mirror of
https://github.com/wassname/talk.git
synced 2026-07-01 02:02:25 +08:00
have function params in the correct order
This commit is contained in:
riley
@@ -6,7 +6,7 @@ import {toggleModal as toggleShortcutModal} from '../actions/moderation';
|
||||
import {fetchConfig} from '../actions/config';
|
||||
import {FullLoading} from '../components/FullLoading';
|
||||
import AdminLogin from '../components/AdminLogin';
|
||||
import roleUtils from 'coral-framework/utils/roles';
|
||||
import {can} from 'coral-framework/utils/roles';
|
||||
|
||||
class LayoutContainer extends Component {
|
||||
componentWillMount () {
|
||||
@@ -36,7 +36,7 @@ class LayoutContainer extends Component {
|
||||
recaptchaPublic={TALK_RECAPTCHA_PUBLIC}
|
||||
errorMessage={loginError} />;
|
||||
}
|
||||
if (roleUtils.canAccessAdmin(user) && loggedIn) {
|
||||
if (can(user, 'ACCESS_ADMIN') && loggedIn) {
|
||||
return <Layout handleLogout={handleLogout} toggleShortcutModal={toggleShortcutModal} {...this.props} />;
|
||||
} else if (loggedIn) {
|
||||
return <p>you do not have permission to see this page.</p>;
|
||||
|
||||
@@ -1,30 +1,29 @@
|
||||
import intersection from 'lodash/intersection';
|
||||
|
||||
const basicRoles = {
|
||||
hasStaffTag: ['ADMIN', 'MODERATOR', 'STAFF']
|
||||
HAS_STAFF_TAG: ['ADMIN', 'MODERATOR', 'STAFF']
|
||||
};
|
||||
|
||||
const queryRoles = {
|
||||
canAccessConfig: ['ADMIN', 'MODERATOR'],
|
||||
canAccessAdmin: ['ADMIN', 'MODERATOR'],
|
||||
canViewUserEmails: ['ADMIN']
|
||||
UPDATE_CONFIG: ['ADMIN', 'MODERATOR'],
|
||||
ACCESS_ADMIN: ['ADMIN', 'MODERATOR'],
|
||||
VIEW_USER_EMAILS: ['ADMIN']
|
||||
};
|
||||
|
||||
const mutationRoles = {
|
||||
canChangeRoles: ['ADMIN'],
|
||||
canModerateComments: ['ADMIN', 'MODERATOR']
|
||||
CHANGE_ROLES: ['ADMIN'],
|
||||
MODERATE_COMMENTS: ['ADMIN', 'MODERATOR']
|
||||
};
|
||||
|
||||
const roles = {...basicRoles, ...queryRoles, ...mutationRoles};
|
||||
|
||||
export const can = (user, perms) => {
|
||||
for (let perm in perms) {
|
||||
export const can = (user, ...perms) => {
|
||||
return perms.every(perm => {
|
||||
const role = roles[perm];
|
||||
if (typeof role === 'undefined') {
|
||||
continue;
|
||||
throw new Error(`${perm} is not a valid role`);
|
||||
}
|
||||
let grant = intersection(role, user.roles).length > 0;
|
||||
return grant;
|
||||
}
|
||||
return false;
|
||||
|
||||
return intersection(role, user.roles).length > 0;
|
||||
});
|
||||
};
|
||||
|
||||
+1
-1
@@ -190,7 +190,7 @@ UserSchema.method('verifyPassword', function(password) {
|
||||
* operation.
|
||||
*/
|
||||
UserSchema.method('can', function(...actions) {
|
||||
return can(this, null, actions);
|
||||
return can(this, null, ...actions);
|
||||
});
|
||||
|
||||
// Create the User model.
|
||||
|
||||
+12
-8
@@ -3,19 +3,21 @@ const queries = require('./queryReducer');
|
||||
const mutations = require('./mutationReducer');
|
||||
|
||||
const reducers = [
|
||||
root.reducer,
|
||||
queries.reducer,
|
||||
mutations.reducer
|
||||
root,
|
||||
queries,
|
||||
mutations
|
||||
];
|
||||
|
||||
// this will make 'reducer' a key in this array. hm.
|
||||
const allPermissions = [...Object.keys(root), ...Object.keys(queries), ...Object.keys(mutations)];
|
||||
|
||||
const findGrant = (user, perms, context, initialState) => {
|
||||
const findGrant = (user, perms, context) => {
|
||||
|
||||
return perms.every(perm => {
|
||||
|
||||
for (let reducer in reducers) {
|
||||
const grant = reducer(user, perm, context, initialState);
|
||||
for (let key in reducers) {
|
||||
const reducer = reducers[key];
|
||||
const grant = reducer.checkRoles(user, perm, context);
|
||||
|
||||
if (grant !== null && typeof grant !== 'undefined') {
|
||||
return grant;
|
||||
@@ -38,12 +40,14 @@ module.exports = (user, context, ...perms) => {
|
||||
|
||||
// make sure all the passed permissions are not typos
|
||||
const missingPerms = perms.filter(perm => {
|
||||
return typeof allPermissions[perm] === 'undefined';
|
||||
return allPermissions.indexOf(perm) === -1;
|
||||
});
|
||||
|
||||
if (missingPerms.length) {
|
||||
|
||||
// not sure if this is working.
|
||||
throw new Error(`${missingPerms.join(' ')} are not valid permissions.`);
|
||||
}
|
||||
|
||||
return findGrant(user, perms, context, null);
|
||||
return findGrant(user, perms, context);
|
||||
};
|
||||
|
||||
@@ -15,7 +15,7 @@ module.exports = {
|
||||
REMOVE_COMMENT_TAG: 'REMOVE_COMMENT_TAG',
|
||||
UPDATE_USER_ROLES: 'UPDATE_USER_ROLES',
|
||||
UPDATE_CONFIG: 'UPDATE_CONFIG',
|
||||
reducer: function (user, perm, context, initialState) {
|
||||
checkRoles: function (user, perm, context) {
|
||||
switch (perm) {
|
||||
case this.CREATE_COMMENT:
|
||||
return true;
|
||||
@@ -40,7 +40,7 @@ module.exports = {
|
||||
case this.UPDATE_CONFIG:
|
||||
return check(user, ['ADMIN', 'MODERATOR']);
|
||||
default:
|
||||
return initialState;
|
||||
break;
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
@@ -10,7 +10,7 @@ module.exports = {
|
||||
SEARCH_NON_NULL_OR_ACCEPTED_COMMENTS: 'SEARCH_NON_NULL_OR_ACCEPTED_COMMENTS',
|
||||
SEARCH_OTHERS_COMMENTS: 'SEARCH_OTHERS_COMMENTS',
|
||||
SEARCH_COMMENT_METRICS: 'SEARCH_COMMENT_METRICS',
|
||||
reducer: function (perm, user, context, initialState) {
|
||||
checkRoles: function (user, perm, context) {
|
||||
switch (perm) {
|
||||
case this.SEARCH_ASSETS:
|
||||
return check(user, ['ADMIN', 'MODERATOR']);
|
||||
@@ -25,7 +25,7 @@ module.exports = {
|
||||
case this.SEARCH_COMMENT_METRICS:
|
||||
return check(user, ['ADMIN', 'MODERATOR']);
|
||||
default:
|
||||
return initialState;
|
||||
break;
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
@@ -1,11 +1,9 @@
|
||||
module.exports = {
|
||||
reducer: function (perm, user, context, initialState) {
|
||||
checkRoles: function (user, perm, context) {
|
||||
|
||||
// this runs before everything
|
||||
if (user.status === 'BANNED') {
|
||||
return false;
|
||||
}
|
||||
|
||||
return initialState;
|
||||
}
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user