From 0b81a02fba0f11d97995516d47337ca98a12167d Mon Sep 17 00:00:00 2001
From: Markus Thielker <hey@thielker.dev>
Date: Fri, 4 Apr 2025 19:10:40 +0200
Subject: [PATCH] NORY-59: add authentication and authorisation to user page

---
 .../src/app/(inside)/user/data-table.tsx      | 13 +++-
 dashboard/src/app/(inside)/user/page.tsx      | 73 ++++++++++++++-----
 2 files changed, 67 insertions(+), 19 deletions(-)

diff --git a/dashboard/src/app/(inside)/user/data-table.tsx b/dashboard/src/app/(inside)/user/data-table.tsx
index 510ee6c..2baabaa 100644
--- a/dashboard/src/app/(inside)/user/data-table.tsx
+++ b/dashboard/src/app/(inside)/user/data-table.tsx
@@ -33,9 +33,16 @@ interface IdentityDataTableProps {
     data: Identity[];
     page: number;
     query: string;
+    permission: {
+        pmEditUser: boolean;
+        pmBlockUser: boolean;
+        pmUnblockUser: boolean;
+        pmDeleteUser: boolean;
+        pmDeleteUserSession: boolean;
+    };
 }
 
-export function IdentityDataTable({ data, page, query }: IdentityDataTableProps) {
+export function IdentityDataTable({ data, page, query, permission }: IdentityDataTableProps) {
 
     const columns: ColumnDef<Identity>[] = [
         {
@@ -137,6 +144,7 @@ export function IdentityDataTable({ data, page, query }: IdentityDataTableProps)
                                     setCurrentIdentity(identity);
                                     setIdentitySessionVisible(true);
                                 }}
+                                disabled={!permission.pmDeleteUserSession}
                                 className="flex items-center space-x-2 text-red-500">
                                 <UserMinus className="h-4 w-4"/>
                                 <span>Delete sessions</span>
@@ -148,6 +156,7 @@ export function IdentityDataTable({ data, page, query }: IdentityDataTableProps)
                                         setCurrentIdentity(identity);
                                         setBlockIdentityVisible(true);
                                     }}
+                                    disabled={!permission.pmBlockUser}
                                     className="flex items-center space-x-2 text-red-500">
                                     <UserX className="h-4 w-4"/>
                                     <span>Block identity</span>
@@ -160,6 +169,7 @@ export function IdentityDataTable({ data, page, query }: IdentityDataTableProps)
                                         setCurrentIdentity(identity);
                                         setUnblockIdentityVisible(true);
                                     }}
+                                    disabled={!permission.pmUnblockUser}
                                     className="flex items-center space-x-2 text-red-500">
                                     <UserCheck className="h-4 w-4"/>
                                     <span>Unblock identity</span>
@@ -170,6 +180,7 @@ export function IdentityDataTable({ data, page, query }: IdentityDataTableProps)
                                     setCurrentIdentity(identity);
                                     setDeleteIdentityVisible(true);
                                 }}
+                                disabled={!permission.pmDeleteUser}
                                 className="flex items-center space-x-2 text-red-500">
                                 <Trash className="h-4 w-4"/>
                                 <span>Delete identity</span>
diff --git a/dashboard/src/app/(inside)/user/page.tsx b/dashboard/src/app/(inside)/user/page.tsx
index efb1095..b889ecf 100644
--- a/dashboard/src/app/(inside)/user/page.tsx
+++ b/dashboard/src/app/(inside)/user/page.tsx
@@ -3,6 +3,8 @@ import { IdentityDataTable } from '@/app/(inside)/user/data-table';
 import { SearchInput } from '@/components/search-input';
 import { queryIdentities } from '@/lib/action/identity';
 import { IdentityPagination } from '@/components/pagination';
+import { checkPermission, requireRole, requireSession } from '@/lib/action/authentication';
+import InsufficientPermission from '@/components/insufficient-permission';
 
 export default async function UserPage(
     {
@@ -12,6 +14,18 @@ export default async function UserPage(
     },
 ) {
 
+    const session = await requireSession();
+    const identityId = session.identity!.id;
+
+    await requireRole('admin', identityId);
+
+    const pmAccessUser = await checkPermission('admin.user', 'access', identityId);
+    const pmEditUser = await checkPermission('admin.user', 'edit', identityId);
+    const pmBlockUser = await checkPermission('admin.user', 'block', identityId);
+    const pmUnblockUser = await checkPermission('admin.user', 'unblock', identityId);
+    const pmDeleteUser = await checkPermission('admin.user', 'delete', identityId);
+    const pmDeleteUserSession = await checkPermission('admin.user.session', 'delete', identityId);
+
     const params = await searchParams;
 
     const page = params.page ? Number(params.page) : 1;
@@ -20,7 +34,7 @@ export default async function UserPage(
     let pageSize = 50;
     let paginationRange = 11;
 
-    const { data, itemCount, pageCount } = await queryIdentities({ page, pageSize, query });
+    const users = pmAccessUser && await queryIdentities({ page, pageSize, query });
 
     return (
         <div className="space-y-4">
@@ -31,23 +45,46 @@ export default async function UserPage(
                 </p>
             </div>
             <div className="space-y-2">
-                <SearchInput
-                    value={query}
-                    pageParamKey="page"
-                    queryParamKey="query"
-                    placeholder="Search for addresses and traits"/>
-                <div>
-                    <p className="text-xs text-neutral-500">{itemCount} item{itemCount && itemCount > 1 ? 's' : ''} found</p>
-                    <IdentityDataTable
-                        data={data}
-                        page={page}
-                        query={query}/>
-                </div>
-                <IdentityPagination
-                    page={page}
-                    pageCount={pageCount}
-                    pageParamKey="page"
-                    paginationRange={paginationRange}/>
+                {
+                    !pmAccessUser && (
+                        <InsufficientPermission
+                            permission="admin.user"
+                            relation="see"
+                            identityId={identityId}
+                        />
+                    )
+                }
+                {
+                    pmAccessUser && users && (
+                        <>
+                            <SearchInput
+                                value={query}
+                                pageParamKey="page"
+                                queryParamKey="query"
+                                placeholder="Search for addresses and traits"/>
+                            <div>
+                                <p className="text-xs text-neutral-500">{users.itemCount} item{users.itemCount && users.itemCount > 1 ? 's' : ''} found</p>
+                                <IdentityDataTable
+                                    data={users.data}
+                                    page={page}
+                                    query={query}
+                                    permission={{
+                                        pmEditUser: pmEditUser,
+                                        pmBlockUser: pmBlockUser,
+                                        pmUnblockUser: pmUnblockUser,
+                                        pmDeleteUser: pmDeleteUser,
+                                        pmDeleteUserSession: pmDeleteUserSession,
+                                    }}
+                                />
+                            </div>
+                            <IdentityPagination
+                                page={page}
+                                pageCount={users.pageCount}
+                                pageParamKey="page"
+                                paginationRange={paginationRange}/>
+                        </>
+                    )
+                }
             </div>
         </div>
     );