Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
Code Issues Activity

Adding and renaming permissions

Browse source 
refs #3283, refs #2739, refs #3096

- Renames permissions which didn't follow bread
- Adds permissions for notifications, mail and tags

Still todo:

- wire up the new permissions where they are needed
- add permissions for roles
This commit is contained in:
Hannah Wolfe 2014-07-15 22:43:22 +01:00
parent d77f61b556
commit ce06ad412a
7 changed files with 140 additions and 75 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
core/server/api/authentication.js
View file

@ -166,7 +166,7 @@ authentication = {
userSettings.push({key: 'description', value: 'Thoughts, stories and ideas by ' + setupUser.name}); userSettings.push({key: 'description', value: 'Thoughts, stories and ideas by ' + setupUser.name});
} }
setupUser = user.toJSON(); setupUser = user.toJSON();
return settings.edit({settings: userSettings}, {context: {user: 1}}); return settings.edit({settings: userSettings}, {context: {user: setupUser.id}});
}).then(function () { }).then(function () {
var message = { var message = {
to: setupUser.email, to: setupUser.email,

4
core/server/api/posts.js
View file

@ -141,7 +141,7 @@ posts = {
add: function add(object, options) { add: function add(object, options) {
options = options || {}; options = options || {};
return canThis(options.context).create.post().then(function () { return canThis(options.context).add.post().then(function () {
return utils.checkObject(object, docName).then(function (checkedPostData) { return utils.checkObject(object, docName).then(function (checkedPostData) {
if (options.include) { if (options.include) {
options.include = prepareInclude(options.include); options.include = prepareInclude(options.include);
@ -172,7 +172,7 @@ posts = {
* @return {Promise(Post)} Deleted Post * @return {Promise(Post)} Deleted Post
*/ */
destroy: function destroy(options) { destroy: function destroy(options) {
return canThis(options.context).remove.post(options.id).then(function () { return canThis(options.context).destroy.post(options.id).then(function () {
var readOptions = _.extend({}, options, {status: 'all'}); var readOptions = _.extend({}, options, {status: 'all'});
return posts.read(readOptions).then(function (result) { return posts.read(readOptions).then(function (result) {
return dataProvider.Post.destroy(options).then(function () { return dataProvider.Post.destroy(options).then(function () {

2
core/server/api/users.js
View file

@ -116,7 +116,7 @@ users = {
* @returns {Promise(User)} * @returns {Promise(User)}
*/ */
destroy: function destroy(options) { destroy: function destroy(options) {
return canThis(options.context).remove.user(options.id).then(function () { return canThis(options.context).destroy.user(options.id).then(function () {
return users.read(options).then(function (result) { return users.read(options).then(function (result) {
return dataProvider.User.destroy(options).then(function () { return dataProvider.User.destroy(options).then(function () {
return result; return result;

170
core/server/data/fixtures/permissions/permissions.json
View file

@ -1,29 +1,5 @@
{ {
"permissions": { "permissions": {
"post": [
{
"name": "Edit posts",
"action_type": "edit"
},
{
"name": "Remove posts",
"action_type": "remove"
},
{
"name": "Create posts",
"action_type": "create"
}
],
"slug": [
{
"name": "Generate post slug",
"action_type": "generate"
},
{
"name": "Generate tag slug",
"action_type": "generate"
}
],
"db": [ "db": [
{ {
"name": "Export database", "name": "Export database",
@ -38,6 +14,100 @@
"action_type": "deleteAllContent" "action_type": "deleteAllContent"
} }
], ],
"mail": [
{
"name": "Send mail",
"action_type": "send"
}
],
"notification": [
{
"name": "Browse notifications",
"action_type": "browse"
},
{
"name": "Add notifications",
"action_type": "add"
},
{
"name": "Delete notifications",
"action_type": "destroy"
}
],
"post": [
{
"name": "Browse posts",
"action_type": "browse"
},
{
"name": "Read posts",
"action_type": "read"
},
{
"name": "Edit posts",
"action_type": "edit"
},
{
"name": "Add posts",
"action_type": "add"
},
{
"name": "Delete posts",
"action_type": "destroy"
}
],
"setting": [
{
"name": "Browse settings",
"action_type": "browse"
},
{
"name": "Read settings",
"action_type": "read"
},
{
"name": "Edit settings",
"action_type": "edit"
}
],
"slug": [
{
"name": "Generate slugs",
"action_type": "generate"
}
],
"tag": [
{
"name": "Browse tags",
"action_type": "browse"
},
{
"name": "Read tags",
"action_type": "read"
},
{
"name": "Edit tags",
"action_type": "edit"
},
{
"name": "Add tags",
"action_type": "add"
},
{
"name": "Delete tags",
"action_type": "destroy"
}
],
"theme": [
{
"name": "Browse themes",
"action_type": "browse"
},
{
"name": "Edit themes",
"action_type": "edit"
}
],
"user": [ "user": [
{ {
"name": "Browse users", "name": "Browse users",
@ -56,55 +126,37 @@
"action_type": "add" "action_type": "add"
}, },
{ {
"name": "Remove users", "name": "Delete users",
"action_type": "remove" "action_type": "destroy"
}
],
"setting": [
{
"name": "Browse settings",
"action_type": "browse"
},
{
"name": "Read settings",
"action_type": "read"
},
{
"name": "Edit settings",
"action_type": "edit"
}
],
"theme": [
{
"name": "Browse themes",
"action_type": "browse"
},
{
"name": "Edit themes",
"action_type": "edit"
} }
] ]
}, },
"permissions_roles": { "permissions_roles": {
"Administrator": { "Administrator": {
"post": "all",
"slug": "all",
"db": "all", "db": "all",
"user": "all", "mail": "all",
"notification": "all",
"post": "all",
"setting": "all", "setting": "all",
"theme": "all" "slug": "all",
"tag": "all",
"theme": "all",
"user": "all"
}, },
"Editor": { "Editor": {
"post": "all", "post": "all",
"setting": ["browse", "read"],
"slug": "all", "slug": "all",
"user": "all", "tag": "all",
"setting": ["browse", "read"] "user": "all"
}, },
"Author": { "Author": {
"post": ["add"], "post": ["browse", "read", "add"],
"setting": ["browse", "read"],
"slug": "all", "slug": "all",
"user": ["browse", "read"], "tag": ["browse", "read", "add"],
"setting": ["browse", "read"] "user": ["browse", "read"]
} }
} }
} }

2
core/server/models/settings.js
View file

@ -135,6 +135,7 @@ Settings = ghostBookshelf.Model.extend({
}, },
populateDefault: function (key) { populateDefault: function (key) {
if (!getDefaultSettings()[key]) { if (!getDefaultSettings()[key]) {
return when.reject(new errors.NotFoundError('Unable to find default setting: ' + key)); return when.reject(new errors.NotFoundError('Unable to find default setting: ' + key));
} }
@ -142,6 +143,7 @@ Settings = ghostBookshelf.Model.extend({
// TOOD: databaseVersion and currentVersion special cases? // TOOD: databaseVersion and currentVersion special cases?
this.findOne({ key: key }).then(function (foundSetting) { this.findOne({ key: key }).then(function (foundSetting) {
if (foundSetting) { if (foundSetting) {
return foundSetting; return foundSetting;
} }

6
core/test/unit/permissions_spec.js
View file

@ -43,8 +43,8 @@ describe('Permissions', function () {
{ act: 'add', obj: 'post' }, { act: 'add', obj: 'post' },
{ act: 'add', obj: 'user' }, { act: 'add', obj: 'user' },
{ act: 'add', obj: 'page' }, { act: 'add', obj: 'page' },
{ act: 'remove', obj: 'post' }, { act: 'destroy', obj: 'post' },
{ act: 'remove', obj: 'user' } { act: 'destroy', obj: 'user' }
], ],
currTestPermId = 1, currTestPermId = 1,
@ -397,7 +397,7 @@ describe('Permissions', function () {
done(); done();
}) })
.catch(function () { .catch(function () {
done(new Error('Allowed an edit of post 1')); done(new Error('Did not allow an edit of post 1'));
}); });
}); });

29
core/test/utils/index.js
View file

@ -5,7 +5,7 @@ var knex = require('../../server/models/base').knex,
_ = require('lodash'), _ = require('lodash'),
fs = require('fs-extra'), fs = require('fs-extra'),
path = require('path'), path = require('path'),
migration = require("../../server/data/migration/"), migration = require('../../server/data/migration/'),
DataGenerator = require('./fixtures/data-generator'), DataGenerator = require('./fixtures/data-generator'),
API = require('./api'), API = require('./api'),
fork = require('./fork'); fork = require('./fork');
@ -126,14 +126,25 @@ function insertDefaultApp() {
apps.push(DataGenerator.forKnex.createApp(DataGenerator.Content.apps[0])); apps.push(DataGenerator.forKnex.createApp(DataGenerator.Content.apps[0]));
return knex('apps') return knex('permissions')
.insert(apps) .select('id')
.then(function () { .where('object_type', 'post')
return knex('permissions_apps') .andWhere('action_type', 'edit')
.insert({ .then(function (result) {
app_id: 1, var permission_id = result[0].id;
permission_id: 1 if (permission_id) {
}); return knex('apps')
.insert(apps)
.then(function () {
return knex('permissions_apps')
.insert({
app_id: 1,
permission_id: permission_id
});
});
}
throw new Error('Permissions not created');
}); });
} }