Owner has all user permissions

closes #3075
- added special treatment for role with name ‚Owner‘

core/server/permissions/effective.js

@@ -6,13 +6,19 @@ var _ = require('lodash'),
 
 var effective = {
     user: function (id) {
-        return User.findOne({id: id}, { include: ['permissions', 'roles.permissions'] })
+        return User.findOne({id: id}, { include: ['permissions', 'roles', 'roles.permissions'] })
             .then(function (foundUser) {
                 var seenPerms = {},
                     rolePerms = _.map(foundUser.related('roles').models, function (role) {
                         return role.related('permissions').models;
                     }),
-                    allPerms = [];
+                    allPerms = [],
+                    user = foundUser.toJSON();
+
+                // TODO: using 'Owner' as return value is a bit hacky.
+                if (user.roles[0] && user.roles[0].name === 'Owner') {
+                    return 'Owner';
+                }
 
                 rolePerms.push(foundUser.related('permissions').models);
 

core/server/permissions/index.js

@@ -103,10 +103,14 @@ CanThisResult.prototype.buildObjectTypeHandlers = function (obj_types, act_type,
                         // TODO: String vs Int comparison possibility here?
                         return modelId === permObjId;
                     };
-
                 // Check user permissions for matching action, object and id.
                 if (!_.isEmpty(userPermissions)) {
-                    hasUserPermission = _.any(userPermissions, checkPermission);
+                    // TODO: using 'Owner' is a bit hacky.
+                    if (userPermissions === 'Owner') {
+                        hasUserPermission = true;
+                    } else {
+                        hasUserPermission = _.any(userPermissions, checkPermission);
+                    }
                 }
 
                 // Check app permissions if they were passed