From 251b4350af4e0e45a679653179841a223bb0aec6 Mon Sep 17 00:00:00 2001
From: Derek Leadbetter <dleadbetter55@gmail.com>
Date: Mon, 26 Jun 2023 13:53:32 -0400
Subject: [PATCH 1/7] BASIRA #209 - Adding "admin" column to users; Updating
 /api/users API endpoint to accept "admin" attribute (for current user admin
 only)

---
 app/controllers/api/users_controller.rb         | 9 +++++++++
 app/serializers/users_serializer.rb             | 4 ++--
 db/migrate/20230626153029_add_admin_to_users.rb | 5 +++++
 db/schema.rb                                    | 3 ++-
 4 files changed, 18 insertions(+), 3 deletions(-)
 create mode 100644 db/migrate/20230626153029_add_admin_to_users.rb

diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
index a90d08c..e1dc8ac 100644
--- a/app/controllers/api/users_controller.rb
+++ b/app/controllers/api/users_controller.rb
@@ -1,3 +1,12 @@
 class Api::UsersController < Api::BaseController
+  # Search attributes
   search_attributes :name, :email
+
+  protected
+
+  def permitted_params
+    parameters = super
+    parameters << :admin if current_user.admin?
+    parameters
+  end
 end
diff --git a/app/serializers/users_serializer.rb b/app/serializers/users_serializer.rb
index 9621c17..da12947 100644
--- a/app/serializers/users_serializer.rb
+++ b/app/serializers/users_serializer.rb
@@ -1,4 +1,4 @@
 class UsersSerializer < BaseSerializer
-  index_attributes :id, :name, :email
-  show_attributes :id, :name, :email
+  index_attributes :id, :name, :email, :admin
+  show_attributes :id, :name, :email, :admin
 end
diff --git a/db/migrate/20230626153029_add_admin_to_users.rb b/db/migrate/20230626153029_add_admin_to_users.rb
new file mode 100644
index 0000000..892a30e
--- /dev/null
+++ b/db/migrate/20230626153029_add_admin_to_users.rb
@@ -0,0 +1,5 @@
+class AddAdminToUsers < ActiveRecord::Migration[7.0]
+  def change
+    add_column :users, :admin, :boolean, default: false, null: false
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 6784c74..caee1b2 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema[7.0].define(version: 2023_04_06_192435) do
+ActiveRecord::Schema[7.0].define(version: 2023_06_26_153029) do
   # These are extensions that must be enabled in order to support this database
   enable_extension "pg_stat_statements"
   enable_extension "plpgsql"
@@ -276,6 +276,7 @@
     t.text "tokens"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
+    t.boolean "admin", default: false, null: false
     t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true
     t.index ["email"], name: "index_users_on_email", unique: true
     t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true

From 2c2b29fb68eb22d198d627fce02df5992e77e207 Mon Sep 17 00:00:00 2001
From: Derek Leadbetter <dleadbetter55@gmail.com>
Date: Mon, 26 Jun 2023 13:54:38 -0400
Subject: [PATCH 2/7] BASIRA #209 - Adding "admin" checkbox to users modal

---
 client/src/components/UserModal.css |  0
 client/src/components/UserModal.js  | 10 +++++++++-
 client/src/i18n/en.json             |  1 +
 client/src/services/Session.js      | 30 ++++++++++++++++++++++++-----
 client/src/transforms/User.js       |  3 ++-
 client/src/types/User.js            |  3 ++-
 6 files changed, 39 insertions(+), 8 deletions(-)
 create mode 100644 client/src/components/UserModal.css

diff --git a/client/src/components/UserModal.css b/client/src/components/UserModal.css
new file mode 100644
index 0000000..e69de29
diff --git a/client/src/components/UserModal.js b/client/src/components/UserModal.js
index 7a55de6..10a8940 100644
--- a/client/src/components/UserModal.js
+++ b/client/src/components/UserModal.js
@@ -3,8 +3,9 @@
 import React from 'react';
 import { withTranslation } from 'react-i18next';
 import { Form, Message, Modal } from 'semantic-ui-react';
+import Session from '../services/Session';
 
-import type { EditContainerProps } from 'react-components/types';
+import type { EditContainerProps } from '@performant-software/shared-components/types';
 import type { Translateable } from '../types/Translateable';
 import type { User } from '../types/User';
 
@@ -39,6 +40,13 @@ const UserModal = (props: Props) => (
         onChange={props.onTextInputChange.bind(this, 'email')}
         value={props.item.email || ''}
       />
+      { Session.isAdmin() && (
+        <Form.Checkbox
+          checked={props.item.admin}
+          label={props.t('UserModal.labels.admin')}
+          onChange={props.onCheckboxInputChange.bind(this, 'admin')}
+        />
+      )}
       <Message
         content={props.t('UserModal.labels.passwordPolicy.content')}
         header={props.t('UserModal.labels.passwordPolicy.header')}
diff --git a/client/src/i18n/en.json b/client/src/i18n/en.json
index 136cf4a..99d1acf 100644
--- a/client/src/i18n/en.json
+++ b/client/src/i18n/en.json
@@ -514,6 +514,7 @@
   },
   "UserModal": {
     "labels": {
+      "admin": "Administrator",
       "email": "Email",
       "name": "Name",
       "password": "Password",
diff --git a/client/src/services/Session.js b/client/src/services/Session.js
index c1be7e8..a85b64d 100644
--- a/client/src/services/Session.js
+++ b/client/src/services/Session.js
@@ -10,14 +10,15 @@ class Session {
    * @param response
    */
   create(response: any) {
-    const { name, uid } = response.data.data;
+    const { name, uid, admin } = response.data.data;
 
     sessionStorage.setItem('user',
       JSON.stringify({
         'access-token': response.headers['access-token'],
         client: response.headers.client,
         name,
-        uid
+        uid,
+        admin
       }));
   }
 
@@ -34,12 +35,20 @@ class Session {
    * @returns {*}
    */
   getName() {
-    const userString = sessionStorage.getItem('user') || '{}';
-    const user = JSON.parse(userString);
-
+    const user = this.parseUser();
     return user.name;
   }
 
+  /**
+   * Returns true if the currently logged in user is an admin.
+   *
+   * @returns {*}
+   */
+  isAdmin() {
+    const user = this.parseUser();
+    return user.admin;
+  }
+
   /**
    * Returns true if the user is currently authenticated.
    *
@@ -48,6 +57,17 @@ class Session {
   isAuthenticated() {
     return !!sessionStorage.getItem('user');
   }
+
+  // private
+
+  /**
+   * Parses the session storage user.
+   *
+   * @returns {*}
+   */
+  parseUser() {
+    return JSON.parse(sessionStorage.getItem('user') || '{}');
+  }
 }
 
 export default new Session();
diff --git a/client/src/transforms/User.js b/client/src/transforms/User.js
index 5858347..37bc1bf 100644
--- a/client/src/transforms/User.js
+++ b/client/src/transforms/User.js
@@ -19,7 +19,8 @@ class User extends BaseTransform {
       'name',
       'email',
       'password',
-      'password_confirmation'
+      'password_confirmation',
+      'admin'
     ];
   }
 
diff --git a/client/src/types/User.js b/client/src/types/User.js
index 6147aaa..81b58a0 100644
--- a/client/src/types/User.js
+++ b/client/src/types/User.js
@@ -5,5 +5,6 @@ export type User = {
   name: string,
   email: string,
   password: string,
-  password_confirmation: string
+  password_confirmation: string,
+  admin: boolean
 };

From 9aeafd603f42659a04c4024c336aa1bd6c8af1b8 Mon Sep 17 00:00:00 2001
From: Derek Leadbetter <dleadbetter55@gmail.com>
Date: Mon, 26 Jun 2023 13:55:06 -0400
Subject: [PATCH 3/7] BASIRA #209 - Updating logout button to redirect to
 /login

---
 client/src/hooks/MenuBar.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/client/src/hooks/MenuBar.js b/client/src/hooks/MenuBar.js
index 00f8c58..45baf81 100644
--- a/client/src/hooks/MenuBar.js
+++ b/client/src/hooks/MenuBar.js
@@ -142,7 +142,7 @@ const withMenuBar = (WrappedComponent: ComponentType<any>) => withTranslation()(
                     .logout()
                     .then(() => {
                       Session.destroy();
-                      props.history.push('/');
+                      props.history.push('/login');
                     })
                 )}
               />

From 15e95f5bad7874994fbb86ce8275b6759c065980 Mon Sep 17 00:00:00 2001
From: Derek Leadbetter <dleadbetter55@gmail.com>
Date: Mon, 26 Jun 2023 14:33:21 -0400
Subject: [PATCH 4/7] BASIRA #209 - Updating base_controller to check user
 authorization before deleting a record

---
 app/controllers/api/base_controller.rb | 6 ++++++
 config/locales/en.yml                  | 3 ++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb
index ad6ab59..6f28ac1 100644
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@@ -5,6 +5,12 @@ class Api::BaseController < Api::ResourceController
   # Actions
   before_action :authenticate_user!, except: :show
 
+  def destroy
+    render json: { errors: I18n.t('errors.unauthorized') }, status: :unauthorized and return unless current_user.admin?
+
+    super
+  end
+
   protected
 
   def prepare_params
diff --git a/config/locales/en.yml b/config/locales/en.yml
index cf9b342..fc24293 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -30,4 +30,5 @@
 # available at https://guides.rubyonrails.org/i18n.html.
 
 en:
-  hello: "Hello world"
+  errors:
+    unauthorized: "Unauthorized"

From cafd0165b5d501b6d5209159d372d48482a18237 Mon Sep 17 00:00:00 2001
From: Derek Leadbetter <dleadbetter55@gmail.com>
Date: Tue, 27 Jun 2023 13:07:18 -0400
Subject: [PATCH 5/7] BASIRA #209 - Adding delete/update validations for
 non-admin users

---
 app/controllers/api/base_controller.rb | 38 ++++++++++++++++++++++----
 1 file changed, 32 insertions(+), 6 deletions(-)

diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb
index 6f28ac1..40d58f6 100644
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@@ -4,12 +4,8 @@ class Api::BaseController < Api::ResourceController
 
   # Actions
   before_action :authenticate_user!, except: :show
-
-  def destroy
-    render json: { errors: I18n.t('errors.unauthorized') }, status: :unauthorized and return unless current_user.admin?
-
-    super
-  end
+  before_action :validate_delete_authorization, only: :destroy
+  before_action :validate_update_authorization, only: :update
 
   protected
 
@@ -24,4 +20,34 @@ def prepare_params
 
     super
   end
+
+  private
+
+  def validate_delete_authorization
+    render json: { errors: [I18n.t('errors.unauthorized')] }, status: :unauthorized unless current_user.admin?
+  end
+
+  def validate_update_authorization
+    return if current_user.admin?
+
+    unauthorized = false
+
+    item_class.nested_attributes_options.keys.each do |key|
+      nested_attributes = params[param_name][key]
+      next unless nested_attributes.present?
+
+      # Handle JSON and FormData parameters
+      if nested_attributes.is_a?(Array)
+        attrs = nested_attributes
+      elsif nested_attributes.is_a?(ActionController::Parameters) && nested_attributes.keys.all?(&:is_integer?)
+        attrs = nested_attributes.keys.map{ |index| nested_attributes[index] }
+      end
+
+      attrs.each do |attr|
+        unauthorized = true if attr['_destroy'].to_s.to_bool
+      end
+    end
+
+    render json: { errors: [{ base: I18n.t('errors.unauthorized') }] }, status: :unauthorized if unauthorized
+  end
 end

From 999bbb7ab144e7e0aafca453780a74c587db4d15 Mon Sep 17 00:00:00 2001
From: Derek Leadbetter <dleadbetter55@gmail.com>
Date: Tue, 27 Jun 2023 14:07:21 -0400
Subject: [PATCH 6/7] BASIRA #209 - Removing delete buttons for non-admin
 users; Adding error messages as fallback

---
 client/src/components/AdminArtworkMenu.js |  3 +-
 client/src/components/Images.js           | 14 +++++-
 client/src/components/ValueListsTable.js  | 15 ++++---
 client/src/i18n/en.json                   |  3 +-
 client/src/pages/admin/AdminNotFound.js   |  6 ++-
 client/src/pages/admin/Artwork.js         |  7 +++
 client/src/pages/admin/Artworks.js        | 10 +++--
 client/src/pages/admin/EditPage.js        |  7 +--
 client/src/pages/admin/People.js          |  5 +++
 client/src/pages/admin/Person.js          |  7 ++-
 client/src/pages/admin/Place.js           |  7 ++-
 client/src/pages/admin/Places.js          |  5 +++
 client/src/pages/admin/Users.js           |  7 ++-
 client/src/pages/admin/ValueLists.js      |  2 +-
 client/src/utils/Authorization.js         | 55 +++++++++++++++++++++++
 15 files changed, 132 insertions(+), 21 deletions(-)
 create mode 100644 client/src/utils/Authorization.js

diff --git a/client/src/components/AdminArtworkMenu.js b/client/src/components/AdminArtworkMenu.js
index 3e15de9..6b422f1 100644
--- a/client/src/components/AdminArtworkMenu.js
+++ b/client/src/components/AdminArtworkMenu.js
@@ -18,6 +18,7 @@ import DocumentsService from '../services/Documents';
 import { getPhysicalComponents, getVisualContexts } from '../utils/Artwork';
 import ItemLabel from './ItemLabel';
 import PhysicalComponentsService from '../services/PhysicalComponents';
+import Session from '../services/Session';
 import VisualContextsService from '../services/VisualContexts';
 import './AdminArtworkMenu.css';
 
@@ -172,7 +173,7 @@ const AdminArtworkMenu = (props: Props) => {
           to={`/admin${path}`}
         />
       )}
-      { onDelete && (
+      { Session.isAdmin() && onDelete && (
         <Button
           icon='times'
           onClick={(e) => {
diff --git a/client/src/components/Images.js b/client/src/components/Images.js
index a7a8816..a7827ec 100644
--- a/client/src/components/Images.js
+++ b/client/src/components/Images.js
@@ -1,6 +1,6 @@
 // @flow
 
-import React, { useState } from 'react';
+import React, { useCallback, useState } from 'react';
 import { FileUpload, PhotoViewer } from '@performant-software/semantic-components';
 import { withTranslation } from 'react-i18next';
 import { Button, Card, Image } from 'semantic-ui-react';
@@ -10,6 +10,7 @@ import './Images.css';
 import type { Translateable } from '../types/Translateable';
 
 type Action = {
+  accept?: (item: any) => boolean,
   color?: (item: any) => ?string,
   icon: string,
   name: string,
@@ -27,6 +28,15 @@ const Images = (props: Props) => {
   const [currentImage, setCurrentImage] = useState(null);
   const [fileUpload, setFileUpload] = useState(false);
 
+  /**
+   * Returns the list of available actions for the passed item.
+   *
+   * @type {function(*): *}
+   */
+  const getActions = useCallback((item) => (
+    _.filter(props.actions, (action) => !action.accept || action.accept(item))
+  ), [props.actions]);
+
   return (
     <div
       className='images'
@@ -72,7 +82,7 @@ const Images = (props: Props) => {
                 extra
                 textAlign='center'
               >
-                { _.map(props.actions, (action) => (
+                { _.map(getActions(item), (action) => (
                   <Button
                     basic
                     color={action.color && action.color(item)}
diff --git a/client/src/components/ValueListsTable.js b/client/src/components/ValueListsTable.js
index 20f9e9d..0e15454 100644
--- a/client/src/components/ValueListsTable.js
+++ b/client/src/components/ValueListsTable.js
@@ -1,13 +1,16 @@
 // @flow
 
+import { ListTable, useDataList } from '@performant-software/semantic-components';
+import type { EditContainerProps } from '@performant-software/shared-components/types';
 import React from 'react';
+import { withTranslation } from 'react-i18next';
+import Authorization from '../utils/Authorization';
+import Session from '../services/Session';
+import type { Translateable } from '../types/Translateable';
+import type { ValueList as ValueListType } from '../types/ValueList';
 import ValueListModal from './ValueListModal';
 import ValueListsFiltersModal from './ValueListsFiltersModal';
 import ValueListsService from '../services/ValueLists';
-import { withTranslation } from 'react-i18next';
-import { ListTable, useDataList, type EditContainerProps } from '@performant-software/semantic-components';
-import type { ValueList as ValueListType } from '../types/ValueList';
-import type { Translateable } from '../types/Translateable';
 
 type Props = EditContainerProps & Translateable & {
   item: ValueListType,
@@ -22,7 +25,7 @@ const ValueListsTable = (props: Props) => (
       name: 'copy'
     }, {
       name: 'delete',
-      accept: (item) => item.qualifications_count === 0
+      accept: (item) => Session.isAdmin() && item.qualifications_count === 0
     }]}
     className='value-lists-table'
     collectionName='value_lists'
@@ -64,6 +67,8 @@ const ValueListsTable = (props: Props) => (
       per_page: 25
     })}
     onSave={(params) => ValueListsService.save(params)}
+    resolveErrors={(error) => Authorization.resolveDeleteError(error)}
+    searchable
   />
 );
 
diff --git a/client/src/i18n/en.json b/client/src/i18n/en.json
index c3a05ab..d7ec577 100644
--- a/client/src/i18n/en.json
+++ b/client/src/i18n/en.json
@@ -156,7 +156,8 @@
       "save": "Save"
     },
     "errors": {
-      "header": "Oops!"
+      "header": "Oops!",
+      "unauthorized": "You do not have permission to delete records."
     },
     "labels": {
       "artwork": "Artwork",
diff --git a/client/src/pages/admin/AdminNotFound.js b/client/src/pages/admin/AdminNotFound.js
index b84e139..021ef07 100644
--- a/client/src/pages/admin/AdminNotFound.js
+++ b/client/src/pages/admin/AdminNotFound.js
@@ -1,7 +1,7 @@
 // @flow
 
 import React from 'react';
-import { withRouter } from 'react-router-dom';
+import { RouterHistory, withRouter } from 'react-router-dom';
 import {
   Button, Container, Message
 } from 'semantic-ui-react';
@@ -9,7 +9,9 @@ import withMenuBar from '../../hooks/MenuBar';
 
 import type { Translateable } from '../../types/Translateable';
 
-type Props = Translateable;
+type Props = Translateable & {
+  history: typeof RouterHistory,
+};
 
 const AdminNotFound = (props: Props) => (
   <Container>
diff --git a/client/src/pages/admin/Artwork.js b/client/src/pages/admin/Artwork.js
index 11c12c0..458a89e 100644
--- a/client/src/pages/admin/Artwork.js
+++ b/client/src/pages/admin/Artwork.js
@@ -7,6 +7,7 @@ import _ from 'underscore';
 import ArtworkTitleModal from '../../components/ArtworkTitleModal';
 import ArtworksService from '../../services/Artworks';
 import AttachmentModal from '../../components/AttachmentModal';
+import Authorization from '../../utils/Authorization';
 import File from '../../transforms/File';
 import i18n from '../../i18n/i18n';
 import Images from '../../components/Images';
@@ -16,6 +17,7 @@ import Number from '../../utils/Number';
 import ParticipationModal, { ParticipationTypes } from '../../components/ParticipationModal';
 import Qualifiables from '../../utils/Qualifiables';
 import RecordHeader from '../../components/RecordHeader';
+import Session from '../../services/Session';
 import SimpleEditPage from '../../components/SimpleEditPage';
 import SimpleLink from '../../components/SimpleLink';
 import Validations from '../../utils/Validations';
@@ -155,6 +157,7 @@ const Artwork = (props: Props) => {
           }, {
             name: 'copy'
           }, {
+            accept: () => Session.isAdmin(),
             name: 'delete'
           }]}
           columns={[{
@@ -304,6 +307,7 @@ const Artwork = (props: Props) => {
             name: 'edit',
             onClick: (item) => setSelectedImage(item)
           }, {
+            accept: () => Session.isAdmin(),
             color: () => 'red',
             icon: 'times',
             name: 'delete',
@@ -343,6 +347,7 @@ const Artwork = (props: Props) => {
           }, {
             name: 'copy'
           }, {
+            accept: () => Session.isAdmin(),
             name: 'delete'
           }]}
           columns={[{
@@ -394,6 +399,7 @@ const Artwork = (props: Props) => {
           }, {
             name: 'copy'
           }, {
+            accept: () => Session.isAdmin(),
             name: 'delete'
           }]}
           columns={[{
@@ -436,6 +442,7 @@ export default useEditPage(withMenuBar(Artwork), {
   onLoad: (id) => ArtworksService.fetchOne(id).then(({ data }) => data.artwork),
   onSave: (artwork) => ArtworksService.save(artwork).then(({ data }) => data.artwork),
   required: ['date_descriptor'],
+  resolveValidationError: (e) => Authorization.resolveUpdateError(e),
   validate: (artwork) => {
     let validationErrors = {};
 
diff --git a/client/src/pages/admin/Artworks.js b/client/src/pages/admin/Artworks.js
index afa18c8..9cbde4d 100644
--- a/client/src/pages/admin/Artworks.js
+++ b/client/src/pages/admin/Artworks.js
@@ -1,14 +1,16 @@
 // @flow
 
-import React from 'react';
 import { FilterTypes, ItemList, ListFilters } from '@performant-software/semantic-components';
+import React from 'react';
 import { withRouter } from 'react-router-dom';
 import { Container, Header } from 'semantic-ui-react';
 import _ from 'underscore';
-import Thumbnail from '../../components/Thumbnail';
 import ArtworksService from '../../services/Artworks';
-import Users from '../../services/Users';
+import Authorization from '../../utils/Authorization';
+import Session from '../../services/Session';
+import Thumbnail from '../../components/Thumbnail';
 import User from '../../transforms/User';
+import Users from '../../services/Users';
 import withMenuBar from '../../hooks/MenuBar';
 import './Artworks.css';
 
@@ -26,6 +28,7 @@ const Artworks = (props: Props) => (
         name: 'edit',
         onClick: (item) => props.history.push(`/admin/artworks/${item.id}`)
       }, {
+        accept: () => Session.isAdmin(),
         icon: 'times',
         name: 'delete'
       }, {
@@ -173,6 +176,7 @@ const Artworks = (props: Props) => (
           </div>
         </>
       )}
+      resolveErrors={(error) => Authorization.resolveDeleteError(error)}
       session={{
         key: 'artworks',
         storage: sessionStorage
diff --git a/client/src/pages/admin/EditPage.js b/client/src/pages/admin/EditPage.js
index e5e4a41..c179dab 100644
--- a/client/src/pages/admin/EditPage.js
+++ b/client/src/pages/admin/EditPage.js
@@ -1,15 +1,15 @@
 // @flow
 
-import React, { type ComponentType } from 'react';
 import { useEditContainer } from '@performant-software/shared-components';
+import type { EditContainerProps } from '@performant-software/shared-components/types';
+import React, { type ComponentType } from 'react';
 import { useHistory, useParams } from 'react-router-dom';
 import _ from 'underscore';
 
-import type { EditContainerProps } from 'react-components/types';
-
 type Config = {
   onLoad: (params: any) => Promise<any>,
   onSave: (item: any) => Promise<any>,
+  resolveValidationError?: (error: any) => Array<string>,
   validate?: (item: any) => any
 };
 
@@ -62,6 +62,7 @@ const useEditPage = (WrappedComponent: ComponentType<any>, config: Config) => (
             }
           })}
         onSave={(item) => config.onSave(item).then(afterSave)}
+        resolveValidationError={config.resolveValidationError}
       />
     );
   }
diff --git a/client/src/pages/admin/People.js b/client/src/pages/admin/People.js
index d730ce1..30dd6a3 100644
--- a/client/src/pages/admin/People.js
+++ b/client/src/pages/admin/People.js
@@ -5,8 +5,10 @@ import { ListTable } from '@performant-software/semantic-components';
 import { withTranslation } from 'react-i18next';
 import { withRouter } from 'react-router-dom';
 import { Container } from 'semantic-ui-react';
+import Authorization from '../../utils/Authorization';
 import PeopleService from '../../services/People';
 import Qualifiables from '../../utils/Qualifiables';
+import Session from '../../services/Session';
 import withMenuBar from '../../hooks/MenuBar';
 
 import type { Routeable } from '../../types/Routeable';
@@ -19,6 +21,7 @@ const People = (props: Translateable & Routeable) => (
         name: 'edit',
         onClick: (item) => props.history.push(`/admin/people/${item.id}`)
       }, {
+        accept: () => Session.isAdmin(),
         name: 'delete'
       }]}
       addButton={{
@@ -46,6 +49,8 @@ const People = (props: Translateable & Routeable) => (
       onDelete={(person) => PeopleService.delete(person)}
       onLoad={(params) => PeopleService.fetchAll(params)}
       onSave={(person) => PeopleService.save(person)}
+      resolveErrors={(error) => Authorization.resolveDeleteError(error)}
+      searchable
     />
   </Container>
 );
diff --git a/client/src/pages/admin/Person.js b/client/src/pages/admin/Person.js
index 644d794..8497f4e 100644
--- a/client/src/pages/admin/Person.js
+++ b/client/src/pages/admin/Person.js
@@ -4,11 +4,13 @@ import React from 'react';
 import { EmbeddedList, ItemCollection } from '@performant-software/semantic-components';
 import { Header, Image } from 'semantic-ui-react';
 import _ from 'underscore';
+import Authorization from '../../utils/Authorization';
 import ParticipationModal, { ParticipationTypes } from '../../components/ParticipationModal';
 import PeopleService from '../../services/People';
 import PersonForm from '../../components/PersonForm';
 import LocationModal, { LocationTypes } from '../../components/LocationModal';
 import Qualifiables from '../../utils/Qualifiables';
+import Session from '../../services/Session';
 import SimpleEditPage from '../../components/SimpleEditPage';
 import SimpleLink from '../../components/SimpleLink';
 import withMenuBar from '../../hooks/MenuBar';
@@ -52,6 +54,7 @@ const Person = (props: Props) => (
         actions={[{
           name: 'edit'
         }, {
+          accept: () => Session.isAdmin(),
           name: 'delete'
         }]}
         items={_.filter(props.item.participations, (p) => !p._destroy)}
@@ -96,6 +99,7 @@ const Person = (props: Props) => (
         }, {
           name: 'copy'
         }, {
+          accept: () => Session.isAdmin(),
           name: 'delete'
         }]}
         columns={[{
@@ -135,5 +139,6 @@ const Person = (props: Props) => (
 export default useEditPage(withMenuBar(Person), {
   onLoad: (id) => PeopleService.fetchOne(id).then(({ data }) => data.person),
   onSave: (person) => PeopleService.save(person).then(({ data }) => data.person),
-  required: ['name', 'display_name']
+  required: ['name', 'display_name'],
+  resolveValidationError: (e) => Authorization.resolveUpdateError(e)
 });
diff --git a/client/src/pages/admin/Place.js b/client/src/pages/admin/Place.js
index 87c87e0..55168bb 100644
--- a/client/src/pages/admin/Place.js
+++ b/client/src/pages/admin/Place.js
@@ -5,10 +5,12 @@ import { EmbeddedList, ItemCollection } from '@performant-software/semantic-comp
 import { withTranslation } from 'react-i18next';
 import { Header, Image } from 'semantic-ui-react';
 import _ from 'underscore';
+import Authorization from '../../utils/Authorization';
 import LocationModal, { LocationTypes } from '../../components/LocationModal';
 import PlaceForm from '../../components/PlaceForm';
 import PlacesService from '../../services/Places';
 import Qualifiables from '../../utils/Qualifiables';
+import Session from '../../services/Session';
 import SimpleEditPage from '../../components/SimpleEditPage';
 import SimpleLink from '../../components/SimpleLink';
 import useEditPage from './EditPage';
@@ -52,6 +54,7 @@ const Place = (props: Props) => (
         actions={[{
           name: 'edit'
         }, {
+          accept: () => Session.isAdmin(),
           name: 'delete'
         }]}
         items={_.filter(props.item.locations, (l) => l.locateable_type === 'Artwork' && !l._destroy)}
@@ -96,6 +99,7 @@ const Place = (props: Props) => (
         }, {
           name: 'copy'
         }, {
+          accept: () => Session.isAdmin(),
           name: 'delete'
         }]}
         columns={[{
@@ -134,5 +138,6 @@ const Place = (props: Props) => (
 export default withTranslation()(useEditPage(withMenuBar(Place), {
   onLoad: (id) => PlacesService.fetchOne(id).then(({ data }) => data.place),
   onSave: (place) => PlacesService.save(place).then(({ data }) => data.place),
-  required: ['name']
+  required: ['name'],
+  resolveValidationError: (e) => Authorization.resolveUpdateError(e)
 }));
diff --git a/client/src/pages/admin/Places.js b/client/src/pages/admin/Places.js
index 8778b27..01e6f0e 100644
--- a/client/src/pages/admin/Places.js
+++ b/client/src/pages/admin/Places.js
@@ -3,7 +3,9 @@
 import React from 'react';
 import { ListTable } from '@performant-software/semantic-components';
 import { Container } from 'semantic-ui-react';
+import Authorization from '../../utils/Authorization';
 import PlacesService from '../../services/Places';
+import Session from '../../services/Session';
 import withMenuBar from '../../hooks/MenuBar';
 
 import type { Routeable } from '../../types/Routeable';
@@ -16,6 +18,7 @@ const Places = (props: Routeable & Translateable) => (
         name: 'edit',
         onClick: (item) => props.history.push(`/admin/places/${item.id}`)
       }, {
+        accept: () => Session.isAdmin(),
         name: 'delete'
       }]}
       addButton={{
@@ -50,6 +53,8 @@ const Places = (props: Routeable & Translateable) => (
       onDelete={(place) => PlacesService.delete(place)}
       onLoad={(params) => PlacesService.fetchAll(params)}
       onSave={(place) => PlacesService.save(place)}
+      resolveErrors={(error) => Authorization.resolveDeleteError(error)}
+      searchable
     />
   </Container>
 );
diff --git a/client/src/pages/admin/Users.js b/client/src/pages/admin/Users.js
index f3f7a2e..15526be 100644
--- a/client/src/pages/admin/Users.js
+++ b/client/src/pages/admin/Users.js
@@ -1,8 +1,10 @@
 // @flow
 
-import React from 'react';
 import { ListTable } from '@performant-software/semantic-components';
+import React from 'react';
 import { Container } from 'semantic-ui-react';
+import Authorization from '../../utils/Authorization';
+import Session from '../../services/Session';
 import UserModal from '../../components/UserModal';
 import UsersService from '../../services/Users';
 import withMenuBar from '../../hooks/MenuBar';
@@ -21,6 +23,7 @@ const Users = (props: Translateable) => (
       }, {
         name: 'copy'
       }, {
+        accept: () => Session.isAdmin(),
         name: 'delete'
       }]}
       addButton={{
@@ -73,6 +76,8 @@ const Users = (props: Translateable) => (
       onDelete={(user) => UsersService.delete(user)}
       onLoad={(params) => UsersService.fetchAll(params)}
       onSave={(user) => UsersService.save(user)}
+      resolveErrors={(error) => Authorization.resolveDeleteError(error)}
+      searchable
     />
   </Container>
 );
diff --git a/client/src/pages/admin/ValueLists.js b/client/src/pages/admin/ValueLists.js
index cca6d81..8362902 100644
--- a/client/src/pages/admin/ValueLists.js
+++ b/client/src/pages/admin/ValueLists.js
@@ -1,5 +1,6 @@
 // @flow
 
+import type { EditContainerProps } from '@performant-software/shared-components/types';
 import React, { useEffect, useState } from 'react';
 import ValueListsTable from '../../components/ValueListsTable';
 import withMenuBar from '../../hooks/MenuBar';
@@ -10,7 +11,6 @@ import {
   Tab
 } from 'semantic-ui-react';
 
-import type { EditContainerProps } from 'react-components/types';
 import type { ValueList as ValueListType } from '../../types/ValueList';
 import type { Translateable } from '../../types/Translateable';
 
diff --git a/client/src/utils/Authorization.js b/client/src/utils/Authorization.js
new file mode 100644
index 0000000..87cf874
--- /dev/null
+++ b/client/src/utils/Authorization.js
@@ -0,0 +1,55 @@
+// @flow
+
+import i18n from '../i18n/i18n';
+
+const STATUS_UNAUTHORIZED = 401;
+
+type ErrorType = {
+  response: {
+    status: number
+  }
+};
+
+/**
+ * Resolves the error message from a DELETE request.
+ *
+ * @param error
+ *
+ * @returns {[]}
+ */
+const resolveDeleteError = (error: ErrorType) => {
+  const errors = [];
+
+  const { status } = error.response;
+  if (status === STATUS_UNAUTHORIZED) {
+    errors.push(i18n.t('Common.errors.unauthorized'));
+  }
+
+  return errors;
+};
+
+type ResolveUpdateErrorType = {
+  status: number
+};
+
+/**
+ * Resolve the error message from a PUT request.
+ *
+ * @param status
+ *
+ * @returns {[]}
+ */
+const resolveUpdateError = ({ status }: ResolveUpdateErrorType) => {
+  const errors = [];
+
+  if (status === STATUS_UNAUTHORIZED) {
+    errors.push(i18n.t('Common.errors.unauthorized'));
+  }
+
+  return errors;
+};
+
+export default {
+  resolveDeleteError,
+  resolveUpdateError
+};

From f8b31d8b5f6d20c1cc2697af83feb7b0616b665d Mon Sep 17 00:00:00 2001
From: Derek Leadbetter <dleadbetter55@gmail.com>
Date: Tue, 27 Jun 2023 15:07:29 -0400
Subject: [PATCH 7/7] BASIRA #209 - Adding rake task to create/update users to
 have admin access

---
 lib/tasks/users.rake | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 lib/tasks/users.rake

diff --git a/lib/tasks/users.rake b/lib/tasks/users.rake
new file mode 100644
index 0000000..51456bb
--- /dev/null
+++ b/lib/tasks/users.rake
@@ -0,0 +1,22 @@
+require 'optparse'
+
+namespace :users do
+  desc 'Creates or updates the user with the specified email to be an admin'
+  task admin: :environment do
+    options = {}
+
+    option_parser = OptionParser.new
+    option_parser.banner = "Usage: rake users:admin -- -e [email]"
+    option_parser.on('-e EMAIL', '--email EMAIL') do |value|
+      options[:email] = value
+    end.parse!
+
+    args = option_parser.order!(ARGV) {}
+    option_parser.parse!(args)
+
+    exit 0 unless options[:email].present?
+
+    user = User.find_or_initialize_by(email: options[:email])
+    user.update(admin: true)
+  end
+end