mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-02-10 23:36:14 -05:00
Remove permissions from configuration API
closes #3909 - Remove permissions from configuration API - Remove permission setup from integration test - Remove permissions from permissions.json
This commit is contained in:
Fabian Becker
parent
17f5ce6a2c
commit
c0adf5894f
3 changed files with 17 additions and 41 deletions
|
|
@ -1,7 +1,6 @@
|
||||||
// # Configuration API
|
// # Configuration API
|
||||||
// RESTful API for browsing the configuration
|
// RESTful API for browsing the configuration
|
||||||
var _ = require('lodash'),
|
var _ = require('lodash'),
|
||||||
canThis = require('../permissions').canThis,
|
|
||||||
config = require('../config'),
|
config = require('../config'),
|
||||||
errors = require('../errors'),
|
errors = require('../errors'),
|
||||||
parsePackageJson = require('../require-tree').parsePackageJson,
|
parsePackageJson = require('../require-tree').parsePackageJson,
|
||||||
|
|
@ -38,18 +37,14 @@ configuration = {
|
||||||
* Fetch all configuration keys
|
* Fetch all configuration keys
|
||||||
* @returns {Promise(Configurations)}
|
* @returns {Promise(Configurations)}
|
||||||
*/
|
*/
|
||||||
browse: function browse(options) {
|
browse: function browse() {
|
||||||
return canThis(options.context).browse.configuration().then(function () {
|
return getValidKeys().then(function (result) {
|
||||||
return getValidKeys().then(function (result) {
|
return Promise.resolve({ 'configuration': _.map(result, function (value, key) {
|
||||||
return { 'configuration': _.map(result, function (value, key) {
|
return {
|
||||||
return {
|
key: key,
|
||||||
key: key,
|
value: value
|
||||||
value: value
|
};
|
||||||
};
|
})});
|
||||||
})};
|
|
||||||
});
|
|
||||||
}, function () {
|
|
||||||
return Promise.reject(new errors.NoPermissionError('You do not have permission to browse the configuration.'));
|
|
||||||
});
|
});
|
||||||
},
|
},
|
||||||
|
|
||||||
|
|
@ -58,19 +53,15 @@ configuration = {
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
read: function read(options) {
|
read: function read(options) {
|
||||||
return canThis(options.context).read.configuration().then(function () {
|
return getValidKeys().then(function (result) {
|
||||||
return getValidKeys().then(function (result) {
|
if (_.has(result, options.key)) {
|
||||||
if (_.has(result, options.key)) {
|
return Promise.resolve({ 'configuration': [{
|
||||||
return { 'configuration': [{
|
key: options.key,
|
||||||
key: options.key,
|
value: result[options.key]
|
||||||
value: result[options.key]
|
}]});
|
||||||
}]};
|
} else {
|
||||||
} else {
|
return Promise.reject(new errors.NotFoundError('Invalid key'));
|
||||||
return Promise.reject(new errors.NotFoundError('Invalid key'));
|
}
|
||||||
}
|
|
||||||
});
|
|
||||||
}, function () {
|
|
||||||
return Promise.reject(new errors.NoPermissionError('You do not have permission to read the configuration.'));
|
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -1,15 +1,5 @@
|
||||||
{
|
{
|
||||||
"permissions": {
|
"permissions": {
|
||||||
"configuration": [
|
|
||||||
{
|
|
||||||
"name": "Browse configuration",
|
|
||||||
"action_type": "browse"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "Read configuration",
|
|
||||||
"action_type": "read"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"db": [
|
"db": [
|
||||||
{
|
{
|
||||||
"name": "Export database",
|
"name": "Export database",
|
||||||
|
|
@ -153,7 +143,6 @@
|
||||||
},
|
},
|
||||||
"permissions_roles": {
|
"permissions_roles": {
|
||||||
"Administrator": {
|
"Administrator": {
|
||||||
"configuration": "all",
|
|
||||||
"db": "all",
|
"db": "all",
|
||||||
"mail": "all",
|
"mail": "all",
|
||||||
"notification": "all",
|
"notification": "all",
|
||||||
|
|
@ -166,7 +155,6 @@
|
||||||
"role": "all"
|
"role": "all"
|
||||||
},
|
},
|
||||||
"Editor": {
|
"Editor": {
|
||||||
"configuration": "all",
|
|
||||||
"post": "all",
|
"post": "all",
|
||||||
"setting": ["browse", "read"],
|
"setting": ["browse", "read"],
|
||||||
"slug": "all",
|
"slug": "all",
|
||||||
|
|
@ -176,7 +164,6 @@
|
||||||
"role": "all"
|
"role": "all"
|
||||||
},
|
},
|
||||||
"Author": {
|
"Author": {
|
||||||
"configuration": "all",
|
|
||||||
"post": ["browse", "read", "add"],
|
"post": ["browse", "read", "add"],
|
||||||
"setting": ["browse", "read"],
|
"setting": ["browse", "read"],
|
||||||
"slug": "all",
|
"slug": "all",
|
||||||
|
|
|
||||||
|
|
@ -31,8 +31,6 @@ describe('Configuration API', function () {
|
||||||
before(testUtils.teardown);
|
before(testUtils.teardown);
|
||||||
afterEach(testUtils.teardown);
|
afterEach(testUtils.teardown);
|
||||||
|
|
||||||
beforeEach(testUtils.setup('users','users:roles', 'perms:user', 'perms:role', 'perms:configuration', 'perms:init'));
|
|
||||||
|
|
||||||
should.exist(ConfigurationAPI);
|
should.exist(ConfigurationAPI);
|
||||||
|
|
||||||
it('can browse config', function (done) {
|
it('can browse config', function (done) {
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue