2014-05-15 10:38:02 -04:00
|
|
|
|
|
|
|
|
'use strict';
|
|
|
|
|
|
2016-06-08 10:37:46 +03:00
|
|
|
var async = require('async');
|
2017-05-26 01:39:40 -06:00
|
|
|
var _ = require('lodash');
|
2014-05-15 10:38:02 -04:00
|
|
|
|
2016-08-27 12:58:08 +03:00
|
|
|
var categories = require('../categories');
|
|
|
|
|
var user = require('../user');
|
|
|
|
|
var groups = require('../groups');
|
2016-06-08 10:37:46 +03:00
|
|
|
var helpers = require('./helpers');
|
2016-08-27 12:58:08 +03:00
|
|
|
var plugins = require('../plugins');
|
2014-05-15 10:38:02 -04:00
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
module.exports = function (privileges) {
|
2014-05-15 10:38:02 -04:00
|
|
|
privileges.categories = {};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
privileges.categories.list = function (cid, callback) {
|
2015-09-15 19:21:24 -04:00
|
|
|
// Method used in admin/category controller to show all users/groups with privs in that given cid
|
2017-05-25 21:17:20 -04:00
|
|
|
async.waterfall([
|
|
|
|
|
function (next) {
|
2015-03-25 15:42:15 -04:00
|
|
|
async.parallel({
|
2017-05-25 21:17:20 -04:00
|
|
|
labels: function (next) {
|
|
|
|
|
async.parallel({
|
2017-12-20 14:49:20 -05:00
|
|
|
users: async.apply(plugins.fireHook, 'filter:privileges.list_human', privileges.privilegeLabels.slice()),
|
|
|
|
|
groups: async.apply(plugins.fireHook, 'filter:privileges.groups.list_human', privileges.privilegeLabels.slice()),
|
2017-05-25 21:17:20 -04:00
|
|
|
}, next);
|
2017-02-17 19:31:21 -07:00
|
|
|
},
|
2017-05-25 21:17:20 -04:00
|
|
|
users: function (next) {
|
2017-12-20 14:49:20 -05:00
|
|
|
helpers.getUserPrivileges(cid, 'filter:privileges.list', privileges.userPrivilegeList, next);
|
2015-03-25 15:42:15 -04:00
|
|
|
},
|
2017-05-25 21:17:20 -04:00
|
|
|
groups: function (next) {
|
2017-12-20 14:49:20 -05:00
|
|
|
helpers.getGroupPrivileges(cid, 'filter:privileges.groups.list', privileges.groupPrivilegeList, next);
|
2017-02-17 19:31:21 -07:00
|
|
|
},
|
2017-05-25 21:17:20 -04:00
|
|
|
}, next);
|
2017-02-17 19:31:21 -07:00
|
|
|
},
|
2017-05-25 21:17:20 -04:00
|
|
|
function (payload, next) {
|
|
|
|
|
// This is a hack because I can't do {labels.users.length} to echo the count in templates.js
|
|
|
|
|
payload.columnCount = payload.labels.users.length + 2;
|
|
|
|
|
next(null, payload);
|
|
|
|
|
},
|
|
|
|
|
], callback);
|
2015-03-25 15:42:15 -04:00
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
privileges.categories.get = function (cid, uid, callback) {
|
2017-06-16 14:25:40 -04:00
|
|
|
var privs = ['topics:create', 'topics:read', 'topics:tag', 'read'];
|
2017-03-03 21:04:01 +03:00
|
|
|
async.waterfall([
|
|
|
|
|
function (next) {
|
|
|
|
|
async.parallel({
|
|
|
|
|
privileges: function (next) {
|
|
|
|
|
helpers.isUserAllowedTo(privs, uid, cid, next);
|
|
|
|
|
},
|
|
|
|
|
isAdministrator: function (next) {
|
|
|
|
|
user.isAdministrator(uid, next);
|
|
|
|
|
},
|
|
|
|
|
isModerator: function (next) {
|
|
|
|
|
user.isModerator(uid, cid, next);
|
|
|
|
|
},
|
|
|
|
|
}, next);
|
2014-05-15 20:49:47 -04:00
|
|
|
},
|
2017-03-03 21:04:01 +03:00
|
|
|
function (results, next) {
|
2017-05-29 11:23:25 -06:00
|
|
|
var privData = _.zipObject(privs, results.privileges);
|
2017-03-03 21:04:01 +03:00
|
|
|
var isAdminOrMod = results.isAdministrator || results.isModerator;
|
|
|
|
|
|
|
|
|
|
plugins.fireHook('filter:privileges.categories.get', {
|
|
|
|
|
'topics:create': privData['topics:create'] || isAdminOrMod,
|
|
|
|
|
'topics:read': privData['topics:read'] || isAdminOrMod,
|
2017-06-16 14:25:40 -04:00
|
|
|
'topics:tag': privData['topics:tag'] || isAdminOrMod,
|
2017-03-03 21:04:01 +03:00
|
|
|
read: privData.read || isAdminOrMod,
|
|
|
|
|
cid: cid,
|
|
|
|
|
uid: uid,
|
|
|
|
|
editable: isAdminOrMod,
|
|
|
|
|
view_deleted: isAdminOrMod,
|
|
|
|
|
isAdminOrMod: isAdminOrMod,
|
|
|
|
|
}, next);
|
2017-02-17 19:31:21 -07:00
|
|
|
},
|
2017-03-03 21:04:01 +03:00
|
|
|
], callback);
|
2014-05-15 20:49:47 -04:00
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
privileges.categories.isAdminOrMod = function (cid, uid, callback) {
|
2018-11-12 00:20:44 -05:00
|
|
|
if (parseInt(uid, 10) <= 0) {
|
|
|
|
|
return setImmediate(callback, null, false);
|
2015-10-28 15:10:27 -04:00
|
|
|
}
|
2015-09-15 18:21:17 -04:00
|
|
|
helpers.some([
|
|
|
|
|
function (next) {
|
|
|
|
|
user.isModerator(uid, cid, next);
|
|
|
|
|
},
|
|
|
|
|
function (next) {
|
|
|
|
|
user.isAdministrator(uid, next);
|
2017-02-17 19:31:21 -07:00
|
|
|
},
|
2015-09-15 18:21:17 -04:00
|
|
|
], callback);
|
|
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
privileges.categories.isUserAllowedTo = function (privilege, cid, uid, callback) {
|
2015-09-16 08:35:40 -04:00
|
|
|
if (!cid) {
|
|
|
|
|
return callback(null, false);
|
|
|
|
|
}
|
2016-10-13 11:43:39 +02:00
|
|
|
helpers.isUserAllowedTo(privilege, uid, [cid], function (err, results) {
|
2015-09-16 08:35:40 -04:00
|
|
|
callback(err, Array.isArray(results) && results.length ? results[0] : false);
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
privileges.categories.can = function (privilege, cid, uid, callback) {
|
2015-02-24 13:02:58 -05:00
|
|
|
if (!cid) {
|
|
|
|
|
return callback(null, false);
|
|
|
|
|
}
|
2016-08-27 12:58:08 +03:00
|
|
|
|
2017-03-03 21:04:01 +03:00
|
|
|
async.waterfall([
|
|
|
|
|
function (next) {
|
|
|
|
|
categories.getCategoryField(cid, 'disabled', next);
|
|
|
|
|
},
|
|
|
|
|
function (disabled, next) {
|
2018-10-20 17:55:13 -04:00
|
|
|
if (disabled) {
|
2017-03-03 21:04:01 +03:00
|
|
|
return callback(null, false);
|
|
|
|
|
}
|
|
|
|
|
helpers.some([
|
|
|
|
|
function (next) {
|
|
|
|
|
helpers.isUserAllowedTo(privilege, uid, [cid], function (err, results) {
|
|
|
|
|
next(err, Array.isArray(results) && results.length ? results[0] : false);
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
function (next) {
|
|
|
|
|
user.isModerator(uid, cid, next);
|
|
|
|
|
},
|
|
|
|
|
function (next) {
|
|
|
|
|
user.isAdministrator(uid, next);
|
|
|
|
|
},
|
|
|
|
|
], next);
|
|
|
|
|
},
|
|
|
|
|
], callback);
|
2014-07-29 21:51:46 -04:00
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
privileges.categories.filterCids = function (privilege, cids, uid, callback) {
|
2014-11-09 00:33:26 -05:00
|
|
|
if (!Array.isArray(cids) || !cids.length) {
|
2014-07-31 17:29:20 -04:00
|
|
|
return callback(null, []);
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-25 20:00:05 -04:00
|
|
|
cids = _.uniq(cids);
|
2014-07-31 17:29:20 -04:00
|
|
|
|
2017-03-03 21:04:01 +03:00
|
|
|
async.waterfall([
|
|
|
|
|
function (next) {
|
|
|
|
|
privileges.categories.getBase(privilege, cids, uid, next);
|
|
|
|
|
},
|
|
|
|
|
function (results, next) {
|
|
|
|
|
cids = cids.filter(function (cid, index) {
|
2018-11-28 20:29:43 -07:00
|
|
|
return !results.categories[index].disabled &&
|
|
|
|
|
(results.allowedTo[index] || results.isAdmin || results.isModerators[index]);
|
2017-03-03 21:04:01 +03:00
|
|
|
});
|
2016-04-29 20:35:49 +03:00
|
|
|
|
2017-03-03 21:04:01 +03:00
|
|
|
next(null, cids.filter(Boolean));
|
|
|
|
|
},
|
|
|
|
|
], callback);
|
2016-04-29 20:35:49 +03:00
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
privileges.categories.getBase = function (privilege, cids, uid, callback) {
|
2014-07-29 21:51:46 -04:00
|
|
|
async.parallel({
|
2016-10-13 11:43:39 +02:00
|
|
|
categories: function (next) {
|
2015-09-25 17:38:58 -04:00
|
|
|
categories.getCategoriesFields(cids, ['disabled'], next);
|
2015-02-25 14:17:30 -05:00
|
|
|
},
|
2016-10-13 11:43:39 +02:00
|
|
|
allowedTo: function (next) {
|
2014-09-09 15:19:57 -04:00
|
|
|
helpers.isUserAllowedTo(privilege, uid, cids, next);
|
2014-05-16 15:47:04 -04:00
|
|
|
},
|
2016-10-13 11:43:39 +02:00
|
|
|
isModerators: function (next) {
|
2014-07-29 21:51:46 -04:00
|
|
|
user.isModerator(uid, cids, next);
|
2014-05-16 15:47:04 -04:00
|
|
|
},
|
2016-10-13 11:43:39 +02:00
|
|
|
isAdmin: function (next) {
|
2014-05-16 15:47:04 -04:00
|
|
|
user.isAdministrator(uid, next);
|
2017-02-17 19:31:21 -07:00
|
|
|
},
|
2016-04-29 20:35:49 +03:00
|
|
|
}, callback);
|
2014-05-16 15:47:04 -04:00
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
privileges.categories.filterUids = function (privilege, cid, uids, callback) {
|
2014-09-09 15:19:57 -04:00
|
|
|
if (!uids.length) {
|
|
|
|
|
return callback(null, []);
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-25 19:05:13 -04:00
|
|
|
uids = _.uniq(uids);
|
2016-08-27 12:58:08 +03:00
|
|
|
|
2017-03-03 21:04:01 +03:00
|
|
|
async.waterfall([
|
|
|
|
|
function (next) {
|
|
|
|
|
async.parallel({
|
|
|
|
|
allowedTo: function (next) {
|
|
|
|
|
helpers.isUsersAllowedTo(privilege, uids, cid, next);
|
|
|
|
|
},
|
|
|
|
|
isModerators: function (next) {
|
|
|
|
|
user.isModerator(uids, cid, next);
|
|
|
|
|
},
|
2017-06-25 19:05:13 -04:00
|
|
|
isAdmins: function (next) {
|
2017-03-03 21:04:01 +03:00
|
|
|
user.isAdministrator(uids, next);
|
|
|
|
|
},
|
|
|
|
|
}, next);
|
2014-09-09 15:19:57 -04:00
|
|
|
},
|
2017-03-03 21:04:01 +03:00
|
|
|
function (results, next) {
|
|
|
|
|
uids = uids.filter(function (uid, index) {
|
2017-06-25 19:05:13 -04:00
|
|
|
return results.allowedTo[index] || results.isModerators[index] || results.isAdmins[index];
|
2017-03-03 21:04:01 +03:00
|
|
|
});
|
|
|
|
|
next(null, uids);
|
2017-02-17 19:31:21 -07:00
|
|
|
},
|
2017-03-03 21:04:01 +03:00
|
|
|
], callback);
|
2014-09-09 15:19:57 -04:00
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
privileges.categories.give = function (privileges, cid, groupName, callback) {
|
2018-01-03 13:27:30 -05:00
|
|
|
helpers.giveOrRescind(groups.join, privileges, cid, groupName, callback);
|
2014-11-11 22:58:34 -05:00
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
privileges.categories.rescind = function (privileges, cid, groupName, callback) {
|
2018-01-03 13:27:30 -05:00
|
|
|
helpers.giveOrRescind(groups.leave, privileges, cid, groupName, callback);
|
2015-09-27 15:02:04 -04:00
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
privileges.categories.canMoveAllTopics = function (currentCid, targetCid, uid, callback) {
|
2017-03-03 21:04:01 +03:00
|
|
|
async.waterfall([
|
|
|
|
|
function (next) {
|
|
|
|
|
async.parallel({
|
|
|
|
|
isAdministrator: function (next) {
|
|
|
|
|
user.isAdministrator(uid, next);
|
|
|
|
|
},
|
|
|
|
|
moderatorOfCurrent: function (next) {
|
|
|
|
|
user.isModerator(uid, currentCid, next);
|
|
|
|
|
},
|
|
|
|
|
moderatorOfTarget: function (next) {
|
|
|
|
|
user.isModerator(uid, targetCid, next);
|
|
|
|
|
},
|
|
|
|
|
}, next);
|
2014-05-15 20:49:47 -04:00
|
|
|
},
|
2017-03-03 21:04:01 +03:00
|
|
|
function (results, next) {
|
|
|
|
|
next(null, results.isAdministrator || (results.moderatorOfCurrent && results.moderatorOfTarget));
|
2017-02-17 19:31:21 -07:00
|
|
|
},
|
2017-03-03 21:04:01 +03:00
|
|
|
], callback);
|
2014-05-15 20:49:47 -04:00
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
privileges.categories.userPrivileges = function (cid, uid, callback) {
|
2017-06-15 14:02:51 -04:00
|
|
|
var tasks = {};
|
|
|
|
|
|
|
|
|
|
privileges.userPrivilegeList.forEach(function (privilege) {
|
|
|
|
|
tasks[privilege] = async.apply(groups.isMember, uid, 'cid:' + cid + ':privileges:' + privilege);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
async.parallel(tasks, callback);
|
2014-05-15 20:49:47 -04:00
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
privileges.categories.groupPrivileges = function (cid, groupName, callback) {
|
2017-06-15 14:02:51 -04:00
|
|
|
var tasks = {};
|
|
|
|
|
|
|
|
|
|
privileges.groupPrivilegeList.forEach(function (privilege) {
|
|
|
|
|
tasks[privilege] = async.apply(groups.isMember, groupName, 'cid:' + cid + ':privileges:' + privilege);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
async.parallel(tasks, callback);
|
2014-05-15 20:49:47 -04:00
|
|
|
};
|
2017-02-18 02:30:48 -07:00
|
|
|
};
|
