feat: All Pages - Limit to user access rights

This commit is contained in:
NGPixel 2017-04-29 12:28:59 -04:00
parent 8f3a6ed9f3
commit 864a070163
3 changed files with 23 additions and 15 deletions

View File

@ -25,7 +25,7 @@ module.exports = (socket) => {
if (socket.request.user.logged_in) { if (socket.request.user.logged_in) {
socket.on('treeFetch', (data, cb) => { socket.on('treeFetch', (data, cb) => {
cb = cb || _.noop cb = cb || _.noop
entries.getFromTree(data.basePath).then((f) => { entries.getFromTree(data.basePath, socket.request.user).then((f) => {
return cb(f) || true return cb(f) || true
}) })
}) })

View File

@ -300,10 +300,10 @@ module.exports = {
/** /**
* Create a new document * Create a new document
* *
* @param {String} entryPath The entry path * @param {String} entryPath The entry path
* @param {String} contents The markdown-formatted contents * @param {String} contents The markdown-formatted contents
* @param {Object} author The author user object * @param {Object} author The author user object
* @return {Promise<Boolean>} True on success, false on failure * @return {Promise<Boolean>} True on success, false on failure
*/ */
create (entryPath, contents, author) { create (entryPath, contents, author) {
let self = this let self = this
@ -327,10 +327,10 @@ module.exports = {
/** /**
* Makes a document persistent to disk and git repository * Makes a document persistent to disk and git repository
* *
* @param {String} entryPath The entry path * @param {String} entryPath The entry path
* @param {String} contents The markdown-formatted contents * @param {String} contents The markdown-formatted contents
* @param {Object} author The author user object * @param {Object} author The author user object
* @return {Promise<Boolean>} True on success, false on failure * @return {Promise<Boolean>} True on success, false on failure
*/ */
makePersistent (entryPath, contents, author) { makePersistent (entryPath, contents, author) {
let fpath = entryHelper.getFullPath(entryPath) let fpath = entryHelper.getFullPath(entryPath)
@ -343,10 +343,10 @@ module.exports = {
/** /**
* Move a document * Move a document
* *
* @param {String} entryPath The current entry path * @param {String} entryPath The current entry path
* @param {String} newEntryPath The new entry path * @param {String} newEntryPath The new entry path
* @param {Object} author The author user object * @param {Object} author The author user object
* @return {Promise} Promise of the operation * @return {Promise} Promise of the operation
*/ */
move (entryPath, newEntryPath, author) { move (entryPath, newEntryPath, author) {
let self = this let self = this
@ -393,9 +393,15 @@ module.exports = {
* Get all entries from base path * Get all entries from base path
* *
* @param {String} basePath Path to list from * @param {String} basePath Path to list from
* @param {Object} usr Current user
* @return {Promise<Array>} List of entries * @return {Promise<Array>} List of entries
*/ */
getFromTree (basePath) { getFromTree (basePath, usr) {
return db.Entry.find({ parentPath: basePath }, 'title parentPath isDirectory isEntry').sort({ title: 'asc' }) return db.Entry.find({ parentPath: basePath }, 'title parentPath isDirectory isEntry').sort({ title: 'asc' }).then(results => {
return _.filter(results, r => {
console.log(r._id, rights.checkRole(r._id, usr.rights, 'read'))
return rights.checkRole('/' + r._id, usr.rights, 'read')
})
})
} }
} }

View File

@ -58,15 +58,15 @@ module.exports = {
let rt = [] let rt = []
let p = _.chain(req.originalUrl).toLower().trim().value() let p = _.chain(req.originalUrl).toLower().trim().value()
// Load User Rights // Load user rights
if (_.isArray(req.user.rights)) { if (_.isArray(req.user.rights)) {
rt = req.user.rights rt = req.user.rights
} }
// Is admin? // Check rights
if (_.find(rt, { role: 'admin' })) { if (self.checkRole(p, rt, 'admin')) {
perm.read = true perm.read = true
perm.write = true perm.write = true
perm.manage = true perm.manage = true
@ -89,6 +89,8 @@ module.exports = {
* @return {boolean} True if authorized * @return {boolean} True if authorized
*/ */
checkRole (p, rt, role) { checkRole (p, rt, role) {
if (_.find(rt, { role: 'admin' })) { return true }
// Check specific role on path // Check specific role on path
let filteredRights = _.filter(rt, (r) => { let filteredRights = _.filter(rt, (r) => {