Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-02-10 23:36:14 -05:00
Code Issues Activity

Remove permissions from configuration API

Browse source 
closes #3909
- Remove permissions from configuration API
- Remove permission setup from integration test
- Remove permissions from permissions.json
This commit is contained in:
Fabian Becker 2014-09-01 19:44:13 +00:00
parent 17f5ce6a2c
commit c0adf5894f
3 changed files with 17 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
core/server/api/configuration.js
View file

@ -1,7 +1,6 @@
// # Configuration API
// RESTful API for browsing the configuration
var _ = require('lodash'),
canThis = require('../permissions').canThis,
config = require('../config'),
errors = require('../errors'),
parsePackageJson = require('../require-tree').parsePackageJson,
@ -38,18 +37,14 @@ configuration = {
* Fetch all configuration keys
* @returns {Promise(Configurations)}
*/
browse: function browse(options) {
return canThis(options.context).browse.configuration().then(function () {
return getValidKeys().then(function (result) {
return { 'configuration': _.map(result, function (value, key) {
return {
key: key,
value: value
};
})};
});
}, function () {
return Promise.reject(new errors.NoPermissionError('You do not have permission to browse the configuration.'));
browse: function browse() {
return getValidKeys().then(function (result) {
return Promise.resolve({ 'configuration': _.map(result, function (value, key) {
return {
key: key,
value: value
};
})});
});
},
@ -58,19 +53,15 @@ configuration = {
*
*/
read: function read(options) {
return canThis(options.context).read.configuration().then(function () {
return getValidKeys().then(function (result) {
if (_.has(result, options.key)) {
return { 'configuration': [{
key: options.key,
value: result[options.key]
}]};
} else {
return Promise.reject(new errors.NotFoundError('Invalid key'));
}
});
}, function () {
return Promise.reject(new errors.NoPermissionError('You do not have permission to read the configuration.'));
return getValidKeys().then(function (result) {
if (_.has(result, options.key)) {
return Promise.resolve({ 'configuration': [{
key: options.key,
value: result[options.key]
}]});
} else {
return Promise.reject(new errors.NotFoundError('Invalid key'));
}
});
}
};

13
core/server/data/fixtures/permissions/permissions.json
View file

@ -1,15 +1,5 @@
{
"permissions": {
"configuration": [
{
"name": "Browse configuration",
"action_type": "browse"
},
{
"name": "Read configuration",
"action_type": "read"
}
],
"db": [
{
"name": "Export database",
@ -153,7 +143,6 @@
},
"permissions_roles": {
"Administrator": {
"configuration": "all",
"db": "all",
"mail": "all",
"notification": "all",
@ -166,7 +155,6 @@
"role": "all"
},
"Editor": {
"configuration": "all",
"post": "all",
"setting": ["browse", "read"],
"slug": "all",
@ -176,7 +164,6 @@
"role": "all"
},
"Author": {
"configuration": "all",
"post": ["browse", "read", "add"],
"setting": ["browse", "read"],
"slug": "all",

2
core/test/integration/api/api_configuration_spec.js
View file

@ -31,8 +31,6 @@ describe('Configuration API', function () {
before(testUtils.teardown);
afterEach(testUtils.teardown);
beforeEach(testUtils.setup('users','users:roles', 'perms:user', 'perms:role', 'perms:configuration', 'perms:init'));
should.exist(ConfigurationAPI);
it('can browse config', function (done) {