matthias/dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

featuer change for calendar

Browse Source
This commit is contained in:
Matthias Hochmeister
2026-03-03 09:52:10 +01:00
parent 146f79cf00
commit d9af34b744
11 changed files with 294 additions and 174 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
backend/src/services/events.service.ts
View File

@@ -437,15 +437,6 @@ class EventsService {
/**
* Generates an iCal feed for a given token.
*
* NOTE — Group visibility limitation:
* Groups are issued by Authentik and embedded only in the short-lived JWT.
* They are NOT persisted in the database. For token-based iCal access we
* therefore cannot look up which Authentik groups a user belongs to.
* As a safe fallback this export includes only events where alle_gruppen=TRUE
* (i.e. events intended for everyone). Authenticated users who request the
* .ics directly via Bearer token already get group-filtered results through
* the normal API endpoints.
*
* Returns null if the token is invalid.
*/
async getIcalExport(token: string): Promise<string | null> {
@@ -460,14 +451,24 @@ class EventsService {
if (tokenResult.rows.length === 0) return null;
// Fetch public events: all future events + those that ended in the last 30 days
// Only alle_gruppen=TRUE events — see NOTE above about group limitation
const userId = tokenResult.rows[0].user_id;
// Look up user's Authentik groups from DB for group-filtered event visibility
const userResult = await pool.query(
`SELECT authentik_groups FROM users WHERE id = $1`,
[userId]
);
const userGroups: string[] = userResult.rows[0]?.authentik_groups ?? [];
// Fetch events visible to this user: public events (alle_gruppen=TRUE) or events
// targeting the user's Authentik groups. Includes upcoming events + last 30 days.
const eventsResult = await pool.query(
`SELECT v.id, v.titel, v.beschreibung, v.ort, v.datum_von, v.datum_bis, v.ganztaegig, v.abgesagt
FROM veranstaltungen v
WHERE v.alle_gruppen = TRUE
WHERE (v.alle_gruppen = TRUE OR v.zielgruppen && $1::text[])
AND v.datum_bis >= NOW() - INTERVAL '30 days'
ORDER BY v.datum_von ASC`
ORDER BY v.datum_von ASC`,
[userGroups]
);
const now = new Date();