mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-02-10 23:36:14 -05:00
Merge pull request #3912 from halfdan/3909-config-api
Remove permissions from configuration API
This commit is contained in:
Hannah Wolfe
commit
e0924f866a
3 changed files with 17 additions and 41 deletions
|
|
@ -1,7 +1,6 @@
|
|||
// # Configuration API
|
||||
// RESTful API for browsing the configuration
|
||||
var _ = require('lodash'),
|
||||
canThis = require('../permissions').canThis,
|
||||
config = require('../config'),
|
||||
errors = require('../errors'),
|
||||
parsePackageJson = require('../require-tree').parsePackageJson,
|
||||
|
|
@ -38,18 +37,14 @@ configuration = {
|
|||
* Fetch all configuration keys
|
||||
* @returns {Promise(Configurations)}
|
||||
*/
|
||||
browse: function browse(options) {
|
||||
return canThis(options.context).browse.configuration().then(function () {
|
||||
return getValidKeys().then(function (result) {
|
||||
return { 'configuration': _.map(result, function (value, key) {
|
||||
return {
|
||||
key: key,
|
||||
value: value
|
||||
};
|
||||
})};
|
||||
});
|
||||
}, function () {
|
||||
return Promise.reject(new errors.NoPermissionError('You do not have permission to browse the configuration.'));
|
||||
browse: function browse() {
|
||||
return getValidKeys().then(function (result) {
|
||||
return Promise.resolve({ 'configuration': _.map(result, function (value, key) {
|
||||
return {
|
||||
key: key,
|
||||
value: value
|
||||
};
|
||||
})});
|
||||
});
|
||||
},
|
||||
|
||||
|
|
@ -58,19 +53,15 @@ configuration = {
|
|||
*
|
||||
*/
|
||||
read: function read(options) {
|
||||
return canThis(options.context).read.configuration().then(function () {
|
||||
return getValidKeys().then(function (result) {
|
||||
if (_.has(result, options.key)) {
|
||||
return { 'configuration': [{
|
||||
key: options.key,
|
||||
value: result[options.key]
|
||||
}]};
|
||||
} else {
|
||||
return Promise.reject(new errors.NotFoundError('Invalid key'));
|
||||
}
|
||||
});
|
||||
}, function () {
|
||||
return Promise.reject(new errors.NoPermissionError('You do not have permission to read the configuration.'));
|
||||
return getValidKeys().then(function (result) {
|
||||
if (_.has(result, options.key)) {
|
||||
return Promise.resolve({ 'configuration': [{
|
||||
key: options.key,
|
||||
value: result[options.key]
|
||||
}]});
|
||||
} else {
|
||||
return Promise.reject(new errors.NotFoundError('Invalid key'));
|
||||
}
|
||||
});
|
||||
}
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,15 +1,5 @@
|
|||
{
|
||||
"permissions": {
|
||||
"configuration": [
|
||||
{
|
||||
"name": "Browse configuration",
|
||||
"action_type": "browse"
|
||||
},
|
||||
{
|
||||
"name": "Read configuration",
|
||||
"action_type": "read"
|
||||
}
|
||||
],
|
||||
"db": [
|
||||
{
|
||||
"name": "Export database",
|
||||
|
|
@ -153,7 +143,6 @@
|
|||
},
|
||||
"permissions_roles": {
|
||||
"Administrator": {
|
||||
"configuration": "all",
|
||||
"db": "all",
|
||||
"mail": "all",
|
||||
"notification": "all",
|
||||
|
|
@ -166,7 +155,6 @@
|
|||
"role": "all"
|
||||
},
|
||||
"Editor": {
|
||||
"configuration": "all",
|
||||
"post": "all",
|
||||
"setting": ["browse", "read"],
|
||||
"slug": "all",
|
||||
|
|
@ -176,7 +164,6 @@
|
|||
"role": "all"
|
||||
},
|
||||
"Author": {
|
||||
"configuration": "all",
|
||||
"post": ["browse", "read", "add"],
|
||||
"setting": ["browse", "read"],
|
||||
"slug": "all",
|
||||
|
|
|
|||
|
|
@ -31,8 +31,6 @@ describe('Configuration API', function () {
|
|||
before(testUtils.teardown);
|
||||
afterEach(testUtils.teardown);
|
||||
|
||||
beforeEach(testUtils.setup('users','users:roles', 'perms:user', 'perms:role', 'perms:configuration', 'perms:init'));
|
||||
|
||||
should.exist(ConfigurationAPI);
|
||||
|
||||
it('can browse config', function (done) {
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue