserAlreadyExists = "User already exists",
+    ConfirmationFailed = "Confirmation failed",
 }
\ No newline at end of file
diff --git a/src/app/modules/admin/auth-users/components/auth-user/auth-user.component.ts b/src/app/modules/admin/auth-users/components/auth-user/auth-user.component.ts
index 67e4808..9878ed5 100644
--- a/src/app/modules/admin/auth-users/components/auth-user/auth-user.component.ts
+++ b/src/app/modules/admin/auth-users/components/auth-user/auth-user.component.ts
@@ -34,6 +34,7 @@ export class AuthUserComponent implements OnInit {
 
   authRoles = [
     { label: AuthRoles[AuthRoles.User].toString(), value: AuthRoles.User },
+    { label: AuthRoles[AuthRoles.Supporter].toString(), value: AuthRoles.Supporter },
     { label: AuthRoles[AuthRoles.Admin].toString(), value: AuthRoles.Admin }
   ]
 
@@ -212,6 +213,7 @@ export class AuthUserComponent implements OnInit {
       this.spinnerService.showSpinner();
       this.authService.register(newUser).pipe(catchError(error => {
         this.spinnerService.hideSpinner();
+        console.log(error, error.error);
 
         if (error.error !== null) {
           const err: ErrorDTO = error.error;
@@ -219,7 +221,10 @@ export class AuthUserComponent implements OnInit {
           if (err.errorCode === ServiceErrorCode.InvalidData && err.message === RegisterErrorMessages.InvalidEMail) {
             this.isEMailInvalid = true;
             this.toastService.error(this.translate.instant('admin.auth_users.message.invalid_email'), this.translate.instant('admin.auth_users.message.invalid_email_d', { eMail: newUser.eMail }));
-          } else if (err.errorCode === ServiceErrorCode.InvalidUser && err.message === RegisterErrorMessages.UserAlreadyExists) {
+          } else if (err.errorCode === ServiceErrorCode.MailError && err.message === RegisterErrorMessages.ConfirmationFailed) {
+            this.isEMailInvalid = true;
+            this.toastService.error(this.translate.instant('admin.auth_users.message.confirmation_failed'), this.translate.instant('admin.auth_users.message.confirmation_failed_d', { eMail: newUser.eMail }));
+          }else if (err.errorCode === ServiceErrorCode.InvalidUser && err.message === RegisterErrorMessages.UserAlreadyExists) {
             this.isEMailInvalid = true;
             this.toastService.error(this.translate.instant('admin.auth_users.message.user_already_exists'), this.translate.instant('admin.auth_users.message.user_already_exists_d', { eMail: newUser.eMail }));
           }
@@ -304,7 +309,6 @@ export class AuthUserComponent implements OnInit {
   addUser(table: Table) {
     const newUser = JSON.parse(JSON.stringify(this.newUserTemplate));
     newUser.id = Math.max.apply(Math, this.users.map(function (u) { return u.id; })) + 1;
-    console.log(newUser);
 
     this.users.push(newUser);
     this.triggerUserChangeDetection();
diff --git a/src/app/modules/shared/guards/auth/auth.guard.ts b/src/app/modules/shared/guards/auth/auth.guard.ts
index 324ff05..7e5a1b4 100644
--- a/src/app/modules/shared/guards/auth/auth.guard.ts
+++ b/src/app/modules/shared/guards/auth/auth.guard.ts
@@ -27,11 +27,13 @@ export class AuthGuard implements CanActivate {
     }
 
     const role = route.data.role;
-    if (role) {
-      if (!await this.authService.hasUserPermission(role)) {
-        this.router.navigate(['/home']);
-        return false;
-      }
+    if (role == null) {
+      return false;
+    }
+    
+    if (!await this.authService.hasUserPermission(role)) {
+      this.router.navigate(['/home']);
+      return false;
     }
     return true;
   }
diff --git a/src/app/services/auth/auth.service.ts b/src/app/services/auth/auth.service.ts
index d4b9875..216160f 100644
--- a/src/app/services/auth/auth.service.ts
+++ b/src/app/services/auth/auth.service.ts
@@ -226,7 +226,7 @@ export class AuthService {
   }
 
   async hasUserPermission(role: AuthRoles): Promise<boolean> {
-    if (!role || !await this.isUserLoggedInAsync()) {
+    if (role == null || !await this.isUserLoggedInAsync()) {
       return false;
     }
     const token = this.getDecodedToken();
diff --git a/src/assets/i18n/de.json b/src/assets/i18n/de.json
index 8bb5e16..8d3fa41 100644
--- a/src/assets/i18n/de.json
+++ b/src/assets/i18n/de.json
@@ -67,6 +67,8 @@
             "message": {
                 "invalid_email": "Ungültige E-Mail",
                 "invalid_email_d": "Die E-Mail {{eMail}} ist nicht gültig!",
+                "confirmation_failed": "Bestätigung fehlgeschlagen",
+                "confirmation_failed_d": "Bestätigung des Benutzers {{eMail}} fehlgeschlagen!",
                 "user_already_exists": "Benutzer existiert bereits",
                 "user_already_exists_d": "Der Benutzer {{eMail}} existiert bereits!",
                 "user_added": "Benutzer hinzugefügt",
diff --git a/src/assets/i18n/en.json b/src/assets/i18n/en.json
index d9881f9..d27a7e8 100644
--- a/src/assets/i18n/en.json
+++ b/src/assets/i18n/en.json
@@ -67,6 +67,8 @@
             "message": {
                 "invalid_email": "Invalid E-Mail",
                 "invalid_email_d": "The e-mail {{eMail}} is not valid!",
+                "confirmation_failed": "Confirmation failed",
+                "confirmation_failed_d": "Confirmation of user {{eMail}} failed!",
                 "user_already_exists": "User already exists",
                 "user_already_exists_d": "The user {{eMail}} already exists!",
                 "user_added": "User added",