diff --git a/core/server/api/configuration.js b/core/server/api/configuration.js index 8fc6e72ef3..5302765848 100644 --- a/core/server/api/configuration.js +++ b/core/server/api/configuration.js @@ -1,7 +1,6 @@ // # Configuration API // RESTful API for browsing the configuration var _ = require('lodash'), - canThis = require('../permissions').canThis, config = require('../config'), errors = require('../errors'), parsePackageJson = require('../require-tree').parsePackageJson, @@ -38,18 +37,14 @@ configuration = { * Fetch all configuration keys * @returns {Promise(Configurations)} */ - browse: function browse(options) { - return canThis(options.context).browse.configuration().then(function () { - return getValidKeys().then(function (result) { - return { 'configuration': _.map(result, function (value, key) { - return { - key: key, - value: value - }; - })}; - }); - }, function () { - return Promise.reject(new errors.NoPermissionError('You do not have permission to browse the configuration.')); + browse: function browse() { + return getValidKeys().then(function (result) { + return Promise.resolve({ 'configuration': _.map(result, function (value, key) { + return { + key: key, + value: value + }; + })}); }); }, @@ -58,19 +53,15 @@ configuration = { * */ read: function read(options) { - return canThis(options.context).read.configuration().then(function () { - return getValidKeys().then(function (result) { - if (_.has(result, options.key)) { - return { 'configuration': [{ - key: options.key, - value: result[options.key] - }]}; - } else { - return Promise.reject(new errors.NotFoundError('Invalid key')); - } - }); - }, function () { - return Promise.reject(new errors.NoPermissionError('You do not have permission to read the configuration.')); + return getValidKeys().then(function (result) { + if (_.has(result, options.key)) { + return Promise.resolve({ 'configuration': [{ + key: options.key, + value: result[options.key] + }]}); + } else { + return Promise.reject(new errors.NotFoundError('Invalid key')); + } }); } }; diff --git a/core/server/data/fixtures/permissions/permissions.json b/core/server/data/fixtures/permissions/permissions.json index df9341c82a..a13b5276d5 100644 --- a/core/server/data/fixtures/permissions/permissions.json +++ b/core/server/data/fixtures/permissions/permissions.json @@ -1,15 +1,5 @@ { "permissions": { - "configuration": [ - { - "name": "Browse configuration", - "action_type": "browse" - }, - { - "name": "Read configuration", - "action_type": "read" - } - ], "db": [ { "name": "Export database", @@ -153,7 +143,6 @@ }, "permissions_roles": { "Administrator": { - "configuration": "all", "db": "all", "mail": "all", "notification": "all", @@ -166,7 +155,6 @@ "role": "all" }, "Editor": { - "configuration": "all", "post": "all", "setting": ["browse", "read"], "slug": "all", @@ -176,7 +164,6 @@ "role": "all" }, "Author": { - "configuration": "all", "post": ["browse", "read", "add"], "setting": ["browse", "read"], "slug": "all", diff --git a/core/test/integration/api/api_configuration_spec.js b/core/test/integration/api/api_configuration_spec.js index 62644492b7..834b23b03a 100644 --- a/core/test/integration/api/api_configuration_spec.js +++ b/core/test/integration/api/api_configuration_spec.js @@ -31,8 +31,6 @@ describe('Configuration API', function () { before(testUtils.teardown); afterEach(testUtils.teardown); - beforeEach(testUtils.setup('users','users:roles', 'perms:user', 'perms:role', 'perms:configuration', 'perms:init')); - should.exist(ConfigurationAPI); it('can browse config', function (done) {