2014-05-15 10:38:02 -04:00
|
|
|
|
|
|
|
|
'use strict';
|
|
|
|
|
|
2019-07-20 22:12:22 -04:00
|
|
|
const _ = require('lodash');
|
2014-05-15 10:38:02 -04:00
|
|
|
|
2019-07-20 22:12:22 -04:00
|
|
|
const categories = require('../categories');
|
|
|
|
|
const user = require('../user');
|
|
|
|
|
const groups = require('../groups');
|
|
|
|
|
const helpers = require('./helpers');
|
|
|
|
|
const plugins = require('../plugins');
|
|
|
|
|
const utils = require('../utils');
|
2014-05-15 10:38:02 -04:00
|
|
|
|
2021-02-24 18:10:34 -05:00
|
|
|
const privsCategories = module.exports;
|
|
|
|
|
|
Webpack5 (#10311)
* feat: webpack 5 part 1
* fix: gruntfile fixes
* fix: fix taskbar warning
add app.importScript
copy public/src/modules to build folder
* refactor: remove commented old code
* feat: reenable admin
* fix: acp settings pages, fix sortable on manage categories
embedded require in html not allowed
* fix: bundle serialize/deserizeli so plugins dont break
* test: fixe util tests
* test: fix require path
* test: more test fixes
* test: require correct utils module
* test: require correct utils
* test: log stack
* test: fix db require blowing up tests
* test: move and disable bundle test
* refactor: add aliases
* test: disable testing route
* fix: move webpack modules necessary for build, into `dependencies`
* test: fix one more test
remove 500-embed.tpl
* fix: restore use of assets/nodebb.min.js, at least for now
* fix: remove unnecessary line break
* fix: point to proper ACP bundle
* test: maybe fix build test
* test: composer
* refactor: dont need dist
* refactor: more cleanup
use everything from build/public folder
* get rid of conditional import in app.js
* fix: ace
* refactor: cropper alias
* test: lint and test fixes
* lint: fix
* refactor: rename function to app.require
* refactor: go back to using app.require
* chore: use github branch
* chore: use webpack branch
* feat: webpack webinstaller
* feat: add chunkFile name with contenthash
* refactor: move hooks to top
* refactor: get rid of template500Function
* fix(deps): use webpack5 branch of 2factor plugin
* chore: tagging v2.0.0-beta.0 pre-release version :boom: :shipit: :tada: :rocket:
* refactor: disable cache on templates
loadTemplate is called once by benchpress and the result is cache internally
* refactor: add server side helpers.js
* feat: deprecate /plugins shorthand route, closes #10343
* refactor: use build/public for webpack
* test: fix filename
* fix: more specific selector
* lint: ignore
* refactor: fix comments
* test: add debug for random failing test
* refactor: cleanup
remove test page, remove dupe functions in utils.common
* lint: use relative path for now
* chore: bump prerelease version
* feat: add translateKeys
* fix: optional params
* fix: get rid of extra timeago files
* refactor: cleanup, require timeago locale earlier
remove translator.prepareDOM, it is in header.tpl html tag
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels (#10378)
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels
- Existing hooks are preserved (to be deprecated at a later date, possibly)
- New init hooks are called on NodeBB start, and provide a one-stop shop to add new privileges, instead of having to add to four different hooks
* docs: fix typo in comment
* test: spec changes
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels (#10378)
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels
- Existing hooks are preserved (to be deprecated at a later date, possibly)
- New init hooks are called on NodeBB start, and provide a one-stop shop to add new privileges, instead of having to add to four different hooks
* docs: fix typo in comment
* test: spec changes
* feat: allow app.require('bootbox'/'benchpressjs')
* refactor: require server side utils
* test: jquery ready
* change istaller to use build/public
* test: use document.addEventListener
* refactor: closes #10301
* refactor: generateTopicClass
* fix: column counts for other privileges
* fix: #10443, regression where sorted-list items did not render into the DOM in the predicted order [breaking]
* fix: typo in hook name
* refactor: introduce a generic autocomplete.init() method that can be called to add nodebb-style autocompletion but using different data sources (e.g. not user/groups/tags)
* fix: crash if `delay` not passed in (as it cannot be destructured)
* refactor: replace substr
* feat: set --panel-offset style in html element based on stored value in localStorage
* refactor: addDropupHandler() logic to be less naive
- Take into account height of the menu
- Don't apply dropUp logic if there's nothing in the dropdown
- Remove 'hidden' class (added by default in Persona for post tools) when menu items are added
closes #10423
* refactor: simplify utils.params [breaking]
Retrospective analysis of the usage of this method suggests that the options passed in are superfluous, and that only `url` is required. Using a browser built-in makes more sense to accomplish what this method sets out to do.
* feat: add support for returning full URLSearchParams for utils.params
* fix: utils.params() fallback handling
* fix: default empty obj for params()
* fix: remove \'loggedin\' and \'register\' qs parameters once they have been used, delay invocation of messages until ajaxify.end
* fix: utils.params() not allowing relative paths to be passed in
* refactor(DRY): new assertPasswordValidity utils method
* fix: incorrect error message returned on insufficient privilege on flag edit
* fix: read/update/delete access to flags API should be limited for moderators to only post flags in categories they moderate
- added failing tests and patched up middleware.assert.flags to fix
* refactor: flag api v3 tests to create new post and flags on every round
* fix: missing error:no-flag language key
* refactor: flags.canView to check flag existence, simplify middleware.assert.flag
* feat: flag deletion API endpoint, #10426
* feat: UI for flag deletion, closes #10426
* chore: update plugin versions
* chore: up emoji
* chore: update markdown
* chore: up emoji-android
* fix: regression caused by utils.params() refactor, supports arrays and pipes all values through utils.toType, adjusts tests to type check
Co-authored-by: Julian Lam <julian@nodebb.org>
2022-04-29 21:39:33 -04:00
|
|
|
/**
|
|
|
|
|
* Looking to add a new category privilege via plugin/theme? Attach a hook to
|
|
|
|
|
* `static:privileges.category.init` and call .set() on the privilege map passed
|
|
|
|
|
* in to your listener.
|
|
|
|
|
*/
|
|
|
|
|
const _privilegeMap = new Map([
|
|
|
|
|
['find', { label: '[[admin/manage/privileges:find-category]]' }],
|
|
|
|
|
['read', { label: '[[admin/manage/privileges:access-category]]' }],
|
|
|
|
|
['topics:read', { label: '[[admin/manage/privileges:access-topics]]' }],
|
|
|
|
|
['topics:create', { label: '[[admin/manage/privileges:create-topics]]' }],
|
|
|
|
|
['topics:reply', { label: '[[admin/manage/privileges:reply-to-topics]]' }],
|
|
|
|
|
['topics:schedule', { label: '[[admin/manage/privileges:schedule-topics]]' }],
|
|
|
|
|
['topics:tag', { label: '[[admin/manage/privileges:tag-topics]]' }],
|
|
|
|
|
['posts:edit', { label: '[[admin/manage/privileges:edit-posts]]' }],
|
|
|
|
|
['posts:history', { label: '[[admin/manage/privileges:view-edit-history]]' }],
|
|
|
|
|
['posts:delete', { label: '[[admin/manage/privileges:delete-posts]]' }],
|
|
|
|
|
['posts:upvote', { label: '[[admin/manage/privileges:upvote-posts]]' }],
|
|
|
|
|
['posts:downvote', { label: '[[admin/manage/privileges:downvote-posts]]' }],
|
|
|
|
|
['topics:delete', { label: '[[admin/manage/privileges:delete-topics]]' }],
|
|
|
|
|
['posts:view_deleted', { label: '[[admin/manage/privileges:view_deleted]]' }],
|
|
|
|
|
['purge', { label: '[[admin/manage/privileges:purge]]' }],
|
|
|
|
|
['moderate', { label: '[[admin/manage/privileges:moderate]]' }],
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
privsCategories.getUserPrivilegeList = async () => await plugins.hooks.fire('filter:privileges.list', Array.from(_privilegeMap.keys()));
|
|
|
|
|
privsCategories.getGroupPrivilegeList = async () => await plugins.hooks.fire('filter:privileges.groups.list', Array.from(_privilegeMap.keys()).map(privilege => `groups:${privilege}`));
|
2021-09-11 16:43:48 -04:00
|
|
|
privsCategories.getPrivilegeList = async () => {
|
|
|
|
|
const [user, group] = await Promise.all([
|
|
|
|
|
privsCategories.getUserPrivilegeList(),
|
|
|
|
|
privsCategories.getGroupPrivilegeList(),
|
|
|
|
|
]);
|
|
|
|
|
return user.concat(group);
|
|
|
|
|
};
|
|
|
|
|
|
Webpack5 (#10311)
* feat: webpack 5 part 1
* fix: gruntfile fixes
* fix: fix taskbar warning
add app.importScript
copy public/src/modules to build folder
* refactor: remove commented old code
* feat: reenable admin
* fix: acp settings pages, fix sortable on manage categories
embedded require in html not allowed
* fix: bundle serialize/deserizeli so plugins dont break
* test: fixe util tests
* test: fix require path
* test: more test fixes
* test: require correct utils module
* test: require correct utils
* test: log stack
* test: fix db require blowing up tests
* test: move and disable bundle test
* refactor: add aliases
* test: disable testing route
* fix: move webpack modules necessary for build, into `dependencies`
* test: fix one more test
remove 500-embed.tpl
* fix: restore use of assets/nodebb.min.js, at least for now
* fix: remove unnecessary line break
* fix: point to proper ACP bundle
* test: maybe fix build test
* test: composer
* refactor: dont need dist
* refactor: more cleanup
use everything from build/public folder
* get rid of conditional import in app.js
* fix: ace
* refactor: cropper alias
* test: lint and test fixes
* lint: fix
* refactor: rename function to app.require
* refactor: go back to using app.require
* chore: use github branch
* chore: use webpack branch
* feat: webpack webinstaller
* feat: add chunkFile name with contenthash
* refactor: move hooks to top
* refactor: get rid of template500Function
* fix(deps): use webpack5 branch of 2factor plugin
* chore: tagging v2.0.0-beta.0 pre-release version :boom: :shipit: :tada: :rocket:
* refactor: disable cache on templates
loadTemplate is called once by benchpress and the result is cache internally
* refactor: add server side helpers.js
* feat: deprecate /plugins shorthand route, closes #10343
* refactor: use build/public for webpack
* test: fix filename
* fix: more specific selector
* lint: ignore
* refactor: fix comments
* test: add debug for random failing test
* refactor: cleanup
remove test page, remove dupe functions in utils.common
* lint: use relative path for now
* chore: bump prerelease version
* feat: add translateKeys
* fix: optional params
* fix: get rid of extra timeago files
* refactor: cleanup, require timeago locale earlier
remove translator.prepareDOM, it is in header.tpl html tag
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels (#10378)
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels
- Existing hooks are preserved (to be deprecated at a later date, possibly)
- New init hooks are called on NodeBB start, and provide a one-stop shop to add new privileges, instead of having to add to four different hooks
* docs: fix typo in comment
* test: spec changes
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels (#10378)
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels
- Existing hooks are preserved (to be deprecated at a later date, possibly)
- New init hooks are called on NodeBB start, and provide a one-stop shop to add new privileges, instead of having to add to four different hooks
* docs: fix typo in comment
* test: spec changes
* feat: allow app.require('bootbox'/'benchpressjs')
* refactor: require server side utils
* test: jquery ready
* change istaller to use build/public
* test: use document.addEventListener
* refactor: closes #10301
* refactor: generateTopicClass
* fix: column counts for other privileges
* fix: #10443, regression where sorted-list items did not render into the DOM in the predicted order [breaking]
* fix: typo in hook name
* refactor: introduce a generic autocomplete.init() method that can be called to add nodebb-style autocompletion but using different data sources (e.g. not user/groups/tags)
* fix: crash if `delay` not passed in (as it cannot be destructured)
* refactor: replace substr
* feat: set --panel-offset style in html element based on stored value in localStorage
* refactor: addDropupHandler() logic to be less naive
- Take into account height of the menu
- Don't apply dropUp logic if there's nothing in the dropdown
- Remove 'hidden' class (added by default in Persona for post tools) when menu items are added
closes #10423
* refactor: simplify utils.params [breaking]
Retrospective analysis of the usage of this method suggests that the options passed in are superfluous, and that only `url` is required. Using a browser built-in makes more sense to accomplish what this method sets out to do.
* feat: add support for returning full URLSearchParams for utils.params
* fix: utils.params() fallback handling
* fix: default empty obj for params()
* fix: remove \'loggedin\' and \'register\' qs parameters once they have been used, delay invocation of messages until ajaxify.end
* fix: utils.params() not allowing relative paths to be passed in
* refactor(DRY): new assertPasswordValidity utils method
* fix: incorrect error message returned on insufficient privilege on flag edit
* fix: read/update/delete access to flags API should be limited for moderators to only post flags in categories they moderate
- added failing tests and patched up middleware.assert.flags to fix
* refactor: flag api v3 tests to create new post and flags on every round
* fix: missing error:no-flag language key
* refactor: flags.canView to check flag existence, simplify middleware.assert.flag
* feat: flag deletion API endpoint, #10426
* feat: UI for flag deletion, closes #10426
* chore: update plugin versions
* chore: up emoji
* chore: update markdown
* chore: up emoji-android
* fix: regression caused by utils.params() refactor, supports arrays and pipes all values through utils.toType, adjusts tests to type check
Co-authored-by: Julian Lam <julian@nodebb.org>
2022-04-29 21:39:33 -04:00
|
|
|
privsCategories.init = async () => {
|
|
|
|
|
await plugins.hooks.fire('static:privileges.categories.init', {
|
|
|
|
|
privileges: _privilegeMap,
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
2021-02-24 18:10:34 -05:00
|
|
|
// Method used in admin/category controller to show all users/groups with privs in that given cid
|
|
|
|
|
privsCategories.list = async function (cid) {
|
Webpack5 (#10311)
* feat: webpack 5 part 1
* fix: gruntfile fixes
* fix: fix taskbar warning
add app.importScript
copy public/src/modules to build folder
* refactor: remove commented old code
* feat: reenable admin
* fix: acp settings pages, fix sortable on manage categories
embedded require in html not allowed
* fix: bundle serialize/deserizeli so plugins dont break
* test: fixe util tests
* test: fix require path
* test: more test fixes
* test: require correct utils module
* test: require correct utils
* test: log stack
* test: fix db require blowing up tests
* test: move and disable bundle test
* refactor: add aliases
* test: disable testing route
* fix: move webpack modules necessary for build, into `dependencies`
* test: fix one more test
remove 500-embed.tpl
* fix: restore use of assets/nodebb.min.js, at least for now
* fix: remove unnecessary line break
* fix: point to proper ACP bundle
* test: maybe fix build test
* test: composer
* refactor: dont need dist
* refactor: more cleanup
use everything from build/public folder
* get rid of conditional import in app.js
* fix: ace
* refactor: cropper alias
* test: lint and test fixes
* lint: fix
* refactor: rename function to app.require
* refactor: go back to using app.require
* chore: use github branch
* chore: use webpack branch
* feat: webpack webinstaller
* feat: add chunkFile name with contenthash
* refactor: move hooks to top
* refactor: get rid of template500Function
* fix(deps): use webpack5 branch of 2factor plugin
* chore: tagging v2.0.0-beta.0 pre-release version :boom: :shipit: :tada: :rocket:
* refactor: disable cache on templates
loadTemplate is called once by benchpress and the result is cache internally
* refactor: add server side helpers.js
* feat: deprecate /plugins shorthand route, closes #10343
* refactor: use build/public for webpack
* test: fix filename
* fix: more specific selector
* lint: ignore
* refactor: fix comments
* test: add debug for random failing test
* refactor: cleanup
remove test page, remove dupe functions in utils.common
* lint: use relative path for now
* chore: bump prerelease version
* feat: add translateKeys
* fix: optional params
* fix: get rid of extra timeago files
* refactor: cleanup, require timeago locale earlier
remove translator.prepareDOM, it is in header.tpl html tag
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels (#10378)
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels
- Existing hooks are preserved (to be deprecated at a later date, possibly)
- New init hooks are called on NodeBB start, and provide a one-stop shop to add new privileges, instead of having to add to four different hooks
* docs: fix typo in comment
* test: spec changes
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels (#10378)
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels
- Existing hooks are preserved (to be deprecated at a later date, possibly)
- New init hooks are called on NodeBB start, and provide a one-stop shop to add new privileges, instead of having to add to four different hooks
* docs: fix typo in comment
* test: spec changes
* feat: allow app.require('bootbox'/'benchpressjs')
* refactor: require server side utils
* test: jquery ready
* change istaller to use build/public
* test: use document.addEventListener
* refactor: closes #10301
* refactor: generateTopicClass
* fix: column counts for other privileges
* fix: #10443, regression where sorted-list items did not render into the DOM in the predicted order [breaking]
* fix: typo in hook name
* refactor: introduce a generic autocomplete.init() method that can be called to add nodebb-style autocompletion but using different data sources (e.g. not user/groups/tags)
* fix: crash if `delay` not passed in (as it cannot be destructured)
* refactor: replace substr
* feat: set --panel-offset style in html element based on stored value in localStorage
* refactor: addDropupHandler() logic to be less naive
- Take into account height of the menu
- Don't apply dropUp logic if there's nothing in the dropdown
- Remove 'hidden' class (added by default in Persona for post tools) when menu items are added
closes #10423
* refactor: simplify utils.params [breaking]
Retrospective analysis of the usage of this method suggests that the options passed in are superfluous, and that only `url` is required. Using a browser built-in makes more sense to accomplish what this method sets out to do.
* feat: add support for returning full URLSearchParams for utils.params
* fix: utils.params() fallback handling
* fix: default empty obj for params()
* fix: remove \'loggedin\' and \'register\' qs parameters once they have been used, delay invocation of messages until ajaxify.end
* fix: utils.params() not allowing relative paths to be passed in
* refactor(DRY): new assertPasswordValidity utils method
* fix: incorrect error message returned on insufficient privilege on flag edit
* fix: read/update/delete access to flags API should be limited for moderators to only post flags in categories they moderate
- added failing tests and patched up middleware.assert.flags to fix
* refactor: flag api v3 tests to create new post and flags on every round
* fix: missing error:no-flag language key
* refactor: flags.canView to check flag existence, simplify middleware.assert.flag
* feat: flag deletion API endpoint, #10426
* feat: UI for flag deletion, closes #10426
* chore: update plugin versions
* chore: up emoji
* chore: update markdown
* chore: up emoji-android
* fix: regression caused by utils.params() refactor, supports arrays and pipes all values through utils.toType, adjusts tests to type check
Co-authored-by: Julian Lam <julian@nodebb.org>
2022-04-29 21:39:33 -04:00
|
|
|
let labels = Array.from(_privilegeMap.values()).map(data => data.label);
|
|
|
|
|
labels = await utils.promiseParallel({
|
|
|
|
|
users: plugins.hooks.fire('filter:privileges.list_human', labels.slice()),
|
|
|
|
|
groups: plugins.hooks.fire('filter:privileges.groups.list_human', labels.slice()),
|
2021-03-12 14:22:16 -05:00
|
|
|
});
|
2021-02-24 18:10:34 -05:00
|
|
|
|
|
|
|
|
const keys = await utils.promiseParallel({
|
Webpack5 (#10311)
* feat: webpack 5 part 1
* fix: gruntfile fixes
* fix: fix taskbar warning
add app.importScript
copy public/src/modules to build folder
* refactor: remove commented old code
* feat: reenable admin
* fix: acp settings pages, fix sortable on manage categories
embedded require in html not allowed
* fix: bundle serialize/deserizeli so plugins dont break
* test: fixe util tests
* test: fix require path
* test: more test fixes
* test: require correct utils module
* test: require correct utils
* test: log stack
* test: fix db require blowing up tests
* test: move and disable bundle test
* refactor: add aliases
* test: disable testing route
* fix: move webpack modules necessary for build, into `dependencies`
* test: fix one more test
remove 500-embed.tpl
* fix: restore use of assets/nodebb.min.js, at least for now
* fix: remove unnecessary line break
* fix: point to proper ACP bundle
* test: maybe fix build test
* test: composer
* refactor: dont need dist
* refactor: more cleanup
use everything from build/public folder
* get rid of conditional import in app.js
* fix: ace
* refactor: cropper alias
* test: lint and test fixes
* lint: fix
* refactor: rename function to app.require
* refactor: go back to using app.require
* chore: use github branch
* chore: use webpack branch
* feat: webpack webinstaller
* feat: add chunkFile name with contenthash
* refactor: move hooks to top
* refactor: get rid of template500Function
* fix(deps): use webpack5 branch of 2factor plugin
* chore: tagging v2.0.0-beta.0 pre-release version :boom: :shipit: :tada: :rocket:
* refactor: disable cache on templates
loadTemplate is called once by benchpress and the result is cache internally
* refactor: add server side helpers.js
* feat: deprecate /plugins shorthand route, closes #10343
* refactor: use build/public for webpack
* test: fix filename
* fix: more specific selector
* lint: ignore
* refactor: fix comments
* test: add debug for random failing test
* refactor: cleanup
remove test page, remove dupe functions in utils.common
* lint: use relative path for now
* chore: bump prerelease version
* feat: add translateKeys
* fix: optional params
* fix: get rid of extra timeago files
* refactor: cleanup, require timeago locale earlier
remove translator.prepareDOM, it is in header.tpl html tag
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels (#10378)
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels
- Existing hooks are preserved (to be deprecated at a later date, possibly)
- New init hooks are called on NodeBB start, and provide a one-stop shop to add new privileges, instead of having to add to four different hooks
* docs: fix typo in comment
* test: spec changes
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels (#10378)
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels
- Existing hooks are preserved (to be deprecated at a later date, possibly)
- New init hooks are called on NodeBB start, and provide a one-stop shop to add new privileges, instead of having to add to four different hooks
* docs: fix typo in comment
* test: spec changes
* feat: allow app.require('bootbox'/'benchpressjs')
* refactor: require server side utils
* test: jquery ready
* change istaller to use build/public
* test: use document.addEventListener
* refactor: closes #10301
* refactor: generateTopicClass
* fix: column counts for other privileges
* fix: #10443, regression where sorted-list items did not render into the DOM in the predicted order [breaking]
* fix: typo in hook name
* refactor: introduce a generic autocomplete.init() method that can be called to add nodebb-style autocompletion but using different data sources (e.g. not user/groups/tags)
* fix: crash if `delay` not passed in (as it cannot be destructured)
* refactor: replace substr
* feat: set --panel-offset style in html element based on stored value in localStorage
* refactor: addDropupHandler() logic to be less naive
- Take into account height of the menu
- Don't apply dropUp logic if there's nothing in the dropdown
- Remove 'hidden' class (added by default in Persona for post tools) when menu items are added
closes #10423
* refactor: simplify utils.params [breaking]
Retrospective analysis of the usage of this method suggests that the options passed in are superfluous, and that only `url` is required. Using a browser built-in makes more sense to accomplish what this method sets out to do.
* feat: add support for returning full URLSearchParams for utils.params
* fix: utils.params() fallback handling
* fix: default empty obj for params()
* fix: remove \'loggedin\' and \'register\' qs parameters once they have been used, delay invocation of messages until ajaxify.end
* fix: utils.params() not allowing relative paths to be passed in
* refactor(DRY): new assertPasswordValidity utils method
* fix: incorrect error message returned on insufficient privilege on flag edit
* fix: read/update/delete access to flags API should be limited for moderators to only post flags in categories they moderate
- added failing tests and patched up middleware.assert.flags to fix
* refactor: flag api v3 tests to create new post and flags on every round
* fix: missing error:no-flag language key
* refactor: flags.canView to check flag existence, simplify middleware.assert.flag
* feat: flag deletion API endpoint, #10426
* feat: UI for flag deletion, closes #10426
* chore: update plugin versions
* chore: up emoji
* chore: update markdown
* chore: up emoji-android
* fix: regression caused by utils.params() refactor, supports arrays and pipes all values through utils.toType, adjusts tests to type check
Co-authored-by: Julian Lam <julian@nodebb.org>
2022-04-29 21:39:33 -04:00
|
|
|
users: privsCategories.getUserPrivilegeList(),
|
|
|
|
|
groups: privsCategories.getGroupPrivilegeList(),
|
2021-02-24 18:10:34 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
const payload = await utils.promiseParallel({
|
2021-03-12 14:22:16 -05:00
|
|
|
labels,
|
2021-02-24 18:10:34 -05:00
|
|
|
users: helpers.getUserPrivileges(cid, keys.users),
|
|
|
|
|
groups: helpers.getGroupPrivileges(cid, keys.groups),
|
|
|
|
|
});
|
|
|
|
|
payload.keys = keys;
|
|
|
|
|
|
Webpack5 (#10311)
* feat: webpack 5 part 1
* fix: gruntfile fixes
* fix: fix taskbar warning
add app.importScript
copy public/src/modules to build folder
* refactor: remove commented old code
* feat: reenable admin
* fix: acp settings pages, fix sortable on manage categories
embedded require in html not allowed
* fix: bundle serialize/deserizeli so plugins dont break
* test: fixe util tests
* test: fix require path
* test: more test fixes
* test: require correct utils module
* test: require correct utils
* test: log stack
* test: fix db require blowing up tests
* test: move and disable bundle test
* refactor: add aliases
* test: disable testing route
* fix: move webpack modules necessary for build, into `dependencies`
* test: fix one more test
remove 500-embed.tpl
* fix: restore use of assets/nodebb.min.js, at least for now
* fix: remove unnecessary line break
* fix: point to proper ACP bundle
* test: maybe fix build test
* test: composer
* refactor: dont need dist
* refactor: more cleanup
use everything from build/public folder
* get rid of conditional import in app.js
* fix: ace
* refactor: cropper alias
* test: lint and test fixes
* lint: fix
* refactor: rename function to app.require
* refactor: go back to using app.require
* chore: use github branch
* chore: use webpack branch
* feat: webpack webinstaller
* feat: add chunkFile name with contenthash
* refactor: move hooks to top
* refactor: get rid of template500Function
* fix(deps): use webpack5 branch of 2factor plugin
* chore: tagging v2.0.0-beta.0 pre-release version :boom: :shipit: :tada: :rocket:
* refactor: disable cache on templates
loadTemplate is called once by benchpress and the result is cache internally
* refactor: add server side helpers.js
* feat: deprecate /plugins shorthand route, closes #10343
* refactor: use build/public for webpack
* test: fix filename
* fix: more specific selector
* lint: ignore
* refactor: fix comments
* test: add debug for random failing test
* refactor: cleanup
remove test page, remove dupe functions in utils.common
* lint: use relative path for now
* chore: bump prerelease version
* feat: add translateKeys
* fix: optional params
* fix: get rid of extra timeago files
* refactor: cleanup, require timeago locale earlier
remove translator.prepareDOM, it is in header.tpl html tag
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels (#10378)
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels
- Existing hooks are preserved (to be deprecated at a later date, possibly)
- New init hooks are called on NodeBB start, and provide a one-stop shop to add new privileges, instead of having to add to four different hooks
* docs: fix typo in comment
* test: spec changes
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels (#10378)
* refactor: privileges system to use a Map in the backend instead of separate objects for keys and labels
- Existing hooks are preserved (to be deprecated at a later date, possibly)
- New init hooks are called on NodeBB start, and provide a one-stop shop to add new privileges, instead of having to add to four different hooks
* docs: fix typo in comment
* test: spec changes
* feat: allow app.require('bootbox'/'benchpressjs')
* refactor: require server side utils
* test: jquery ready
* change istaller to use build/public
* test: use document.addEventListener
* refactor: closes #10301
* refactor: generateTopicClass
* fix: column counts for other privileges
* fix: #10443, regression where sorted-list items did not render into the DOM in the predicted order [breaking]
* fix: typo in hook name
* refactor: introduce a generic autocomplete.init() method that can be called to add nodebb-style autocompletion but using different data sources (e.g. not user/groups/tags)
* fix: crash if `delay` not passed in (as it cannot be destructured)
* refactor: replace substr
* feat: set --panel-offset style in html element based on stored value in localStorage
* refactor: addDropupHandler() logic to be less naive
- Take into account height of the menu
- Don't apply dropUp logic if there's nothing in the dropdown
- Remove 'hidden' class (added by default in Persona for post tools) when menu items are added
closes #10423
* refactor: simplify utils.params [breaking]
Retrospective analysis of the usage of this method suggests that the options passed in are superfluous, and that only `url` is required. Using a browser built-in makes more sense to accomplish what this method sets out to do.
* feat: add support for returning full URLSearchParams for utils.params
* fix: utils.params() fallback handling
* fix: default empty obj for params()
* fix: remove \'loggedin\' and \'register\' qs parameters once they have been used, delay invocation of messages until ajaxify.end
* fix: utils.params() not allowing relative paths to be passed in
* refactor(DRY): new assertPasswordValidity utils method
* fix: incorrect error message returned on insufficient privilege on flag edit
* fix: read/update/delete access to flags API should be limited for moderators to only post flags in categories they moderate
- added failing tests and patched up middleware.assert.flags to fix
* refactor: flag api v3 tests to create new post and flags on every round
* fix: missing error:no-flag language key
* refactor: flags.canView to check flag existence, simplify middleware.assert.flag
* feat: flag deletion API endpoint, #10426
* feat: UI for flag deletion, closes #10426
* chore: update plugin versions
* chore: up emoji
* chore: update markdown
* chore: up emoji-android
* fix: regression caused by utils.params() refactor, supports arrays and pipes all values through utils.toType, adjusts tests to type check
Co-authored-by: Julian Lam <julian@nodebb.org>
2022-04-29 21:39:33 -04:00
|
|
|
payload.columnCountUserOther = payload.labels.users.length - labels.users.length;
|
|
|
|
|
payload.columnCountGroupOther = payload.labels.groups.length - labels.groups.length;
|
2021-03-12 14:22:16 -05:00
|
|
|
|
2021-02-24 18:10:34 -05:00
|
|
|
return payload;
|
|
|
|
|
};
|
feat: more discrete commit-on-save instead of commit-on-change w/ confirm modals (#8541)
* feat: privileges save button, #8537, WIP
* fix: disable firefox autocomplete on privilege form fields
* feat: closes #8537 privilege changes commit on save
- new language strings for confirmation and success modals/toasts
- indeterminate privilege handling (/cc @psychobunny)
- added new discard button
- both discard and save buttons now have confirmation dialogs
* fix(tests): remove duplicate template helper test
* fix(tests): broken template helper test
* feat: confirm dialogs for all privilege copy actions
Also, ability to add user to a privilege table without needing
to refresh the privilege table.
* feat: group row addition w/o table refresh
breaking: helpers.getUserPrivileges and helpers.getGroupPrivileges
no longer make socket calls to the following hooks:
- filter:privileges.list, filter:privileges.admin.list,
filter:privileges.global.list, filter:privileges.groups.list,
filter:privileges.admin.groups.list,
filter:privileges.gloval.groups.list
The filters are still called, but done before the helper method
is called, and the results are passed in instead. This change
should only affect you if you directly call the helper methods,
otherwise the change is transparent.
* fix: stale ajaxify data on privilege category switch
* fix: implicit privileges not showing for user privs
* fix: groups, not group, also fix tests
* fix(tests): again
* fix: wrong tpl rendered when adding group to global priv table
2020-08-03 20:42:45 -04:00
|
|
|
|
2021-02-24 18:10:34 -05:00
|
|
|
privsCategories.get = async function (cid, uid) {
|
2021-03-21 21:38:08 -04:00
|
|
|
const privs = [
|
2021-03-24 21:28:02 +03:00
|
|
|
'topics:create', 'topics:read', 'topics:schedule',
|
|
|
|
|
'topics:tag', 'read', 'posts:view_deleted',
|
2021-03-21 21:38:08 -04:00
|
|
|
];
|
2021-02-24 18:10:34 -05:00
|
|
|
|
|
|
|
|
const [userPrivileges, isAdministrator, isModerator] = await Promise.all([
|
|
|
|
|
helpers.isAllowedTo(privs, uid, cid),
|
|
|
|
|
user.isAdministrator(uid),
|
|
|
|
|
user.isModerator(uid, cid),
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
const combined = userPrivileges.map(allowed => allowed || isAdministrator);
|
|
|
|
|
const privData = _.zipObject(privs, combined);
|
|
|
|
|
const isAdminOrMod = isAdministrator || isModerator;
|
|
|
|
|
|
|
|
|
|
return await plugins.hooks.fire('filter:privileges.categories.get', {
|
|
|
|
|
...privData,
|
|
|
|
|
cid: cid,
|
|
|
|
|
uid: uid,
|
|
|
|
|
editable: isAdminOrMod,
|
2021-03-21 21:38:08 -04:00
|
|
|
view_deleted: isAdminOrMod || privData['posts:view_deleted'],
|
2021-02-24 18:10:34 -05:00
|
|
|
isAdminOrMod: isAdminOrMod,
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
privsCategories.isAdminOrMod = async function (cid, uid) {
|
|
|
|
|
if (parseInt(uid, 10) <= 0) {
|
2019-07-20 22:12:22 -04:00
|
|
|
return false;
|
2021-02-24 18:10:34 -05:00
|
|
|
}
|
|
|
|
|
const [isAdmin, isMod] = await Promise.all([
|
|
|
|
|
user.isAdministrator(uid),
|
|
|
|
|
user.isModerator(uid, cid),
|
|
|
|
|
]);
|
|
|
|
|
return isAdmin || isMod;
|
|
|
|
|
};
|
2014-05-15 20:49:47 -04:00
|
|
|
|
2021-02-24 18:10:34 -05:00
|
|
|
privsCategories.isUserAllowedTo = async function (privilege, cid, uid) {
|
|
|
|
|
if ((Array.isArray(privilege) && !privilege.length) || (Array.isArray(cid) && !cid.length)) {
|
|
|
|
|
return [];
|
|
|
|
|
}
|
|
|
|
|
if (!cid) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
const results = await helpers.isAllowedTo(privilege, uid, Array.isArray(cid) ? cid : [cid]);
|
|
|
|
|
|
|
|
|
|
if (Array.isArray(results) && results.length) {
|
|
|
|
|
return Array.isArray(cid) ? results : results[0];
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
privsCategories.can = async function (privilege, cid, uid) {
|
|
|
|
|
if (!cid) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
const [disabled, isAdmin, isAllowed] = await Promise.all([
|
|
|
|
|
categories.getCategoryField(cid, 'disabled'),
|
|
|
|
|
user.isAdministrator(uid),
|
|
|
|
|
privsCategories.isUserAllowedTo(privilege, cid, uid),
|
|
|
|
|
]);
|
|
|
|
|
return !disabled && (isAllowed || isAdmin);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
privsCategories.filterCids = async function (privilege, cids, uid) {
|
|
|
|
|
if (!Array.isArray(cids) || !cids.length) {
|
|
|
|
|
return [];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cids = _.uniq(cids);
|
|
|
|
|
const [categoryData, allowedTo, isAdmin] = await Promise.all([
|
|
|
|
|
categories.getCategoriesFields(cids, ['disabled']),
|
|
|
|
|
helpers.isAllowedTo(privilege, uid, cids),
|
|
|
|
|
user.isAdministrator(uid),
|
|
|
|
|
]);
|
|
|
|
|
return cids.filter(
|
|
|
|
|
(cid, index) => !!cid && !categoryData[index].disabled && (allowedTo[index] || isAdmin)
|
|
|
|
|
);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
privsCategories.getBase = async function (privilege, cids, uid) {
|
|
|
|
|
return await utils.promiseParallel({
|
|
|
|
|
categories: categories.getCategoriesFields(cids, ['disabled']),
|
|
|
|
|
allowedTo: helpers.isAllowedTo(privilege, uid, cids),
|
|
|
|
|
view_deleted: helpers.isAllowedTo('posts:view_deleted', uid, cids),
|
2021-03-24 21:28:02 +03:00
|
|
|
view_scheduled: helpers.isAllowedTo('topics:schedule', uid, cids),
|
2021-02-24 18:10:34 -05:00
|
|
|
isAdmin: user.isAdministrator(uid),
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
privsCategories.filterUids = async function (privilege, cid, uids) {
|
|
|
|
|
if (!uids.length) {
|
|
|
|
|
return [];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uids = _.uniq(uids);
|
|
|
|
|
|
|
|
|
|
const [allowedTo, isAdmins] = await Promise.all([
|
|
|
|
|
helpers.isUsersAllowedTo(privilege, uids, cid),
|
|
|
|
|
user.isAdministrator(uids),
|
|
|
|
|
]);
|
|
|
|
|
return uids.filter((uid, index) => allowedTo[index] || isAdmins[index]);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
privsCategories.give = async function (privileges, cid, members) {
|
|
|
|
|
await helpers.giveOrRescind(groups.join, privileges, cid, members);
|
|
|
|
|
plugins.hooks.fire('action:privileges.categories.give', {
|
|
|
|
|
privileges: privileges,
|
|
|
|
|
cids: Array.isArray(cid) ? cid : [cid],
|
|
|
|
|
members: Array.isArray(members) ? members : [members],
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
privsCategories.rescind = async function (privileges, cid, members) {
|
|
|
|
|
await helpers.giveOrRescind(groups.leave, privileges, cid, members);
|
|
|
|
|
plugins.hooks.fire('action:privileges.categories.rescind', {
|
|
|
|
|
privileges: privileges,
|
|
|
|
|
cids: Array.isArray(cid) ? cid : [cid],
|
|
|
|
|
members: Array.isArray(members) ? members : [members],
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
privsCategories.canMoveAllTopics = async function (currentCid, targetCid, uid) {
|
|
|
|
|
const [isAdmin, isModerators] = await Promise.all([
|
|
|
|
|
user.isAdministrator(uid),
|
|
|
|
|
user.isModerator(uid, [currentCid, targetCid]),
|
|
|
|
|
]);
|
|
|
|
|
return isAdmin || !isModerators.includes(false);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
privsCategories.userPrivileges = async function (cid, uid) {
|
2021-09-11 16:43:48 -04:00
|
|
|
const userPrivilegeList = await privsCategories.getUserPrivilegeList();
|
|
|
|
|
return await helpers.userOrGroupPrivileges(cid, uid, userPrivilegeList);
|
2021-02-24 18:10:34 -05:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
privsCategories.groupPrivileges = async function (cid, groupName) {
|
2021-09-11 16:43:48 -04:00
|
|
|
const groupPrivilegeList = await privsCategories.getGroupPrivilegeList();
|
|
|
|
|
return await helpers.userOrGroupPrivileges(cid, groupName, groupPrivilegeList);
|
2017-02-18 02:30:48 -07:00
|
|
|
};
|
