server/users: let administrators add new users

* Added functionality for administrators to directly add users to the application * Added permission users:create:any to handle level that users are allowed to create other users * Moved old permission users:create to users:create:self
2025-07-17 08:26:24 +00:00 · 2018-02-23 22:05:58 -06:00
parent a1fbeb91a0
commit 4b3529272e
5 changed files with 28 additions and 10 deletions
--- a/client/js/controllers/user_registration_controller.js
+++ b/client/js/controllers/user_registration_controller.js
@ -10,7 +10,7 @@ const EmptyView = require('../views/empty_view.js');

 class UserRegistrationController {
    constructor() {
-        if (!api.hasPrivilege('users:create')) {
+        if (!api.hasPrivilege('users:create:self')) {
            this._view = new EmptyView();
            this._view.showError('Registration is closed.');
            return;
@ -29,12 +29,22 @@ class UserRegistrationController {
        user.name = e.detail.name;
        user.email = e.detail.email;
        user.password = e.detail.password;
+        const isLoggedIn = api.isLoggedIn();
        user.save().then(() => {
-            api.forget();
-            return api.login(e.detail.name, e.detail.password, false);
+            if (isLoggedIn) {
+                return Promise.resolve();
+            } else {
+                api.forget();
+                return api.login(e.detail.name, e.detail.password, false);
+            }
        }).then(() => {
-            const ctx = router.show(uri.formatClientLink());
-            ctx.controller.showSuccess('Welcome aboard!');
+            if (isLoggedIn) {
+                const ctx = router.show(uri.formatClientLink('users'));
+                ctx.controller.showSuccess('User added!');
+            } else {
+                const ctx = router.show(uri.formatClientLink());
+                ctx.controller.showSuccess('Welcome aboard!');
+            }
        }, error => {
            this._view.showError(error.message);
            this._view.enableForm();