From c77984e6abe2d561ae83adffd5ac52bf89b8fdd3 Mon Sep 17 00:00:00 2001 From: Ronald Langeveld Date: Tue, 31 Jan 2023 16:40:44 +0800 Subject: [PATCH] Added mentions permissions (#16200) closes https://github.com/TryGhost/Team/issues/2420 - Added user roles and permissions for the mentions admin API. - We only have a `browse` function for our current use case, accessible by `administrator` and `admin integration`. --- ghost/core/core/server/api/endpoints/mentions.js | 2 +- .../5.34/2023-01-30-07-27-add-mentions-permission.js | 10 ++++++++++ .../core/server/data/schema/fixtures/fixtures.json | 11 +++++++++-- .../test/integration/migrations/migration.test.js | 6 ++---- .../data/schema/fixtures/fixture-manager.test.js | 2 +- .../test/unit/server/data/schema/integrity.test.js | 2 +- ghost/core/test/utils/fixtures/fixtures.json | 11 +++++++++-- 7 files changed, 33 insertions(+), 11 deletions(-) create mode 100644 ghost/core/core/server/data/migrations/versions/5.34/2023-01-30-07-27-add-mentions-permission.js diff --git a/ghost/core/core/server/api/endpoints/mentions.js b/ghost/core/core/server/api/endpoints/mentions.js index 8c204a6e66..a6790ff99a 100644 --- a/ghost/core/core/server/api/endpoints/mentions.js +++ b/ghost/core/core/server/api/endpoints/mentions.js @@ -11,7 +11,7 @@ module.exports = { 'page', 'debug' ], - permissions: false, + permissions: true, query(frame) { return mentions.controller.browse(frame); } diff --git a/ghost/core/core/server/data/migrations/versions/5.34/2023-01-30-07-27-add-mentions-permission.js b/ghost/core/core/server/data/migrations/versions/5.34/2023-01-30-07-27-add-mentions-permission.js new file mode 100644 index 0000000000..2159d1b04a --- /dev/null +++ b/ghost/core/core/server/data/migrations/versions/5.34/2023-01-30-07-27-add-mentions-permission.js @@ -0,0 +1,10 @@ +const {addPermissionWithRoles} = require('../../utils'); + +module.exports = addPermissionWithRoles({ + name: 'Browse mentions', + action: 'browse', + object: 'mention' +}, [ + 'Administrator', + 'Admin Integration' +]); diff --git a/ghost/core/core/server/data/schema/fixtures/fixtures.json b/ghost/core/core/server/data/schema/fixtures/fixtures.json index fee638abb2..d1e6d4a071 100644 --- a/ghost/core/core/server/data/schema/fixtures/fixtures.json +++ b/ghost/core/core/server/data/schema/fixtures/fixtures.json @@ -633,6 +633,11 @@ "name": "Edit links", "action_type": "edit", "object_type": "link" + }, + { + "name": "Browse mentions", + "action_type": "browse", + "object_type": "mention" } ] }, @@ -763,7 +768,8 @@ "newsletter": "all", "explore": "read", "comment": "all", - "link": "all" + "link": "all", + "mention": "browse" }, "DB Backup Integration": { "db": "all" @@ -798,7 +804,8 @@ "newsletter": ["browse", "read", "add", "edit"], "explore": "read", "comment": "all", - "link": "all" + "link": "all", + "mention": "browse" }, "Editor": { "notification": "all", diff --git a/ghost/core/test/integration/migrations/migration.test.js b/ghost/core/test/integration/migrations/migration.test.js index fef91de1e0..1076b79fc2 100644 --- a/ghost/core/test/integration/migrations/migration.test.js +++ b/ghost/core/test/integration/migrations/migration.test.js @@ -45,7 +45,7 @@ describe('Database Migration (special functions)', function () { const permissions = this.obj; // If you have to change this number, please add the relevant `havePermission` checks below - permissions.length.should.eql(109); + permissions.length.should.eql(110); permissions.should.havePermission('Export database', ['Administrator', 'DB Backup Integration']); permissions.should.havePermission('Import database', ['Administrator', 'DB Backup Integration']); @@ -181,6 +181,7 @@ describe('Database Migration (special functions)', function () { permissions.should.havePermission('Unlike comments', ['Administrator', 'Admin Integration']); permissions.should.havePermission('Report comments', ['Administrator', 'Admin Integration']); permissions.should.havePermission('Browse links', ['Administrator', 'Admin Integration']); + permissions.should.havePermission('Browse mentions', ['Administrator', 'Admin Integration']); }); describe('Populate', function () { @@ -198,10 +199,7 @@ describe('Database Migration (special functions)', function () { roles: Models.Role.findAll(), permissions: Models.Permission.findAll({withRelated: ['roles']}) }; - return Promise.props(props).then(function (result) { - should.exist(result); - // Post should.exist(result.posts); result.posts.length.should.eql(7); diff --git a/ghost/core/test/unit/server/data/schema/fixtures/fixture-manager.test.js b/ghost/core/test/unit/server/data/schema/fixtures/fixture-manager.test.js index 0e46e6df69..593be98f0f 100644 --- a/ghost/core/test/unit/server/data/schema/fixtures/fixture-manager.test.js +++ b/ghost/core/test/unit/server/data/schema/fixtures/fixture-manager.test.js @@ -198,7 +198,7 @@ describe('Migration Fixture Utils', function () { const rolesAllStub = sinon.stub(models.Role, 'findAll').returns(Promise.resolve(dataMethodStub)); fixtureManager.addFixturesForRelation(fixtures.relations[0]).then(function (result) { - const FIXTURE_COUNT = 96; + const FIXTURE_COUNT = 98; should.exist(result); result.should.be.an.Object(); result.should.have.property('expected', FIXTURE_COUNT); diff --git a/ghost/core/test/unit/server/data/schema/integrity.test.js b/ghost/core/test/unit/server/data/schema/integrity.test.js index 49929414fe..5dd534d626 100644 --- a/ghost/core/test/unit/server/data/schema/integrity.test.js +++ b/ghost/core/test/unit/server/data/schema/integrity.test.js @@ -36,7 +36,7 @@ const validateRouteSettings = require('../../../../../core/server/services/route describe('DB version integrity', function () { // Only these variables should need updating const currentSchemaHash = '8eab51dd80562c92215283df89b0200b'; - const currentFixturesHash = 'f0ccdb0c7eccbc3311e38b5d145ed1db'; + const currentFixturesHash = 'd99d3c2891e79b8662ed6a312490d2fd'; const currentSettingsHash = 'b0c8359b7482e39112e7c5739d43f11b'; const currentRoutesHash = '3d180d52c663d173a6be791ef411ed01'; diff --git a/ghost/core/test/utils/fixtures/fixtures.json b/ghost/core/test/utils/fixtures/fixtures.json index 7094acaeca..929044850e 100644 --- a/ghost/core/test/utils/fixtures/fixtures.json +++ b/ghost/core/test/utils/fixtures/fixtures.json @@ -633,6 +633,11 @@ "name": "Edit links", "action_type": "edit", "object_type": "link" + }, + { + "name": "Browse mentions", + "action_type": "browse", + "object_type": "mention" } ] }, @@ -939,7 +944,8 @@ "newsletter": "all", "explore": "read", "comment": "all", - "link": "all" + "link": "all", + "mention": "browse" }, "DB Backup Integration": { "db": "all" @@ -974,7 +980,8 @@ "newsletter": ["browse", "read", "add", "edit"], "explore": "read", "comment": "all", - "link": "all" + "link": "all", + "mention": "browse" }, "Editor": { "notification": "all",