Update:Give full permissions to admin users except updating root or viewing root api token #137

2026-01-04 01:59:36 +00:00 · 2022-05-03 19:16:16 -05:00 · 2022-05-03 19:16:16 -05:00 · 2e070227ab
commit 2e070227ab
parent 195a30096f
17 changed files with 75 additions and 71 deletions
--- a/client/pages/audiobook/_id/edit.vue
+++ b/client/pages/audiobook/_id/edit.vue
@ -134,9 +134,6 @@ export default {
    showExperimentalFeatures() {
      return this.$store.state.showExperimentalFeatures
    },
-    isRootUser() {
-      return this.$store.getters['user/getIsRoot']
-    },
    media() {
      return this.libraryItem.media || {}
    },
--- a/client/pages/config.vue
+++ b/client/pages/config.vue
@ -15,7 +15,7 @@
 <script>
 export default {
  asyncData({ store, redirect, route }) {
-    if (!store.getters['user/getIsRoot']) {
+    if (!store.getters['user/getIsAdminOrUp']) {
      // Non-Root user only has access to the listening stats page
      if (route.name !== 'config-stats') {
        redirect('/config/stats')
--- a/client/pages/config/log.vue
+++ b/client/pages/config/log.vue
@ -34,11 +34,6 @@

 <script>
 export default {
-  asyncData({ store, redirect }) {
-    if (!store.getters['user/getIsRoot']) {
-      redirect('/?error=unauthorized')
-    }
-  },
  data() {
    return {
      search: null,
--- a/client/pages/config/users/_id.vue
+++ b/client/pages/config/users/_id.vue
@ -14,7 +14,7 @@
        <h1 class="text-xl pl-2">{{ username }}</h1>
      </div>
      <div class="cursor-pointer text-gray-400 hover:text-white" @click="copyToClipboard(userToken)">
-        <p class="py-2 text-xs">
+        <p v-if="userToken" class="py-2 text-xs">
          <strong class="text-white">API Token: </strong><br /><span class="text-white">{{ userToken }}</span
          ><span class="material-icons pl-2 text-base">content_copy</span>
        </p>