feat: add 'can_be_assigned' field to users with updates to user creation, retrieval, and assignment queries

2025-10-09 14:55:11 +02:00
parent 1288fe1cf8
commit cdfc37c273
4 changed files with 71 additions and 11 deletions
--- a/src/lib/queries/projects.js
+++ b/src/lib/queries/projects.js
@@ -148,7 +148,7 @@ export function getAllUsersForAssignment() {
 			`
 		SELECT id, name, username, role 
 		FROM users 
-		WHERE is_active = 1 AND role != 'admin'
+		WHERE is_active = 1 AND can_be_assigned = 1
 		ORDER BY name
 	`
 		)
--- a/src/lib/queries/tasks.js
+++ b/src/lib/queries/tasks.js
@@ -296,7 +296,7 @@ export function getAllUsersForTaskAssignment() {
 			`
 		SELECT id, name, username, role 
 		FROM users 
-		WHERE is_active = 1 AND role != 'admin'
+		WHERE is_active = 1 AND can_be_assigned = 1
 		ORDER BY name ASC
 	`
 		)
--- a/src/lib/userManagement.js
+++ b/src/lib/userManagement.js
@@ -3,7 +3,7 @@ import bcrypt from "bcryptjs"
 import { randomBytes } from "crypto"

 // Create a new user
-export async function createUser({ name, username, password, role = 'user', is_active = true }) {
+export async function createUser({ name, username, password, role = 'user', is_active = true, can_be_assigned = true }) {
  const existingUser = db.prepare("SELECT id FROM users WHERE username = ?").get(username)
  if (existingUser) {
    throw new Error("User with this username already exists")
@@ -13,13 +13,13 @@ export async function createUser({ name, username, password, role = 'user', is_a
  const userId = randomBytes(16).toString('hex')

  const result = db.prepare(`
-    INSERT INTO users (id, name, username, password_hash, role, is_active)
-    VALUES (?, ?, ?, ?, ?, ?)
-  `).run(userId, name, username, passwordHash, role, is_active ? 1 : 0)
+    INSERT INTO users (id, name, username, password_hash, role, is_active, can_be_assigned)
+    VALUES (?, ?, ?, ?, ?, ?, ?)
+  `).run(userId, name, username, passwordHash, role, is_active ? 1 : 0, can_be_assigned ? 1 : 0)

  return db.prepare(`
    SELECT id, name, username, role, created_at, updated_at, last_login, 
-           is_active, failed_login_attempts, locked_until, initial
+           is_active, failed_login_attempts, locked_until, initial, can_be_assigned
    FROM users WHERE id = ?
  `).get(userId)
 }
@@ -28,7 +28,7 @@ export async function createUser({ name, username, password, role = 'user', is_a
 export function getUserById(id) {
  return db.prepare(`
    SELECT id, name, username, password_hash, role, created_at, updated_at, last_login, 
-           is_active, failed_login_attempts, locked_until, initial
+           is_active, failed_login_attempts, locked_until, initial, can_be_assigned
    FROM users WHERE id = ?
  `).get(id)
 }
@@ -45,7 +45,7 @@ export function getUserByUsername(username) {
 export function getAllUsers() {
  return db.prepare(`
    SELECT id, name, username, password_hash, role, created_at, updated_at, last_login, is_active,
-           failed_login_attempts, locked_until, initial
+           failed_login_attempts, locked_until, initial, can_be_assigned
    FROM users 
    ORDER BY created_at DESC
  `).all()
@@ -172,6 +172,11 @@ export async function updateUser(userId, updates) {
    updateValues.push(updates.is_active ? 1 : 0);
  }

+  if (updates.can_be_assigned !== undefined) {
+    updateFields.push("can_be_assigned = ?");
+    updateValues.push(updates.can_be_assigned ? 1 : 0);
+  }
+
  if (updates.initial !== undefined) {
    updateFields.push("initial = ?");
    updateValues.push(updates.initial);
@@ -204,7 +209,7 @@ export async function updateUser(userId, updates) {
  if (result.changes > 0) {
    return db.prepare(`
      SELECT id, name, username, role, created_at, updated_at, last_login, 
-             is_active, failed_login_attempts, locked_until, initial
+             is_active, failed_login_attempts, locked_until, initial, can_be_assigned
      FROM users WHERE id = ?
    `).get(userId);
  }