tethys.backend/start/routes.ts
Arno Kaimbacher b2dce0259a - npm updates
- Admins can no longer delete any users or roles
- Additionally, the name of a role in edit mode is now read-only
- extra new SetupConfirmation.vue compoenent for verifying qrcode 2FA
- adapted ci.yaml
2024-02-14 13:47:10 +01:00

295 lines
12 KiB
TypeScript

/*
|--------------------------------------------------------------------------
| Routes
|--------------------------------------------------------------------------
|
| This file is dedicated for defining HTTP routes. A single file is enough
| for majority of projects, however you can define routes in different
| files and just make sure to import them inside this file. For example
|
| Define routes in following two files
| ├── start/routes/cart.ts
| ├── start/routes/customer.ts
|
| and then import them inside `start/routes.ts` as follows
|
| import './routes/cart'
| import './routes/customer''
|
*/
import Route from '@ioc:Adonis/Core/Route';
// import Inertia from '@ioc:EidelLev/Inertia';
import AuthValidator from 'App/Validators/AuthValidator';
import HealthCheck from '@ioc:Adonis/Core/HealthCheck';
import User from 'App/Models/User';
// import AuthController from 'App/Controllers/Http/Auth/AuthController';
import './routes/api';
Route.get('health', async ({ response }) => {
const report = await HealthCheck.getReport();
return report.healthy ? response.ok(report) : response.badRequest(report);
});
//oai:
// Route.get( '/oai', 'Oai/RequestController.index').as('oai');
Route.group(() => {
Route.get('/oai', 'Oai/OaiController.index').as('get');
Route.post('/oai', 'Oai/OaiController.index').as('post');
}).as('oai');
// Route.inertia('/about', 'App');
//old solution:
Route.get('/welcome', async ({ view }) => {
return view.render('welcome');
}).as('welcome');
Route.get('/', async ({ response }) => {
return response.redirect().toRoute('apps.dashboard');
}).as('dashboard');
Route.group(() => {
Route.get('/dashboard', async ({ inertia }) => {
return inertia.render('Dashboard');
}).as('dashboard');
Route.get('/map', async ({ inertia }) => {
return inertia.render('Map');
}).as('map');
Route.get('/', async ({ inertia }) => {
const users = await User.query().orderBy('login');
return inertia.render('App', {
testing: 'this is a test',
users: users,
});
}).as('index');
// Route.get('/login', async ({ inertia }) => {
// return inertia.render('Auth/Login');
// }).as('login.show');
Route.get('/register', async ({ inertia }) => {
return inertia.render('register-view/register-view-component');
}).as('register.show');
Route.post('/register', async ({ request, response }) => {
console.log({
registerBody: request.body(),
});
const data = await request.validate(AuthValidator);
console.log({ data });
return response.redirect().toRoute('app.index');
}).as('register.store');
})
.prefix('apps')
.as('apps')
.middleware('auth');
// Route.on("/login").render("signin");
Route.get('/app/login', async ({ inertia }) => {
return inertia.render('Auth/Login');
}).as('app.login.show');
// Route.post("/login", "Users/AuthController.login");
Route.post('/app/login', 'Auth/AuthController.login').as('login.store');
// Route.on("/signup").render("signup");
// Route.post("/signup", "AuthController.signup");
Route.post('/signout', 'Auth/AuthController.logout').as('logout');
// administrator
Route.group(() => {
Route.get('/settings', async ({ inertia }) => {
return inertia.render('Admin/Settings');
}).as('overview');
// user routes
Route.get('/user', 'UsersController.index').as('user.index').middleware(['can:user-list']);
Route.get('/user/create', 'UsersController.create').as('user.create').middleware(['can:user-create']);
Route.post('/user/store', 'UsersController.store').as('user.store').middleware(['can:user-create']);
Route.get('/user/:id', 'UsersController.show').as('user.show').where('id', Route.matchers.number());
Route.get('/user/:id/edit', 'UsersController.edit').as('user.edit').where('id', Route.matchers.number()).middleware(['can:user-edit']);
Route.put('/user/:id/update', 'UsersController.update')
.as('user.update')
.where('id', Route.matchers.number())
.middleware(['can:user-edit']);
// Route.delete('/user/:id', 'UsersController.destroy')
// .as('user.destroy')
// .where('id', Route.matchers.number())
// .middleware(['can:user-delete']);
// Route.resource('user', 'UsersController');
Route.get('/role', 'RoleController.index').as('role.index').middleware(['can:user-list']);
Route.get('/role/create', 'RoleController.create').as('role.create').middleware(['can:user-create']);
Route.post('/role/store', 'RoleController.store').as('role.store').middleware(['can:user-create']);
Route.get('/role/:id', 'RoleController.show').as('role.show').where('id', Route.matchers.number());
Route.get('/role/:id/edit', 'RoleController.edit').as('role.edit').where('id', Route.matchers.number()).middleware(['can:user-edit']);
Route.put('/role/:id/update', 'RoleController.update')
.as('role.update')
.where('id', Route.matchers.number())
.middleware(['can:user-edit']);
// Route.delete('/role/:id', 'RoleController.destroy')
// .as('role.destroy')
// .where('id', Route.matchers.number())
// .middleware(['can:user-delete']);
})
.namespace('App/Controllers/Http/Admin')
.prefix('admin')
.as('settings')
// .middleware(['auth', 'can:dataset-list,dataset-publish']);
.middleware(['auth', 'is:administrator,moderator']);
Route.get('/settings/user/security', 'UserController.accountInfo')
.as('settings.user')
.namespace('App/Controllers/Http/Auth')
.middleware(['auth']);
Route.post('/settings/user/store', 'UserController.accountInfoStore')
.as('account.password.store')
.namespace('App/Controllers/Http/Auth')
.middleware(['auth']);
// Route::post('change-password', 'UserController@changePasswordStore')->name('admin.account.password.store');
Route.post('/settings/user/enable2fa', 'UserController.enableTwoFactorAuthentication')
.as('account.password.enable2fa')
.namespace('App/Controllers/Http/Auth')
.middleware(['auth']);
Route.post('/settings/user/disable2fa', 'UserController.disableTwoFactorAuthentication')
.as('account.password.disable2fa')
.namespace('App/Controllers/Http/Auth')
.middleware(['auth']);
// submitter:
Route.group(() => {
// Route.get('/user', 'UsersController.index').as('user.index');
Route.get('/dataset', 'DatasetController.index').as('dataset.list').middleware(['auth', 'can:dataset-list']);
Route.get('/dataset/create', 'DatasetController.create').as('dataset.create').middleware(['auth', 'can:dataset-submit']);
Route.post('/dataset/first/first-step', 'DatasetController.firstStep')
.as('dataset.first.step')
.middleware(['auth', 'can:dataset-submit']);
Route.post('/dataset/second/second-step', 'DatasetController.secondStep')
.as('dataset.second.step')
.middleware(['auth', 'can:dataset-submit']);
Route.post('/dataset/second/third-step', 'DatasetController.thirdStep')
.as('dataset.third.step')
.middleware(['auth', 'can:dataset-submit']);
Route.post('/dataset/submit', 'DatasetController.store').as('dataset.submit').middleware(['auth', 'can:dataset-submit']);
Route.get('/dataset/:id/release', 'DatasetController.release')
.as('dataset.release')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-edit']);
Route.put('/dataset/:id/releaseupdate', 'DatasetController.releaseUpdate')
.as('dataset.releaseUpdate')
.middleware(['auth', 'can:dataset-edit']);
Route.get('/dataset/:id/edit', 'DatasetController.edit')
.as('dataset.edit')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-edit']);
Route.put('/dataset/:id/update', 'DatasetController.update')
.as('dataset.update')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-edit']);
Route.get('/dataset/:id/delete', 'DatasetController.delete').as('dataset.delete').middleware(['auth', 'can:dataset-delete']);
Route.put('/dataset/:id/deleteupdate', 'DatasetController.deleteUpdate')
.as('dataset.deleteUpdate')
.middleware(['auth', 'can:dataset-delete']);
Route.get('/person', 'PersonController.index').as('person.index').middleware(['auth']);
// Route.get('/user/:id/edit', 'UsersController.edit').as('settings.user.edit').where('id', Route.matchers.number());
// Route.put('/user/:id/update', 'UsersController.update').as('user.update').where('id', Route.matchers.number());
// Route.delete('/user/:id', 'UsersController.destroy').as('user.destroy').where('id', Route.matchers.number());
// Route.resource('user', 'DatasetController');
})
.namespace('App/Controllers/Http/Submitter')
.prefix('submitter');
// .middleware(['auth', 'can:dataset-list,dataset-publish']);
// .middleware(['auth', 'is:submitter']);
// editor:
Route.group(() => {
Route.get('/dataset', 'DatasetController.index').as('editor.dataset.list').middleware(['auth', 'can:dataset-editor-list']);
Route.get('dataset/:id/receive', 'DatasetController.receive')
.as('editor.dataset.receive')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-receive']);
Route.put('dataset/:id/receive', 'DatasetController.receiveUpdate')
.as('editor.dataset.receiveUpdate')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-receive']);
Route.get('dataset/:id/approve', 'DatasetController.approve')
.as('editor.dataset.approve')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-approve']);
Route.put('dataset/:id/approve', 'DatasetController.approveUpdate')
.as('editor.dataset.approveUpdate')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-approve']);
Route.get('dataset/:id/publish', 'DatasetController.publish')
.as('editor.dataset.publish')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-publish']);
Route.put('dataset/:id/publish', 'DatasetController.publishUpdate')
.as('editor.dataset.publishUpdate')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-publish']);
Route.get('dataset/:id/doi', 'DatasetController.doiCreate')
.as('editor.dataset.doi')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-publish']);
Route.put('dataset/:publish_id/doi', 'DatasetController.doiStore')
.as('editor.dataset.doiStore')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-publish']);
Route.put('/dataset/:id/update', 'DatasetController.update')
.as('editor.dataset.update')
.middleware(['auth', 'can:dataset-editor-edit']);
})
.namespace('App/Controllers/Http/Editor')
.prefix('editor');
// reviewer:
Route.group(() => {
Route.get('/dataset', 'DatasetController.index').as('reviewer.dataset.list').middleware(['auth', 'can:dataset-review-list']);
Route.get('dataset/:id/review', 'DatasetController.review')
.as('reviewer.dataset.review')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-review']);
Route.put('dataset/:id/review', 'DatasetController.reviewUpdate')
.as('reviewer.dataset.reviewUpdate')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-review']);
Route.get('dataset/:id/reject', 'DatasetController.reject')
.as('reviewer.dataset.reject')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-review-reject']);
Route.put('dataset/:id/reject', 'DatasetController.rejectUpdate')
.as('reviewer.dataset.rejectUpdate')
.where('id', Route.matchers.number())
.middleware(['auth', 'can:dataset-review-reject']);
// Route.put('dataset/:id/approve', 'DatasetController.approveUpdate')
// .as('editor.dataset.approveUpdate')
// .where('id', Route.matchers.number())
// .middleware(['auth', 'can:dataset-approve']);
// Route.put('/dataset/:id/update', 'DatasetController.update')
// .as('editor.dataset.update')
// .middleware(['auth', 'can:dataset-editor-edit']);
})
.namespace('App/Controllers/Http/Reviewer')
.prefix('reviewer');