Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-17 03:01:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

refactor: privileges, export modules directly (#9325)

Browse Source 
fix unused/commented out methods in admin privileges
This commit is contained in:
Barış Soner Uşaklı
2021-02-24 18:10:34 -05:00
committed by GitHub
parent 984c9dd915
commit 293b7c2650
12 changed files with 1015 additions and 1020 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/categories/create.js
View File

@@ -190,7 +190,9 @@ module.exports = function (Categories) {
group = group || ''; group = group || '';
const data = await plugins.hooks.fire('filter:categories.copyPrivilegesFrom', { const data = await plugins.hooks.fire('filter:categories.copyPrivilegesFrom', {
privileges: group ? privileges.groupPrivilegeList.slice() : privileges.privilegeList.slice(), privileges: group ?
privileges.categories.groupPrivilegeList.slice() :
privileges.categories.privilegeList.slice(),
fromCid: fromCid, fromCid: fromCid,
toCid: toCid, toCid: toCid,
group: group, group: group,

2
src/categories/delete.js
View File

@@ -48,7 +48,7 @@ module.exports = function (Categories) {
`cid:${cid}:tag:whitelist`, `cid:${cid}:tag:whitelist`,
`category:${cid}`, `category:${cid}`,
]); ]);
await groups.destroy(privileges.privilegeList.map(privilege => `cid:${cid}:privileges:${privilege}`)); await groups.destroy(privileges.categories.privilegeList.map(privilege => `cid:${cid}:privileges:${privilege}`));
} }
async function removeFromParent(cid) { async function removeFromParent(cid) {

2
src/controllers/admin/admins-mods.js
View File

@@ -30,7 +30,7 @@ AdminsMods.get = async function (req, res, next) {
globalMods: globalMods, globalMods: globalMods,
categoryMods: [moderators], categoryMods: [moderators],
selectedCategory: selectedCategory, selectedCategory: selectedCategory,
allPrivileges: privileges.userPrivilegeList, allPrivileges: privileges.categories.userPrivilegeList,
}); });
}; };

108
src/privileges/admin.js
View File

@@ -9,10 +9,9 @@ const helpers = require('./helpers');
const plugins = require('../plugins'); const plugins = require('../plugins');
const utils = require('../utils'); const utils = require('../utils');
module.exports = function (privileges) { const privsAdmin = module.exports;
privileges.admin = {};
privileges.admin.privilegeLabels = [ privsAdmin.privilegeLabels = [
{ name: '[[admin/manage/privileges:admin-dashboard]]' }, { name: '[[admin/manage/privileges:admin-dashboard]]' },
{ name: '[[admin/manage/privileges:admin-categories]]' }, { name: '[[admin/manage/privileges:admin-categories]]' },
{ name: '[[admin/manage/privileges:admin-privileges]]' }, { name: '[[admin/manage/privileges:admin-privileges]]' },
@@ -21,9 +20,9 @@ module.exports = function (privileges) {
{ name: '[[admin/manage/privileges:admin-groups]]' }, { name: '[[admin/manage/privileges:admin-groups]]' },
{ name: '[[admin/manage/privileges:admin-tags]]' }, { name: '[[admin/manage/privileges:admin-tags]]' },
{ name: '[[admin/manage/privileges:admin-settings]]' }, { name: '[[admin/manage/privileges:admin-settings]]' },
]; ];
privileges.admin.userPrivilegeList = [ privsAdmin.userPrivilegeList = [
'admin:dashboard', 'admin:dashboard',
'admin:categories', 'admin:categories',
'admin:privileges', 'admin:privileges',
@@ -32,12 +31,12 @@ module.exports = function (privileges) {
'admin:groups', 'admin:groups',
'admin:tags', 'admin:tags',
'admin:settings', 'admin:settings',
]; ];
privileges.admin.groupPrivilegeList = privileges.admin.userPrivilegeList.map(privilege => `groups:${privilege}`); privsAdmin.groupPrivilegeList = privsAdmin.userPrivilegeList.map(privilege => `groups:${privilege}`);
// Mapping for a page route (via direct match or regexp) to a privilege // Mapping for a page route (via direct match or regexp) to a privilege
privileges.admin.routeMap = { privsAdmin.routeMap = {
dashboard: 'admin:dashboard', dashboard: 'admin:dashboard',
'manage/categories': 'admin:categories', 'manage/categories': 'admin:categories',
'manage/privileges': 'admin:privileges', 'manage/privileges': 'admin:privileges',
@@ -49,19 +48,19 @@ module.exports = function (privileges) {
'extend/plugins': 'admin:settings', 'extend/plugins': 'admin:settings',
'extend/widgets': 'admin:settings', 'extend/widgets': 'admin:settings',
'extend/rewards': 'admin:settings', 'extend/rewards': 'admin:settings',
}; };
privileges.admin.routeRegexpMap = { privsAdmin.routeRegexpMap = {
'^manage/categories/\\d+': 'admin:categories', '^manage/categories/\\d+': 'admin:categories',
'^manage/privileges/(\\d+|admin)': 'admin:privileges', '^manage/privileges/(\\d+|admin)': 'admin:privileges',
'^manage/groups/.+$': 'admin:groups', '^manage/groups/.+$': 'admin:groups',
'^settings/[\\w\\-]+$': 'admin:settings', '^settings/[\\w\\-]+$': 'admin:settings',
'^appearance/[\\w]+$': 'admin:settings', '^appearance/[\\w]+$': 'admin:settings',
'^plugins/[\\w\\-]+$': 'admin:settings', '^plugins/[\\w\\-]+$': 'admin:settings',
}; };
// Mapping for socket call methods to a privilege // Mapping for socket call methods to a privilege
// In NodeBB v2, these socket calls will be removed in favour of xhr calls // In NodeBB v2, these socket calls will be removed in favour of xhr calls
privileges.admin.socketMap = { privsAdmin.socketMap = {
'admin.rooms.getAll': 'admin:dashboard', 'admin.rooms.getAll': 'admin:dashboard',
'admin.analytics.get': 'admin:dashboard', 'admin.analytics.get': 'admin:dashboard',
@@ -106,33 +105,33 @@ module.exports = function (privileges) {
'admin.reloadAllSessions': 'admin:settings', 'admin.reloadAllSessions': 'admin:settings',
'admin.settings.get': 'admin:settings', 'admin.settings.get': 'admin:settings',
'admin.settings.set': 'admin:settings', 'admin.settings.set': 'admin:settings',
}; };
privileges.admin.resolve = (path) => { privsAdmin.resolve = (path) => {
if (privileges.admin.routeMap[path]) { if (privsAdmin.routeMap[path]) {
return privileges.admin.routeMap[path]; return privsAdmin.routeMap[path];
} }
let privilege; let privilege;
Object.keys(privileges.admin.routeRegexpMap).forEach((regexp) => { Object.keys(privsAdmin.routeRegexpMap).forEach((regexp) => {
if (!privilege) { if (!privilege) {
if (new RegExp(regexp).test(path)) { if (new RegExp(regexp).test(path)) {
privilege = privileges.admin.routeRegexpMap[regexp]; privilege = privsAdmin.routeRegexpMap[regexp];
} }
} }
}); });
return privilege; return privilege;
}; };
privileges.admin.list = async function (uid) { privsAdmin.list = async function (uid) {
const privilegeLabels = privileges.admin.privilegeLabels.slice(); const privilegeLabels = privsAdmin.privilegeLabels.slice();
const userPrivilegeList = privileges.admin.userPrivilegeList.slice(); const userPrivilegeList = privsAdmin.userPrivilegeList.slice();
const groupPrivilegeList = privileges.admin.groupPrivilegeList.slice(); const groupPrivilegeList = privsAdmin.groupPrivilegeList.slice();
// Restrict privileges column to superadmins // Restrict privileges column to superadmins
if (!(await user.isAdministrator(uid))) { if (!(await user.isAdministrator(uid))) {
const idx = privileges.admin.userPrivilegeList.indexOf('admin:privileges'); const idx = privsAdmin.userPrivilegeList.indexOf('admin:privileges');
privilegeLabels.splice(idx, 1); privilegeLabels.splice(idx, 1);
userPrivilegeList.splice(idx, 1); userPrivilegeList.splice(idx, 1);
groupPrivilegeList.splice(idx, 1); groupPrivilegeList.splice(idx, 1);
@@ -160,62 +159,53 @@ module.exports = function (privileges) {
// This is a hack because I can't do {labels.users.length} to echo the count in templates.js // This is a hack because I can't do {labels.users.length} to echo the count in templates.js
payload.columnCount = payload.labels.users.length + 3; payload.columnCount = payload.labels.users.length + 3;
return payload; return payload;
}; };
privileges.admin.get = async function (uid) { privsAdmin.get = async function (uid) {
const [userPrivileges, isAdministrator] = await Promise.all([ const [userPrivileges, isAdministrator] = await Promise.all([
helpers.isAllowedTo(privileges.admin.userPrivilegeList, uid, 0), helpers.isAllowedTo(privsAdmin.userPrivilegeList, uid, 0),
user.isAdministrator(uid), user.isAdministrator(uid),
]); ]);
const combined = userPrivileges.map(allowed => allowed || isAdministrator); const combined = userPrivileges.map(allowed => allowed || isAdministrator);
const privData = _.zipObject(privileges.admin.userPrivilegeList, combined); const privData = _.zipObject(privsAdmin.userPrivilegeList, combined);
privData.superadmin = isAdministrator; privData.superadmin = isAdministrator;
return await plugins.hooks.fire('filter:privileges.admin.get', privData); return await plugins.hooks.fire('filter:privileges.admin.get', privData);
}; };
privileges.admin.can = async function (privilege, uid) { privsAdmin.can = async function (privilege, uid) {
const [isUserAllowedTo, isAdministrator] = await Promise.all([ const [isUserAllowedTo, isAdministrator] = await Promise.all([
helpers.isAllowedTo(privilege, uid, [0]), helpers.isAllowedTo(privilege, uid, [0]),
user.isAdministrator(uid), user.isAdministrator(uid),
]); ]);
return isAdministrator || isUserAllowedTo[0]; return isAdministrator || isUserAllowedTo[0];
}; };
// privileges.admin.canGroup = async function (privilege, groupName) { privsAdmin.canGroup = async function (privilege, groupName) {
// return await groups.isMember(groupName, 'cid:0:privileges:groups:' + privilege); return await groups.isMember(groupName, `cid:0:privileges:groups:${privilege}`);
// }; };
privileges.admin.give = async function (privileges, groupName) { privsAdmin.give = async function (privileges, groupName) {
await helpers.giveOrRescind(groups.join, privileges, 'admin', groupName); await helpers.giveOrRescind(groups.join, privileges, 0, groupName);
plugins.hooks.fire('action:privileges.admin.give', { plugins.hooks.fire('action:privileges.admin.give', {
privileges: privileges, privileges: privileges,
groupNames: Array.isArray(groupName) ? groupName : [groupName], groupNames: Array.isArray(groupName) ? groupName : [groupName],
}); });
}; };
privileges.admin.rescind = async function (privileges, groupName) { privsAdmin.rescind = async function (privileges, groupName) {
await helpers.giveOrRescind(groups.leave, privileges, 'admin', groupName); await helpers.giveOrRescind(groups.leave, privileges, 0, groupName);
plugins.hooks.fire('action:privileges.admin.rescind', { plugins.hooks.fire('action:privileges.admin.rescind', {
privileges: privileges, privileges: privileges,
groupNames: Array.isArray(groupName) ? groupName : [groupName], groupNames: Array.isArray(groupName) ? groupName : [groupName],
}); });
}; };
// privileges.admin.userPrivileges = async function (uid) { privsAdmin.userPrivileges = async function (uid) {
// const tasks = {}; return await helpers.userOrGroupPrivileges(0, uid, privsAdmin.userPrivilegeList);
// privileges.admin.userPrivilegeList.forEach(function (privilege) { };
// tasks[privilege] = groups.isMember(uid, 'cid:0:privileges:' + privilege);
// }); privsAdmin.groupPrivileges = async function (groupName) {
// return await utils.promiseParallel(tasks); return await helpers.userOrGroupPrivileges(0, groupName, privsAdmin.groupPrivilegeList);
// };
// privileges.admin.groupPrivileges = async function (groupName) {
// const tasks = {};
// privileges.admin.groupPrivilegeList.forEach(function (privilege) {
// tasks[privilege] = groups.isMember(groupName, 'cid:0:privileges:' + privilege);
// });
// return await utils.promiseParallel(tasks);
// };
}; };

126
src/privileges/categories.js
View File

@@ -10,21 +10,60 @@ const helpers = require('./helpers');
const plugins = require('../plugins'); const plugins = require('../plugins');
const utils = require('../utils'); const utils = require('../utils');
module.exports = function (privileges) { const privsCategories = module.exports;
privileges.categories = {};
// Method used in admin/category controller to show all users/groups with privs in that given cid privsCategories.privilegeLabels = [
privileges.categories.list = async function (cid) { { name: '[[admin/manage/privileges:find-category]]' },
{ name: '[[admin/manage/privileges:access-category]]' },
{ name: '[[admin/manage/privileges:access-topics]]' },
{ name: '[[admin/manage/privileges:create-topics]]' },
{ name: '[[admin/manage/privileges:reply-to-topics]]' },
{ name: '[[admin/manage/privileges:tag-topics]]' },
{ name: '[[admin/manage/privileges:edit-posts]]' },
{ name: '[[admin/manage/privileges:view-edit-history]]' },
{ name: '[[admin/manage/privileges:delete-posts]]' },
{ name: '[[admin/manage/privileges:upvote-posts]]' },
{ name: '[[admin/manage/privileges:downvote-posts]]' },
{ name: '[[admin/manage/privileges:delete-topics]]' },
{ name: '[[admin/manage/privileges:view_deleted]]' },
{ name: '[[admin/manage/privileges:purge]]' },
{ name: '[[admin/manage/privileges:moderate]]' },
];
privsCategories.userPrivilegeList = [
'find',
'read',
'topics:read',
'topics:create',
'topics:reply',
'topics:tag',
'posts:edit',
'posts:history',
'posts:delete',
'posts:upvote',
'posts:downvote',
'topics:delete',
'posts:view_deleted',
'purge',
'moderate',
];
privsCategories.groupPrivilegeList = privsCategories.userPrivilegeList.map(privilege => `groups:${privilege}`);
privsCategories.privilegeList = privsCategories.userPrivilegeList.concat(privsCategories.groupPrivilegeList);
// Method used in admin/category controller to show all users/groups with privs in that given cid
privsCategories.list = async function (cid) {
async function getLabels() { async function getLabels() {
return await utils.promiseParallel({ return await utils.promiseParallel({
users: plugins.hooks.fire('filter:privileges.list_human', privileges.privilegeLabels.slice()), users: plugins.hooks.fire('filter:privileges.list_human', privsCategories.privilegeLabels.slice()),
groups: plugins.hooks.fire('filter:privileges.groups.list_human', privileges.privilegeLabels.slice()), groups: plugins.hooks.fire('filter:privileges.groups.list_human', privsCategories.privilegeLabels.slice()),
}); });
} }
const keys = await utils.promiseParallel({ const keys = await utils.promiseParallel({
users: plugins.hooks.fire('filter:privileges.list', privileges.userPrivilegeList.slice()), users: plugins.hooks.fire('filter:privileges.list', privsCategories.userPrivilegeList.slice()),
groups: plugins.hooks.fire('filter:privileges.groups.list', privileges.groupPrivilegeList.slice()), groups: plugins.hooks.fire('filter:privileges.groups.list', privsCategories.groupPrivilegeList.slice()),
}); });
const payload = await utils.promiseParallel({ const payload = await utils.promiseParallel({
@@ -36,13 +75,13 @@ module.exports = function (privileges) {
// This is a hack because I can't do {labels.users.length} to echo the count in templates.js // This is a hack because I can't do {labels.users.length} to echo the count in templates.js
payload.columnCountUser = payload.labels.users.length + 3; payload.columnCountUser = payload.labels.users.length + 3;
payload.columnCountUserOther = payload.labels.users.length - privileges.privilegeLabels.length; payload.columnCountUserOther = payload.labels.users.length - privsCategories.privilegeLabels.length;
payload.columnCountGroup = payload.labels.groups.length + 3; payload.columnCountGroup = payload.labels.groups.length + 3;
payload.columnCountGroupOther = payload.labels.groups.length - privileges.privilegeLabels.length; payload.columnCountGroupOther = payload.labels.groups.length - privsCategories.privilegeLabels.length;
return payload; return payload;
}; };
privileges.categories.get = async function (cid, uid) { privsCategories.get = async function (cid, uid) {
const privs = ['topics:create', 'topics:read', 'topics:tag', 'read']; const privs = ['topics:create', 'topics:read', 'topics:tag', 'read'];
const [userPrivileges, isAdministrator, isModerator] = await Promise.all([ const [userPrivileges, isAdministrator, isModerator] = await Promise.all([
@@ -63,9 +102,9 @@ module.exports = function (privileges) {
view_deleted: isAdminOrMod, view_deleted: isAdminOrMod,
isAdminOrMod: isAdminOrMod, isAdminOrMod: isAdminOrMod,
}); });
}; };
privileges.categories.isAdminOrMod = async function (cid, uid) { privsCategories.isAdminOrMod = async function (cid, uid) {
if (parseInt(uid, 10) <= 0) { if (parseInt(uid, 10) <= 0) {
return false; return false;
} }
@@ -74,9 +113,9 @@ module.exports = function (privileges) {
user.isModerator(uid, cid), user.isModerator(uid, cid),
]); ]);
return isAdmin || isMod; return isAdmin || isMod;
}; };
privileges.categories.isUserAllowedTo = async function (privilege, cid, uid) { privsCategories.isUserAllowedTo = async function (privilege, cid, uid) {
if ((Array.isArray(privilege) && !privilege.length) || (Array.isArray(cid) && !cid.length)) { if ((Array.isArray(privilege) && !privilege.length) || (Array.isArray(cid) && !cid.length)) {
return []; return [];
} }
@@ -89,21 +128,21 @@ module.exports = function (privileges) {
return Array.isArray(cid) ? results : results[0]; return Array.isArray(cid) ? results : results[0];
} }
return false; return false;
}; };
privileges.categories.can = async function (privilege, cid, uid) { privsCategories.can = async function (privilege, cid, uid) {
if (!cid) { if (!cid) {
return false; return false;
} }
const [disabled, isAdmin, isAllowed] = await Promise.all([ const [disabled, isAdmin, isAllowed] = await Promise.all([
categories.getCategoryField(cid, 'disabled'), categories.getCategoryField(cid, 'disabled'),
user.isAdministrator(uid), user.isAdministrator(uid),
privileges.categories.isUserAllowedTo(privilege, cid, uid), privsCategories.isUserAllowedTo(privilege, cid, uid),
]); ]);
return !disabled && (isAllowed || isAdmin); return !disabled && (isAllowed || isAdmin);
}; };
privileges.categories.filterCids = async function (privilege, cids, uid) { privsCategories.filterCids = async function (privilege, cids, uid) {
if (!Array.isArray(cids) || !cids.length) { if (!Array.isArray(cids) || !cids.length) {
return []; return [];
} }
@@ -117,18 +156,18 @@ module.exports = function (privileges) {
return cids.filter( return cids.filter(
(cid, index) => !!cid && !categoryData[index].disabled && (allowedTo[index] || isAdmin) (cid, index) => !!cid && !categoryData[index].disabled && (allowedTo[index] || isAdmin)
); );
}; };
privileges.categories.getBase = async function (privilege, cids, uid) { privsCategories.getBase = async function (privilege, cids, uid) {
return await utils.promiseParallel({ return await utils.promiseParallel({
categories: categories.getCategoriesFields(cids, ['disabled']), categories: categories.getCategoriesFields(cids, ['disabled']),
allowedTo: helpers.isAllowedTo(privilege, uid, cids), allowedTo: helpers.isAllowedTo(privilege, uid, cids),
view_deleted: helpers.isAllowedTo('posts:view_deleted', uid, cids), view_deleted: helpers.isAllowedTo('posts:view_deleted', uid, cids),
isAdmin: user.isAdministrator(uid), isAdmin: user.isAdministrator(uid),
}); });
}; };
privileges.categories.filterUids = async function (privilege, cid, uids) { privsCategories.filterUids = async function (privilege, cid, uids) {
if (!uids.length) { if (!uids.length) {
return []; return [];
} }
@@ -140,47 +179,38 @@ module.exports = function (privileges) {
user.isAdministrator(uids), user.isAdministrator(uids),
]); ]);
return uids.filter((uid, index) => allowedTo[index] || isAdmins[index]); return uids.filter((uid, index) => allowedTo[index] || isAdmins[index]);
}; };
privileges.categories.give = async function (privileges, cid, members) { privsCategories.give = async function (privileges, cid, members) {
await helpers.giveOrRescind(groups.join, privileges, cid, members); await helpers.giveOrRescind(groups.join, privileges, cid, members);
plugins.hooks.fire('action:privileges.categories.give', { plugins.hooks.fire('action:privileges.categories.give', {
privileges: privileges, privileges: privileges,
cids: Array.isArray(cid) ? cid : [cid], cids: Array.isArray(cid) ? cid : [cid],
members: Array.isArray(members) ? members : [members], members: Array.isArray(members) ? members : [members],
}); });
}; };
privileges.categories.rescind = async function (privileges, cid, members) { privsCategories.rescind = async function (privileges, cid, members) {
await helpers.giveOrRescind(groups.leave, privileges, cid, members); await helpers.giveOrRescind(groups.leave, privileges, cid, members);
plugins.hooks.fire('action:privileges.categories.rescind', { plugins.hooks.fire('action:privileges.categories.rescind', {
privileges: privileges, privileges: privileges,
cids: Array.isArray(cid) ? cid : [cid], cids: Array.isArray(cid) ? cid : [cid],
members: Array.isArray(members) ? members : [members], members: Array.isArray(members) ? members : [members],
}); });
}; };
privileges.categories.canMoveAllTopics = async function (currentCid, targetCid, uid) { privsCategories.canMoveAllTopics = async function (currentCid, targetCid, uid) {
const [isAdmin, isModerators] = await Promise.all([ const [isAdmin, isModerators] = await Promise.all([
user.isAdministrator(uid), user.isAdministrator(uid),
user.isModerator(uid, [currentCid, targetCid]), user.isModerator(uid, [currentCid, targetCid]),
]); ]);
return isAdmin || !isModerators.includes(false); return isAdmin || !isModerators.includes(false);
}; };
privileges.categories.userPrivileges = async function (cid, uid) { privsCategories.userPrivileges = async function (cid, uid) {
const tasks = {}; return await helpers.userOrGroupPrivileges(cid, uid, privsCategories.userPrivilegeList);
privileges.userPrivilegeList.forEach((privilege) => { };
tasks[privilege] = groups.isMember(uid, `cid:${cid}:privileges:${privilege}`);
}); privsCategories.groupPrivileges = async function (cid, groupName) {
return await utils.promiseParallel(tasks); return await helpers.userOrGroupPrivileges(cid, groupName, privsCategories.groupPrivilegeList);
};
privileges.categories.groupPrivileges = async function (cid, groupName) {
const tasks = {};
privileges.groupPrivilegeList.forEach((privilege) => {
tasks[privilege] = groups.isMember(groupName, `cid:${cid}:privileges:${privilege}`);
});
return await utils.promiseParallel(tasks);
};
}; };

72
src/privileges/global.js
View File

@@ -9,10 +9,9 @@ const helpers = require('./helpers');
const plugins = require('../plugins'); const plugins = require('../plugins');
const utils = require('../utils'); const utils = require('../utils');
module.exports = function (privileges) { const privsGlobal = module.exports;
privileges.global = {};
privileges.global.privilegeLabels = [ privsGlobal.privilegeLabels = [
{ name: '[[admin/manage/privileges:chat]]' }, { name: '[[admin/manage/privileges:chat]]' },
{ name: '[[admin/manage/privileges:upload-images]]' }, { name: '[[admin/manage/privileges:upload-images]]' },
{ name: '[[admin/manage/privileges:upload-files]]' }, { name: '[[admin/manage/privileges:upload-files]]' },
@@ -28,9 +27,9 @@ module.exports = function (privileges) {
{ name: '[[admin/manage/privileges:allow-local-login]]' }, { name: '[[admin/manage/privileges:allow-local-login]]' },
{ name: '[[admin/manage/privileges:allow-group-creation]]' }, { name: '[[admin/manage/privileges:allow-group-creation]]' },
{ name: '[[admin/manage/privileges:view-users-info]]' }, { name: '[[admin/manage/privileges:view-users-info]]' },
]; ];
privileges.global.userPrivilegeList = [ privsGlobal.userPrivilegeList = [
'chat', 'chat',
'upload:post:image', 'upload:post:image',
'upload:post:file', 'upload:post:file',
@@ -46,21 +45,21 @@ module.exports = function (privileges) {
'local:login', 'local:login',
'group:create', 'group:create',
'view:users:info', 'view:users:info',
]; ];
privileges.global.groupPrivilegeList = privileges.global.userPrivilegeList.map(privilege => `groups:${privilege}`); privsGlobal.groupPrivilegeList = privsGlobal.userPrivilegeList.map(privilege => `groups:${privilege}`);
privileges.global.list = async function () { privsGlobal.list = async function () {
async function getLabels() { async function getLabels() {
return await utils.promiseParallel({ return await utils.promiseParallel({
users: plugins.hooks.fire('filter:privileges.global.list_human', privileges.global.privilegeLabels.slice()), users: plugins.hooks.fire('filter:privileges.global.list_human', privsGlobal.privilegeLabels.slice()),
groups: plugins.hooks.fire('filter:privileges.global.groups.list_human', privileges.global.privilegeLabels.slice()), groups: plugins.hooks.fire('filter:privileges.global.groups.list_human', privsGlobal.privilegeLabels.slice()),
}); });
} }
const keys = await utils.promiseParallel({ const keys = await utils.promiseParallel({
users: plugins.hooks.fire('filter:privileges.global.list', privileges.global.userPrivilegeList.slice()), users: plugins.hooks.fire('filter:privileges.global.list', privsGlobal.userPrivilegeList.slice()),
groups: plugins.hooks.fire('filter:privileges.global.groups.list', privileges.global.groupPrivilegeList.slice()), groups: plugins.hooks.fire('filter:privileges.global.groups.list', privsGlobal.groupPrivilegeList.slice()),
}); });
const payload = await utils.promiseParallel({ const payload = await utils.promiseParallel({
@@ -73,61 +72,52 @@ module.exports = function (privileges) {
// This is a hack because I can't do {labels.users.length} to echo the count in templates.js // This is a hack because I can't do {labels.users.length} to echo the count in templates.js
payload.columnCount = payload.labels.users.length + 3; payload.columnCount = payload.labels.users.length + 3;
return payload; return payload;
}; };
privileges.global.get = async function (uid) { privsGlobal.get = async function (uid) {
const [userPrivileges, isAdministrator] = await Promise.all([ const [userPrivileges, isAdministrator] = await Promise.all([
helpers.isAllowedTo(privileges.global.userPrivilegeList, uid, 0), helpers.isAllowedTo(privsGlobal.userPrivilegeList, uid, 0),
user.isAdministrator(uid), user.isAdministrator(uid),
]); ]);
const combined = userPrivileges.map(allowed => allowed || isAdministrator); const combined = userPrivileges.map(allowed => allowed || isAdministrator);
const privData = _.zipObject(privileges.global.userPrivilegeList, combined); const privData = _.zipObject(privsGlobal.userPrivilegeList, combined);
return await plugins.hooks.fire('filter:privileges.global.get', privData); return await plugins.hooks.fire('filter:privileges.global.get', privData);
}; };
privileges.global.can = async function (privilege, uid) { privsGlobal.can = async function (privilege, uid) {
const [isAdministrator, isUserAllowedTo] = await Promise.all([ const [isAdministrator, isUserAllowedTo] = await Promise.all([
user.isAdministrator(uid), user.isAdministrator(uid),
helpers.isAllowedTo(privilege, uid, [0]), helpers.isAllowedTo(privilege, uid, [0]),
]); ]);
return isAdministrator || isUserAllowedTo[0]; return isAdministrator || isUserAllowedTo[0];
}; };
privileges.global.canGroup = async function (privilege, groupName) { privsGlobal.canGroup = async function (privilege, groupName) {
return await groups.isMember(groupName, `cid:0:privileges:groups:${privilege}`); return await groups.isMember(groupName, `cid:0:privileges:groups:${privilege}`);
}; };
privileges.global.give = async function (privileges, groupName) { privsGlobal.give = async function (privileges, groupName) {
await helpers.giveOrRescind(groups.join, privileges, 0, groupName); await helpers.giveOrRescind(groups.join, privileges, 0, groupName);
plugins.hooks.fire('action:privileges.global.give', { plugins.hooks.fire('action:privileges.global.give', {
privileges: privileges, privileges: privileges,
groupNames: Array.isArray(groupName) ? groupName : [groupName], groupNames: Array.isArray(groupName) ? groupName : [groupName],
}); });
}; };
privileges.global.rescind = async function (privileges, groupName) { privsGlobal.rescind = async function (privileges, groupName) {
await helpers.giveOrRescind(groups.leave, privileges, 0, groupName); await helpers.giveOrRescind(groups.leave, privileges, 0, groupName);
plugins.hooks.fire('action:privileges.global.rescind', { plugins.hooks.fire('action:privileges.global.rescind', {
privileges: privileges, privileges: privileges,
groupNames: Array.isArray(groupName) ? groupName : [groupName], groupNames: Array.isArray(groupName) ? groupName : [groupName],
}); });
}; };
privileges.global.userPrivileges = async function (uid) { privsGlobal.userPrivileges = async function (uid) {
const tasks = {}; return await helpers.userOrGroupPrivileges(0, uid, privsGlobal.userPrivilegeList);
privileges.global.userPrivilegeList.forEach((privilege) => { };
tasks[privilege] = groups.isMember(uid, `cid:0:privileges:${privilege}`);
}); privsGlobal.groupPrivileges = async function (groupName) {
return await utils.promiseParallel(tasks); return await helpers.userOrGroupPrivileges(0, groupName, privsGlobal.groupPrivilegeList);
};
privileges.global.groupPrivileges = async function (groupName) {
const tasks = {};
privileges.global.groupPrivilegeList.forEach((privilege) => {
tasks[privilege] = groups.isMember(groupName, `cid:0:privileges:${privilege}`);
});
return await utils.promiseParallel(tasks);
};
}; };

9
src/privileges/helpers.js
View File

@@ -8,6 +8,7 @@ const groups = require('../groups');
const user = require('../user'); const user = require('../user');
const plugins = require('../plugins'); const plugins = require('../plugins');
const translator = require('../translator'); const translator = require('../translator');
const utils = require('../utils');
const helpers = module.exports; const helpers = module.exports;
@@ -183,4 +184,12 @@ helpers.giveOrRescind = async function (method, privileges, cids, members) {
} }
}; };
helpers.userOrGroupPrivileges = async function (cid, uidOrGroup, privilegeList) {
const tasks = {};
privilegeList.forEach((privilege) => {
tasks[privilege] = groups.isMember(uidOrGroup, `cid:${cid}:privileges:${privilege}`);
});
return await utils.promiseParallel(tasks);
};
require('../promisify')(helpers); require('../promisify')(helpers);

70
src/privileges/index.js
View File

@@ -1,52 +1,28 @@
'use strict'; 'use strict';
const privileges = module.exports; const privileges = module.exports;
privileges.global = require('./global');
privileges.privilegeLabels = [ privileges.admin = require('./admin');
{ name: '[[admin/manage/privileges:find-category]]' }, privileges.categories = require('./categories');
{ name: '[[admin/manage/privileges:access-category]]' }, privileges.topics = require('./topics');
{ name: '[[admin/manage/privileges:access-topics]]' }, privileges.posts = require('./posts');
{ name: '[[admin/manage/privileges:create-topics]]' }, privileges.users = require('./users');
{ name: '[[admin/manage/privileges:reply-to-topics]]' },
{ name: '[[admin/manage/privileges:tag-topics]]' },
{ name: '[[admin/manage/privileges:edit-posts]]' },
{ name: '[[admin/manage/privileges:view-edit-history]]' },
{ name: '[[admin/manage/privileges:delete-posts]]' },
{ name: '[[admin/manage/privileges:upvote-posts]]' },
{ name: '[[admin/manage/privileges:downvote-posts]]' },
{ name: '[[admin/manage/privileges:delete-topics]]' },
{ name: '[[admin/manage/privileges:view_deleted]]' },
{ name: '[[admin/manage/privileges:purge]]' },
{ name: '[[admin/manage/privileges:moderate]]' },
];
privileges.userPrivilegeList = [
'find',
'read',
'topics:read',
'topics:create',
'topics:reply',
'topics:tag',
'posts:edit',
'posts:history',
'posts:delete',
'posts:upvote',
'posts:downvote',
'topics:delete',
'posts:view_deleted',
'purge',
'moderate',
];
privileges.groupPrivilegeList = privileges.userPrivilegeList.map(privilege => `groups:${privilege}`);
privileges.privilegeList = privileges.userPrivilegeList.concat(privileges.groupPrivilegeList);
require('./global')(privileges);
require('./admin')(privileges);
require('./categories')(privileges);
require('./topics')(privileges);
require('./posts')(privileges);
require('./users')(privileges);
require('../promisify')(privileges); require('../promisify')(privileges);
// TODO: backwards compatibility remove in 1.18.0
[
'privilegeLabels',
'userPrivilegeList',
'groupPrivilegeList',
'privilegeList',
].forEach((fieldName) => {
Object.defineProperty(privileges, fieldName, {
configurable: true,
enumerable: true,
get: function () {
console.warn(`[deprecated] privileges.${fieldName} is deprecated. Use privileges.categories.${fieldName}`);
return privileges.categories[fieldName];
},
});
});

61
src/privileges/posts.js
View File

@@ -10,11 +10,11 @@ const user = require('../user');
const helpers = require('./helpers'); const helpers = require('./helpers');
const plugins = require('../plugins'); const plugins = require('../plugins');
const utils = require('../utils'); const utils = require('../utils');
const privsCategories = require('./categories');
module.exports = function (privileges) { const privsPosts = module.exports;
privileges.posts = {};
privileges.posts.get = async function (pids, uid) { privsPosts.get = async function (pids, uid) {
if (!Array.isArray(pids) || !pids.length) { if (!Array.isArray(pids) || !pids.length) {
return []; return [];
} }
@@ -58,14 +58,14 @@ module.exports = function (privileges) {
}); });
return privileges; return privileges;
}; };
privileges.posts.can = async function (privilege, pid, uid) { privsPosts.can = async function (privilege, pid, uid) {
const cid = await posts.getCidByPid(pid); const cid = await posts.getCidByPid(pid);
return await privileges.categories.can(privilege, cid, uid); return await privsCategories.can(privilege, cid, uid);
}; };
privileges.posts.filter = async function (privilege, pids, uid) { privsPosts.filter = async function (privilege, pids, uid) {
if (!Array.isArray(pids) || !pids.length) { if (!Array.isArray(pids) || !pids.length) {
return []; return [];
} }
@@ -87,7 +87,7 @@ module.exports = function (privileges) {
cids = _.uniq(cids); cids = _.uniq(cids);
const results = await privileges.categories.getBase(privilege, cids, uid); const results = await privsCategories.getBase(privilege, cids, uid);
const allowedCids = cids.filter((cid, index) => !results.categories[index].disabled && const allowedCids = cids.filter((cid, index) => !results.categories[index].disabled &&
(results.allowedTo[index] || results.isAdmin)); (results.allowedTo[index] || results.isAdmin));
@@ -107,14 +107,14 @@ module.exports = function (privileges) {
}); });
return data ? data.pids : null; return data ? data.pids : null;
}; };
privileges.posts.canEdit = async function (pid, uid) { privsPosts.canEdit = async function (pid, uid) {
const results = await utils.promiseParallel({ const results = await utils.promiseParallel({
isAdmin: privileges.users.isAdministrator(uid), isAdmin: user.isAdministrator(uid),
isMod: posts.isModerator([pid], uid), isMod: posts.isModerator([pid], uid),
owner: posts.isOwner(pid, uid), owner: posts.isOwner(pid, uid),
edit: privileges.posts.can('posts:edit', pid, uid), edit: privsPosts.can('posts:edit', pid, uid),
postData: posts.getPostFields(pid, ['tid', 'timestamp', 'deleted', 'deleterUid']), postData: posts.getPostFields(pid, ['tid', 'timestamp', 'deleted', 'deleterUid']),
userData: user.getUserFields(uid, ['reputation']), userData: user.getUserFields(uid, ['reputation']),
}); });
@@ -154,16 +154,16 @@ module.exports = function (privileges) {
const result = await plugins.hooks.fire('filter:privileges.posts.edit', results); const result = await plugins.hooks.fire('filter:privileges.posts.edit', results);
return { flag: result.edit && (result.owner || result.isMod), message: '[[error:no-privileges]]' }; return { flag: result.edit && (result.owner || result.isMod), message: '[[error:no-privileges]]' };
}; };
privileges.posts.canDelete = async function (pid, uid) { privsPosts.canDelete = async function (pid, uid) {
const postData = await posts.getPostFields(pid, ['uid', 'tid', 'timestamp', 'deleterUid']); const postData = await posts.getPostFields(pid, ['uid', 'tid', 'timestamp', 'deleterUid']);
const results = await utils.promiseParallel({ const results = await utils.promiseParallel({
isAdmin: privileges.users.isAdministrator(uid), isAdmin: user.isAdministrator(uid),
isMod: posts.isModerator([pid], uid), isMod: posts.isModerator([pid], uid),
isLocked: topics.isLocked(postData.tid), isLocked: topics.isLocked(postData.tid),
isOwner: posts.isOwner(pid, uid), isOwner: posts.isOwner(pid, uid),
'posts:delete': privileges.posts.can('posts:delete', pid, uid), 'posts:delete': privsPosts.can('posts:delete', pid, uid),
}); });
results.isMod = results.isMod[0]; results.isMod = results.isMod[0];
if (results.isAdmin) { if (results.isAdmin) {
@@ -181,9 +181,9 @@ module.exports = function (privileges) {
const { deleterUid } = postData; const { deleterUid } = postData;
const flag = results['posts:delete'] && ((results.isOwner && (deleterUid === 0 || deleterUid === postData.uid)) || results.isMod); const flag = results['posts:delete'] && ((results.isOwner && (deleterUid === 0 || deleterUid === postData.uid)) || results.isMod);
return { flag: flag, message: '[[error:no-privileges]]' }; return { flag: flag, message: '[[error:no-privileges]]' };
}; };
privileges.posts.canFlag = async function (pid, uid) { privsPosts.canFlag = async function (pid, uid) {
const targetUid = await posts.getPostField(pid, 'uid'); const targetUid = await posts.getPostField(pid, 'uid');
const [userReputation, isAdminOrModerator, targetPrivileged, reporterPrivileged] = await Promise.all([ const [userReputation, isAdminOrModerator, targetPrivileged, reporterPrivileged] = await Promise.all([
user.getUserField(uid, 'reputation'), user.getUserField(uid, 'reputation'),
@@ -199,32 +199,31 @@ module.exports = function (privileges) {
} }
return { flag: canFlag }; return { flag: canFlag };
}; };
privileges.posts.canMove = async function (pid, uid) { privsPosts.canMove = async function (pid, uid) {
const isMain = await posts.isMain(pid); const isMain = await posts.isMain(pid);
if (isMain) { if (isMain) {
throw new Error('[[error:cant-move-mainpost]]'); throw new Error('[[error:cant-move-mainpost]]');
} }
return await isAdminOrMod(pid, uid); return await isAdminOrMod(pid, uid);
}; };
privileges.posts.canPurge = async function (pid, uid) { privsPosts.canPurge = async function (pid, uid) {
const cid = await posts.getCidByPid(pid); const cid = await posts.getCidByPid(pid);
const results = await utils.promiseParallel({ const results = await utils.promiseParallel({
purge: privileges.categories.isUserAllowedTo('purge', cid, uid), purge: privsCategories.isUserAllowedTo('purge', cid, uid),
owner: posts.isOwner(pid, uid), owner: posts.isOwner(pid, uid),
isAdmin: privileges.users.isAdministrator(uid), isAdmin: user.isAdministrator(uid),
isModerator: privileges.users.isModerator(uid, cid), isModerator: user.isModerator(uid, cid),
}); });
return (results.purge && (results.owner || results.isModerator)) || results.isAdmin; return (results.purge && (results.owner || results.isModerator)) || results.isAdmin;
}; };
async function isAdminOrMod(pid, uid) { async function isAdminOrMod(pid, uid) {
if (parseInt(uid, 10) <= 0) { if (parseInt(uid, 10) <= 0) {
return false; return false;
} }
const cid = await posts.getCidByPid(pid); const cid = await posts.getCidByPid(pid);
return await privileges.categories.isAdminOrMod(cid, uid); return await privsCategories.isAdminOrMod(cid, uid);
} }
};

55
src/privileges/topics.js
View File

@@ -9,11 +9,11 @@ const user = require('../user');
const helpers = require('./helpers'); const helpers = require('./helpers');
const categories = require('../categories'); const categories = require('../categories');
const plugins = require('../plugins'); const plugins = require('../plugins');
const privsCategories = require('./categories');
module.exports = function (privileges) { const privsTopics = module.exports;
privileges.topics = {};
privileges.topics.get = async function (tid, uid) { privsTopics.get = async function (tid, uid) {
uid = parseInt(uid, 10); uid = parseInt(uid, 10);
const privs = [ const privs = [
@@ -55,21 +55,21 @@ module.exports = function (privileges) {
tid: tid, tid: tid,
uid: uid, uid: uid,
}); });
}; };
privileges.topics.can = async function (privilege, tid, uid) { privsTopics.can = async function (privilege, tid, uid) {
const cid = await topics.getTopicField(tid, 'cid'); const cid = await topics.getTopicField(tid, 'cid');
return await privileges.categories.can(privilege, cid, uid); return await privsCategories.can(privilege, cid, uid);
}; };
privileges.topics.filterTids = async function (privilege, tids, uid) { privsTopics.filterTids = async function (privilege, tids, uid) {
if (!Array.isArray(tids) || !tids.length) { if (!Array.isArray(tids) || !tids.length) {
return []; return [];
} }
const topicsData = await topics.getTopicsFields(tids, ['tid', 'cid', 'deleted']); const topicsData = await topics.getTopicsFields(tids, ['tid', 'cid', 'deleted']);
const cids = _.uniq(topicsData.map(topic => topic.cid)); const cids = _.uniq(topicsData.map(topic => topic.cid));
const results = await privileges.categories.getBase(privilege, cids, uid); const results = await privsCategories.getBase(privilege, cids, uid);
const allowedCids = cids.filter((cid, index) => ( const allowedCids = cids.filter((cid, index) => (
!results.categories[index].disabled && !results.categories[index].disabled &&
@@ -90,9 +90,9 @@ module.exports = function (privileges) {
tids: tids, tids: tids,
}); });
return data ? data.tids : []; return data ? data.tids : [];
}; };
privileges.topics.filterUids = async function (privilege, tid, uids) { privsTopics.filterUids = async function (privilege, tid, uids) {
if (!Array.isArray(uids) || !uids.length) { if (!Array.isArray(uids) || !uids.length) {
return []; return [];
} }
@@ -106,20 +106,20 @@ module.exports = function (privileges) {
]); ]);
return uids.filter((uid, index) => !disabled && return uids.filter((uid, index) => !disabled &&
((allowedTo[index] && !topicData.deleted) || isAdmins[index])); ((allowedTo[index] && !topicData.deleted) || isAdmins[index]));
}; };
privileges.topics.canPurge = async function (tid, uid) { privsTopics.canPurge = async function (tid, uid) {
const cid = await topics.getTopicField(tid, 'cid'); const cid = await topics.getTopicField(tid, 'cid');
const [purge, owner, isAdmin, isModerator] = await Promise.all([ const [purge, owner, isAdmin, isModerator] = await Promise.all([
privileges.categories.isUserAllowedTo('purge', cid, uid), privsCategories.isUserAllowedTo('purge', cid, uid),
topics.isOwner(tid, uid), topics.isOwner(tid, uid),
privileges.users.isAdministrator(uid), user.isAdministrator(uid),
privileges.users.isModerator(uid, cid), user.isModerator(uid, cid),
]); ]);
return (purge && (owner || isModerator)) || isAdmin; return (purge && (owner || isModerator)) || isAdmin;
}; };
privileges.topics.canDelete = async function (tid, uid) { privsTopics.canDelete = async function (tid, uid) {
const topicData = await topics.getTopicFields(tid, ['uid', 'cid', 'postcount', 'deleterUid']); const topicData = await topics.getTopicFields(tid, ['uid', 'cid', 'postcount', 'deleterUid']);
const [isModerator, isAdministrator, isOwner, allowedTo] = await Promise.all([ const [isModerator, isAdministrator, isOwner, allowedTo] = await Promise.all([
user.isModerator(uid, topicData.cid), user.isModerator(uid, topicData.cid),
@@ -142,25 +142,24 @@ module.exports = function (privileges) {
const { deleterUid } = topicData; const { deleterUid } = topicData;
return allowedTo[0] && ((isOwner && (deleterUid === 0 || deleterUid === topicData.uid)) || isModerator); return allowedTo[0] && ((isOwner && (deleterUid === 0 || deleterUid === topicData.uid)) || isModerator);
}; };
privileges.topics.canEdit = async function (tid, uid) { privsTopics.canEdit = async function (tid, uid) {
return await privileges.topics.isOwnerOrAdminOrMod(tid, uid); return await privsTopics.isOwnerOrAdminOrMod(tid, uid);
}; };
privileges.topics.isOwnerOrAdminOrMod = async function (tid, uid) { privsTopics.isOwnerOrAdminOrMod = async function (tid, uid) {
const [isOwner, isAdminOrMod] = await Promise.all([ const [isOwner, isAdminOrMod] = await Promise.all([
topics.isOwner(tid, uid), topics.isOwner(tid, uid),
privileges.topics.isAdminOrMod(tid, uid), privsTopics.isAdminOrMod(tid, uid),
]); ]);
return isOwner || isAdminOrMod; return isOwner || isAdminOrMod;
}; };
privileges.topics.isAdminOrMod = async function (tid, uid) { privsTopics.isAdminOrMod = async function (tid, uid) {
if (parseInt(uid, 10) <= 0) { if (parseInt(uid, 10) <= 0) {
return false; return false;
} }
const cid = await topics.getTopicField(tid, 'cid'); const cid = await topics.getTopicField(tid, 'cid');
return await privileges.categories.isAdminOrMod(cid, uid); return await privsCategories.isAdminOrMod(cid, uid);
};
}; };

74
src/privileges/users.js
View File

@@ -9,36 +9,35 @@ const groups = require('../groups');
const plugins = require('../plugins'); const plugins = require('../plugins');
const helpers = require('./helpers'); const helpers = require('./helpers');
module.exports = function (privileges) { const privsUsers = module.exports;
privileges.users = {};
privileges.users.isAdministrator = async function (uid) { privsUsers.isAdministrator = async function (uid) {
return await isGroupMember(uid, 'administrators'); return await isGroupMember(uid, 'administrators');
}; };
privileges.users.isGlobalModerator = async function (uid) { privsUsers.isGlobalModerator = async function (uid) {
return await isGroupMember(uid, 'Global Moderators'); return await isGroupMember(uid, 'Global Moderators');
}; };
async function isGroupMember(uid, groupName) { async function isGroupMember(uid, groupName) {
return await groups[Array.isArray(uid) ? 'isMembers' : 'isMember'](uid, groupName); return await groups[Array.isArray(uid) ? 'isMembers' : 'isMember'](uid, groupName);
} }
privileges.users.isModerator = async function (uid, cid) { privsUsers.isModerator = async function (uid, cid) {
if (Array.isArray(cid)) { if (Array.isArray(cid)) {
return await isModeratorOfCategories(cid, uid); return await isModeratorOfCategories(cid, uid);
} else if (Array.isArray(uid)) { } else if (Array.isArray(uid)) {
return await isModeratorsOfCategory(cid, uid); return await isModeratorsOfCategory(cid, uid);
} }
return await isModeratorOfCategory(cid, uid); return await isModeratorOfCategory(cid, uid);
}; };
async function isModeratorOfCategories(cids, uid) { async function isModeratorOfCategories(cids, uid) {
if (parseInt(uid, 10) <= 0) { if (parseInt(uid, 10) <= 0) {
return await filterIsModerator(cids, uid, cids.map(() => false)); return await filterIsModerator(cids, uid, cids.map(() => false));
} }
const isGlobalModerator = await privileges.users.isGlobalModerator(uid); const isGlobalModerator = await privsUsers.isGlobalModerator(uid);
if (isGlobalModerator) { if (isGlobalModerator) {
return await filterIsModerator(cids, uid, cids.map(() => true)); return await filterIsModerator(cids, uid, cids.map(() => true));
} }
@@ -48,40 +47,40 @@ module.exports = function (privileges) {
const cidToIsAllowed = _.zipObject(uniqueCids, isAllowed); const cidToIsAllowed = _.zipObject(uniqueCids, isAllowed);
const isModerator = cids.map(cid => cidToIsAllowed[cid]); const isModerator = cids.map(cid => cidToIsAllowed[cid]);
return await filterIsModerator(cids, uid, isModerator); return await filterIsModerator(cids, uid, isModerator);
} }
async function isModeratorsOfCategory(cid, uids) { async function isModeratorsOfCategory(cid, uids) {
const [check1, check2, check3] = await Promise.all([ const [check1, check2, check3] = await Promise.all([
privileges.users.isGlobalModerator(uids), privsUsers.isGlobalModerator(uids),
groups.isMembers(uids, `cid:${cid}:privileges:moderate`), groups.isMembers(uids, `cid:${cid}:privileges:moderate`),
groups.isMembersOfGroupList(uids, `cid:${cid}:privileges:groups:moderate`), groups.isMembersOfGroupList(uids, `cid:${cid}:privileges:groups:moderate`),
]); ]);
const isModerator = uids.map((uid, idx) => check1[idx] || check2[idx] || check3[idx]); const isModerator = uids.map((uid, idx) => check1[idx] || check2[idx] || check3[idx]);
return await filterIsModerator(cid, uids, isModerator); return await filterIsModerator(cid, uids, isModerator);
} }
async function isModeratorOfCategory(cid, uid) { async function isModeratorOfCategory(cid, uid) {
const result = await isModeratorOfCategories([cid], uid); const result = await isModeratorOfCategories([cid], uid);
return result ? result[0] : false; return result ? result[0] : false;
} }
async function filterIsModerator(cid, uid, isModerator) { async function filterIsModerator(cid, uid, isModerator) {
const data = await plugins.hooks.fire('filter:user.isModerator', { uid: uid, cid: cid, isModerator: isModerator }); const data = await plugins.hooks.fire('filter:user.isModerator', { uid: uid, cid: cid, isModerator: isModerator });
if ((Array.isArray(uid) || Array.isArray(cid)) && !Array.isArray(data.isModerator)) { if ((Array.isArray(uid) || Array.isArray(cid)) && !Array.isArray(data.isModerator)) {
throw new Error('filter:user.isModerator - i/o mismatch'); throw new Error('filter:user.isModerator - i/o mismatch');
} }
return data.isModerator; return data.isModerator;
} }
privileges.users.canEdit = async function (callerUid, uid) { privsUsers.canEdit = async function (callerUid, uid) {
if (parseInt(callerUid, 10) === parseInt(uid, 10)) { if (parseInt(callerUid, 10) === parseInt(uid, 10)) {
return true; return true;
} }
const [isAdmin, isGlobalMod, isTargetAdmin] = await Promise.all([ const [isAdmin, isGlobalMod, isTargetAdmin] = await Promise.all([
privileges.users.isAdministrator(callerUid), privsUsers.isAdministrator(callerUid),
privileges.users.isGlobalModerator(callerUid), privsUsers.isGlobalModerator(callerUid),
privileges.users.isAdministrator(uid), privsUsers.isAdministrator(uid),
]); ]);
const data = await plugins.hooks.fire('filter:user.canEdit', { const data = await plugins.hooks.fire('filter:user.canEdit', {
@@ -93,12 +92,13 @@ module.exports = function (privileges) {
uid: uid, uid: uid,
}); });
return data.canEdit; return data.canEdit;
}; };
privileges.users.canBanUser = async function (callerUid, uid) { privsUsers.canBanUser = async function (callerUid, uid) {
const privsGlobal = require('./global');
const [canBan, isTargetAdmin] = await Promise.all([ const [canBan, isTargetAdmin] = await Promise.all([
privileges.global.can('ban', callerUid), privsGlobal.can('ban', callerUid),
privileges.users.isAdministrator(uid), privsUsers.isAdministrator(uid),
]); ]);
const data = await plugins.hooks.fire('filter:user.canBanUser', { const data = await plugins.hooks.fire('filter:user.canBanUser', {
@@ -107,9 +107,9 @@ module.exports = function (privileges) {
uid: uid, uid: uid,
}); });
return data.canBan; return data.canBan;
}; };
privileges.users.canFlag = async function (callerUid, uid) { privsUsers.canFlag = async function (callerUid, uid) {
const [userReputation, targetPrivileged, reporterPrivileged] = await Promise.all([ const [userReputation, targetPrivileged, reporterPrivileged] = await Promise.all([
user.getUserField(callerUid, 'reputation'), user.getUserField(callerUid, 'reputation'),
user.isPrivileged(uid), user.isPrivileged(uid),
@@ -123,16 +123,16 @@ module.exports = function (privileges) {
} }
return { flag: canFlag }; return { flag: canFlag };
}; };
privileges.users.hasBanPrivilege = async uid => await hasGlobalPrivilege('ban', uid); privsUsers.hasBanPrivilege = async uid => await hasGlobalPrivilege('ban', uid);
privileges.users.hasInvitePrivilege = async uid => await hasGlobalPrivilege('invite', uid); privsUsers.hasInvitePrivilege = async uid => await hasGlobalPrivilege('invite', uid);
async function hasGlobalPrivilege(privilege, uid) { async function hasGlobalPrivilege(privilege, uid) {
const privsGlobal = require('./global');
const privilegeName = privilege.split('-').map(word => word.slice(0, 1).toUpperCase() + word.slice(1)).join(''); const privilegeName = privilege.split('-').map(word => word.slice(0, 1).toUpperCase() + word.slice(1)).join('');
let payload = { uid }; let payload = { uid };
payload[`can${privilegeName}`] = await privileges.global.can(privilege, uid); payload[`can${privilegeName}`] = await privsGlobal.can(privilege, uid);
payload = await plugins.hooks.fire(`filter:user.has${privilegeName}Privilege`, payload); payload = await plugins.hooks.fire(`filter:user.has${privilegeName}Privilege`, payload);
return payload[`can${privilegeName}`]; return payload[`can${privilegeName}`];
} }
};

2
test/posts.js
View File

@@ -753,7 +753,7 @@ describe('Post\'s', () => {
const cat2 = await categories.create({ name: 'Test Category', description: 'Test category created by testing script' }); const cat2 = await categories.create({ name: 'Test Category', description: 'Test category created by testing script' });
const result = await socketTopics.post({ uid: globalModUid }, { title: 'target topic', content: 'queued topic', cid: cat2.cid }); const result = await socketTopics.post({ uid: globalModUid }, { title: 'target topic', content: 'queued topic', cid: cat2.cid });
const modUid = await user.create({ username: 'modofcat1' }); const modUid = await user.create({ username: 'modofcat1' });
await privileges.categories.give(privileges.userPrivilegeList, cat1.cid, modUid); await privileges.categories.give(privileges.categories.userPrivilegeList, cat1.cid, modUid);
let err; let err;
try { try {
await socketPosts.movePost({ uid: modUid }, { pid: replyPid, tid: result.tid }); await socketPosts.movePost({ uid: modUid }, { pid: replyPid, tid: result.tid });