diff --git a/core/src/main/java/de/srsoftware/umbrella/core/constants/Text.java b/core/src/main/java/de/srsoftware/umbrella/core/constants/Text.java index 1b27632d..41aab871 100644 --- a/core/src/main/java/de/srsoftware/umbrella/core/constants/Text.java +++ b/core/src/main/java/de/srsoftware/umbrella/core/constants/Text.java @@ -40,11 +40,12 @@ public class Text { public static final String MESSAGE = "message"; public static final String MESSAGES = "messages"; - public static final String NOT_ALLOWED_TO_EDIT = "You are not allowed to edit {object}!"; - public static final String NOTE = "note"; - public static final String NOTES = "notes"; - public static final String NOTE_WITH_ID = "note ({id})"; - public static final String NUMBER = "number"; + public static final String NOT_ALLOWED_TO_EDIT = "You are not allowed to edit {object}!"; + public static final String NOT_ALLOWED_TO_EVALUATE = "You are not allowed to evaluate this {object}!"; + public static final String NOTE = "note"; + public static final String NOTES = "notes"; + public static final String NOTE_WITH_ID = "note ({id})"; + public static final String NUMBER = "number"; public static final Object OPTION = "option" ; diff --git a/frontend/src/routes/poll/Evaluate.svelte b/frontend/src/routes/poll/Evaluate.svelte index 521b9692..c1517185 100644 --- a/frontend/src/routes/poll/Evaluate.svelte +++ b/frontend/src/routes/poll/Evaluate.svelte @@ -38,10 +38,10 @@ border: 1px solid lime; vertical-align: bottom; position: relative; - width: 15px; + width: 20px; } .histogram{ - height: 40px; + height: 60px; } .histogram span span{ position: absolute; @@ -73,9 +73,7 @@ {#each Object.entries(hist) as [weight,count]} - - {weight} - + {weight} {/each} diff --git a/frontend/src/routes/poll/View.svelte b/frontend/src/routes/poll/View.svelte index 8f388ff0..3fbe9567 100644 --- a/frontend/src/routes/poll/View.svelte +++ b/frontend/src/routes/poll/View.svelte @@ -8,7 +8,8 @@ import { t } from '../../translations.svelte'; let poll = $state(null); let selection = $state({}); - let editor = user ? { name: user.name, user_id : user.id } : { name : '', user_id : -1 }; + let editor = $state(user ? { name: user.name, user_id : user.id } : { name : '', user_id : -1 }) + let disabled = $state(false); async function load(){ let url = api('poll/'+id); @@ -20,7 +21,7 @@ } async function save(ev){ - console.log({ev,editor,selection}); + disabled = true; let url = api(`poll/${id}/select`); let res = await post(url,{editor,selection}); if (res.ok) { @@ -29,6 +30,7 @@ } function select(option,weight){ + disabled = false; selection[option.id] = +weight; } @@ -95,9 +97,8 @@ {/each} - {#if Object.keys(selection).length} - - {/if} +
TODO: add notes
+
TODO: load previous selection for logged-in user
{/if} \ No newline at end of file diff --git a/poll/src/main/java/de/srsoftware/umbrella/poll/PollModule.java b/poll/src/main/java/de/srsoftware/umbrella/poll/PollModule.java index 1c2a49a0..5773d549 100644 --- a/poll/src/main/java/de/srsoftware/umbrella/poll/PollModule.java +++ b/poll/src/main/java/de/srsoftware/umbrella/poll/PollModule.java @@ -97,6 +97,7 @@ public class PollModule extends BaseHandler implements PollService { var poll = pollDb.loadPoll(pollId); var permitted = !poll.isPrivate() || poll.owner().equals(user); if (!permitted && poll.permissions().get(user) == null) throw forbidden(Text.NOT_ALLOWED_TO_EDIT, Field.OBJECT,Text.POLL); + var eval = pollDb.loadEvaluation(pollId); return sendContent(ex,poll); } @@ -104,8 +105,15 @@ public class PollModule extends BaseHandler implements PollService { if (user == null) return unauthorized(ex); if (path.empty()) throw missingField(ID); var poll = pollDb.loadPoll(path.pop()); - var permitted = poll.owner().equals(user); - if (!permitted && !Set.of(Permission.EDIT, Permission.OWNER).contains(poll.permissions().get(user))) throw forbidden(Text.NOT_ALLOWED_TO_EDIT, Field.OBJECT,Text.POLL); + if (!poll.owner().equals(user)) { + switch (poll.permissions().get(user)) { + case Permission.EDIT: + case Permission.OWNER: + break; + case null, default: + throw forbidden(Text.NOT_ALLOWED_TO_EVALUATE, Field.OBJECT, Text.POLL); + } + } var result = new HashMap<>(poll.toMap()); var evaluation = pollDb.loadEvaluation(poll.id()); result.put(Field.EVALUATION,evaluation.toMap()); @@ -199,11 +207,9 @@ public class PollModule extends BaseHandler implements PollService { private boolean postToPoll(HttpExchange ex, UmbrellaUser user, String id, Path path) throws IOException { var head = path.pop(); var poll = pollDb.loadPoll(id); - if (user == null) { - if (SELECT.equals(head)) { - if (poll.isPrivate() && poll.permissions().get(user) == null) return unauthorized(ex); - postSelection(ex, poll, user); - } + if (SELECT.equals(head)) { + if (user == null && poll.isPrivate()) return unauthorized(ex); + return postSelection(ex, poll, null); } var permitted = poll.owner().equals(user); if (!permitted && !Set.of(Permission.OWNER, Permission.EDIT).contains(poll.permissions().get(user))) throw forbidden(Text.NOT_ALLOWED_TO_EDIT, Field.OBJECT,Text.POLL); @@ -246,16 +252,14 @@ public class PollModule extends BaseHandler implements PollService { if (!(job.get(key) instanceof Integer weight)) throw invalidField(Field.WEIGHT,Text.NUMBER); map.put(optionId,weight); } - if (user != null) { - pollDb.saveSelection(poll, map, user); - } else { + if (user == null) { if (!json.has(Field.EDITOR)) throw missingField(Field.EDITOR); if (!(json.get(Field.EDITOR) instanceof JSONObject editor)) throw invalidField(Field.EDITOR,JSON); if (!editor.has(Field.NAME)) throw missingField(format("{0}.{1}}",Field.EDITOR,Field.NAME)); if (!(editor.get(Field.NAME) instanceof String name)) throw invalidField(format("{0}.{1}",Field.EDITOR,Field.NAME),Text.STRING); pollDb.saveSelection(poll, map, name); - } - return notFound(ex); + } else pollDb.saveSelection(poll, map, user); + return sendContent(ex,poll); } private boolean postOption(HttpExchange ex, Poll poll) throws IOException {