Add pages permission

2025-12-10 07:43:10 +01:00
parent 96be7567eb
commit 7f21716358
13 changed files with 144 additions and 206 deletions
--- a/app/auth.py
+++ b/app/auth.py
@@ -2,7 +2,7 @@
 from contextlib import closing
 import bcrypt

-from app_db.app_db import get_conn
+from app_db.app_db import get_conn, get_list


 # ---------------------------------------------------------------------------
@@ -35,7 +35,7 @@ def create_user(


 # ---------------------------------------------------------------------------
-#  Benutzer überprüfen (z.B. für deine alte Streamlit-Login-Maske)
+#  Benutzer überprüfen
 # ---------------------------------------------------------------------------

 def verify_user(username: str, password: str):
@@ -84,6 +84,60 @@ def get_fullname_for_user(username: str) -> str:
        ).fetchone()
    return row[0] if row else "user"

+# ---------------------------------------------------------------------------
+#  Sidebar-Einträge für den Benutzer
+# ---------------------------------------------------------------------------
+
+def get_sidebar(role_text: str, username: str):
+    if role_text == "admin":
+        sql = """
+            select 
+                g.group_id,
+                g.group_text,
+                d.dash_id,
+                d.dash_text,
+                d.page_file,
+                d.dash_type
+            from
+                groups g
+                left join dashboards d 
+                    on g.group_id = d.group_id 
+            where
+                g.active = 1
+                and d.active = 1
+        """
+    else:
+        sql = """
+            SELECT
+                d.group_id,
+                g.group_text,
+                p.dash_id,
+                d.dash_text,
+                d.page_file,
+                d.dash_type
+            FROM
+                users u
+                left join permissions p
+                    on u.role_id = p.role_id
+                left join dashboards d
+                    on p.dash_id = d.dash_id 
+                left join groups g
+                    on d.group_id = g.group_id 
+            where
+                u.active = 1
+                and g.active = 1
+                and d.active = 1
+                and p.active = 1
+                and u.username = ?
+            order by 
+                g.order_no,
+                d.order_no 
+        """
+    params = (username,) if "?" in sql else None
+    df = get_list(sql, params)
+    
+    return df
+
 # ---------------------------------------------------------------------------
 #  Credential-Lader für streamlit-authenticator
 # ---------------------------------------------------------------------------