Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-01 03:26:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

privileges style changes

Browse Source
This commit is contained in:
Barış Soner Uşaklı
2017-05-25 21:17:20 -04:00
parent 02dee48329
commit 8db193ff55
6 changed files with 386 additions and 405 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/groups/membership.js
View File

@@ -323,7 +323,7 @@ module.exports = function (Groups) {
});
Groups.isMember = function (uid, groupName, callback) {
if (!uid || parseInt(uid, 10) <= 0) {
if (!uid || parseInt(uid, 10) <= 0 || !groupName) {
return setImmediate(callback, null, false);
}

63
src/privileges/categories.js
View File

@@ -31,6 +31,8 @@ module.exports = function (privileges) {
{ name: 'Moderate' },
];
async.waterfall([
function (next) {
async.parallel({
labels: function (next) {
async.parallel({
@@ -40,6 +42,7 @@ module.exports = function (privileges) {
},
users: function (next) {
var userPrivileges;
var memberSets;
async.waterfall([
async.apply(plugins.fireHook, 'filter:privileges.list', privileges.userPrivilegeList),
function (_privs, next) {
@@ -48,8 +51,8 @@ module.exports = function (privileges) {
return 'cid:' + cid + ':privileges:' + privilege;
}), next);
},
function (memberSets, next) {
memberSets = memberSets.map(function (set) {
function (_memberSets, next) {
memberSets = _memberSets.map(function (set) {
return set.map(function (uid) {
return parseInt(uid, 10);
});
@@ -57,11 +60,9 @@ module.exports = function (privileges) {
var members = _.unique(_.flatten(memberSets));
user.getUsersFields(members, ['picture', 'username'], function (err, memberData) {
if (err) {
return next(err);
}
user.getUsersFields(members, ['picture', 'username'], next);
},
function (memberData, next) {
memberData.forEach(function (member) {
member.privileges = {};
for (var x = 0, numPrivs = userPrivileges.length; x < numPrivs; x += 1) {
@@ -70,7 +71,6 @@ module.exports = function (privileges) {
});
next(null, memberData);
});
},
], next);
},
@@ -80,19 +80,22 @@ module.exports = function (privileges) {
async.apply(plugins.fireHook, 'filter:privileges.groups.list', privileges.groupPrivilegeList),
function (_privs, next) {
groupPrivileges = _privs;
async.parallel({
memberSets: function (next) {
groups.getMembersOfGroups(groupPrivileges.map(function (privilege) {
return 'cid:' + cid + ':privileges:' + privilege;
}), next);
},
function (memberSets, next) {
groupNames: function (next) {
groups.getGroups('groups:createtime', 0, -1, next);
},
}, next);
},
function (results, next) {
var memberSets = results.memberSets;
var uniqueGroups = _.unique(_.flatten(memberSets));
groups.getGroups('groups:createtime', 0, -1, function (err, groupNames) {
if (err) {
return next(err);
}
groupNames = groupNames.filter(function (groupName) {
var groupNames = results.groupNames.filter(function (groupName) {
return groupName.indexOf(':privileges:') === -1 && uniqueGroups.indexOf(groupName) !== -1;
});
@@ -124,33 +127,31 @@ module.exports = function (privileges) {
});
next(null, memberData);
});
},
function (memberData, next) {
// Grab privacy info for the groups as well
async.map(memberData, function (member, next) {
groups.isPrivate(member.name, function (err, isPrivate) {
if (err) {
return next(err);
}
async.waterfall([
function (next) {
groups.isPrivate(member.name, next);
},
function (isPrivate, next) {
member.isPrivate = isPrivate;
next(null, member);
});
next();
},
], next);
}, next);
},
], next);
},
}, function (err, payload) {
if (err) {
return callback(err);
}
}, next);
},
function (payload, next) {
// This is a hack because I can't do {labels.users.length} to echo the count in templates.js
payload.columnCount = payload.labels.users.length + 2;
callback(null, payload);
});
next(null, payload);
},
], callback);
};
privileges.categories.get = function (cid, uid, callback) {

101
src/privileges/helpers.js
View File

@@ -4,7 +4,7 @@
var async = require('async');
var groups = require('../groups');
var helpers = {};
var helpers = module.exports;
helpers.some = function (tasks, callback) {
async.some(tasks, function (task, next) {
@@ -29,30 +29,12 @@ function isUserAllowedToCids(privilege, uid, cids, callback) {
var userKeys = [];
var groupKeys = [];
for (var i = 0; i < cids.length; i += 1) {
userKeys.push('cid:' + cids[i] + ':privileges:' + privilege);
groupKeys.push('cid:' + cids[i] + ':privileges:groups:' + privilege);
}
async.parallel({
hasUserPrivilege: function (next) {
groups.isMemberOfGroups(uid, userKeys, next);
},
hasGroupPrivilege: function (next) {
groups.isMemberOfGroupsList(uid, groupKeys, next);
},
}, function (err, results) {
if (err) {
return callback(err);
}
var result = [];
for (var i = 0; i < cids.length; i += 1) {
result.push(results.hasUserPrivilege[i] || results.hasGroupPrivilege[i]);
}
callback(null, result);
cids.forEach(function (cid) {
userKeys.push('cid:' + cid + ':privileges:' + privilege);
groupKeys.push('cid:' + cid + ':privileges:groups:' + privilege);
});
checkIfAllowed(uid, userKeys, groupKeys, callback);
}
function isUserAllowedToPrivileges(privileges, uid, cid, callback) {
@@ -62,11 +44,17 @@ function isUserAllowedToPrivileges(privileges, uid, cid, callback) {
var userKeys = [];
var groupKeys = [];
for (var i = 0; i < privileges.length; i += 1) {
userKeys.push('cid:' + cid + ':privileges:' + privileges[i]);
groupKeys.push('cid:' + cid + ':privileges:groups:' + privileges[i]);
privileges.forEach(function (privilege) {
userKeys.push('cid:' + cid + ':privileges:' + privilege);
groupKeys.push('cid:' + cid + ':privileges:groups:' + privilege);
});
checkIfAllowed(uid, userKeys, groupKeys, callback);
}
function checkIfAllowed(uid, userKeys, groupKeys, callback) {
async.waterfall([
function (next) {
async.parallel({
hasUserPrivilege: function (next) {
groups.isMemberOfGroups(uid, userKeys, next);
@@ -74,22 +62,21 @@ function isUserAllowedToPrivileges(privileges, uid, cid, callback) {
hasGroupPrivilege: function (next) {
groups.isMemberOfGroupsList(uid, groupKeys, next);
},
}, function (err, results) {
if (err) {
return callback(err);
}
var result = [];
for (var i = 0; i < privileges.length; i += 1) {
result.push(results.hasUserPrivilege[i] || results.hasGroupPrivilege[i]);
}
callback(null, result);
}, next);
},
function (results, next) {
var result = userKeys.map(function (key, index) {
return results.hasUserPrivilege[index] || results.hasGroupPrivilege[index];
});
}
next(null, result);
},
], callback);
}
helpers.isUsersAllowedTo = function (privilege, uids, cid, callback) {
async.waterfall([
function (next) {
async.parallel({
hasUserPrivilege: function (next) {
groups.isMembers(uids, 'cid:' + cid + ':privileges:' + privilege, next);
@@ -97,36 +84,30 @@ helpers.isUsersAllowedTo = function (privilege, uids, cid, callback) {
hasGroupPrivilege: function (next) {
groups.isMembersOfGroupList(uids, 'cid:' + cid + ':privileges:groups:' + privilege, next);
},
}, function (err, results) {
if (err) {
return callback(err);
}
var result = [];
for (var i = 0; i < uids.length; i += 1) {
result.push(results.hasUserPrivilege[i] || results.hasGroupPrivilege[i]);
}
callback(null, result);
}, next);
},
function (results, next) {
var result = uids.map(function (uid, index) {
return results.hasUserPrivilege[index] || results.hasGroupPrivilege[index];
});
next(null, result);
},
], callback);
};
function isGuestAllowedToCids(privilege, cids, callback) {
var groupKeys = [];
for (var i = 0; i < cids.length; i += 1) {
groupKeys.push('cid:' + cids[i] + ':privileges:groups:' + privilege);
}
var groupKeys = cids.map(function (cid) {
return 'cid:' + cid + ':privileges:groups:' + privilege;
});
groups.isMemberOfGroups('guests', groupKeys, callback);
}
function isGuestAllowedToPrivileges(privileges, cid, callback) {
var groupKeys = [];
for (var i = 0; i < privileges.length; i += 1) {
groupKeys.push('cid:' + cid + ':privileges:groups:' + privileges[i]);
}
var groupKeys = privileges.map(function (privilege) {
return 'cid:' + cid + ':privileges:groups:' + privilege;
});
groups.isMemberOfGroups('guests', groupKeys, callback);
}
module.exports = helpers;

97
src/privileges/posts.js
View File

@@ -32,39 +32,35 @@ module.exports = function (privileges) {
'posts:edit': async.apply(helpers.isUserAllowedTo, 'posts:edit', uid, cids),
}, next);
},
], function (err, results) {
if (err) {
return callback(err);
}
var privileges = [];
for (var i = 0; i < pids.length; i += 1) {
function (results, next) {
var privileges = pids.map(function (pid, i) {
var isAdminOrMod = results.isAdmin || results.isModerator[i];
var editable = isAdminOrMod || (results.isOwner[i] && results['posts:edit'][i]);
privileges.push({
return {
editable: editable,
view_deleted: editable,
move: isAdminOrMod,
isAdminOrMod: isAdminOrMod,
'topics:read': results['topics:read'][i] || isAdminOrMod,
read: results.read[i] || isAdminOrMod,
};
});
}
callback(null, privileges);
});
next(null, privileges);
},
], callback);
};
privileges.posts.can = function (privilege, pid, uid, callback) {
posts.getCidByPid(pid, function (err, cid) {
if (err) {
return callback(err);
}
privileges.categories.can(privilege, cid, uid, callback);
});
async.waterfall([
function (next) {
posts.getCidByPid(pid, next);
},
function (cid, next) {
privileges.categories.can(privilege, cid, uid, next);
},
], callback);
};
privileges.posts.filter = function (privilege, pids, uid, callback) {
@@ -136,19 +132,21 @@ module.exports = function (privileges) {
};
privileges.posts.canEdit = function (pid, uid, callback) {
async.waterfall([
function (next) {
async.parallel({
isEditable: async.apply(isPostEditable, pid, uid),
isAdminOrMod: async.apply(isAdminOrMod, pid, uid),
}, function (err, results) {
if (err) {
return callback(err);
}
}, next);
},
function (results, next) {
if (results.isAdminOrMod) {
return callback(null, { flag: true });
return next(null, { flag: true });
}
callback(null, results.isEditable);
});
next(null, results.isEditable);
},
], callback);
};
privileges.posts.canDelete = function (pid, uid, callback) {
@@ -166,40 +164,42 @@ module.exports = function (privileges) {
'posts:delete': async.apply(privileges.posts.can, 'posts:delete', pid, uid),
}, next);
},
], function (err, results) {
if (err) {
return callback(err);
}
function (results, next) {
if (results.isAdminOrMod) {
return callback(null, { flag: true });
return next(null, { flag: true });
}
if (results.isLocked) {
return callback(null, { flag: false, message: '[[error:topic-locked]]' });
return next(null, { flag: false, message: '[[error:topic-locked]]' });
}
if (!results['posts:delete']) {
return callback(null, { flag: false, message: '[[error:no-privileges]]' });
return next(null, { flag: false, message: '[[error:no-privileges]]' });
}
var postDeleteDuration = parseInt(meta.config.postDeleteDuration, 10);
if (postDeleteDuration && (Date.now() - parseInt(postData.timestamp, 10) > postDeleteDuration * 1000)) {
return callback(null, { flag: false, message: '[[error:post-delete-duration-expired, ' + meta.config.postDeleteDuration + ']]' });
return next(null, { flag: false, message: '[[error:post-delete-duration-expired, ' + meta.config.postDeleteDuration + ']]' });
}
var deleterUid = parseInt(postData.deleterUid, 10) || 0;
var flag = results.isOwner && (deleterUid === 0 || deleterUid === parseInt(postData.uid, 10));
callback(null, { flag: flag, message: '[[error:no-privileges]]' });
});
next(null, { flag: flag, message: '[[error:no-privileges]]' });
},
], callback);
};
privileges.posts.canMove = function (pid, uid, callback) {
posts.isMain(pid, function (err, isMain) {
if (err || isMain) {
return callback(err || new Error('[[error:cant-move-mainpost]]'));
async.waterfall([
function (next) {
posts.isMain(pid, next);
},
function (isMain, next) {
if (isMain) {
return next(new Error('[[error:cant-move-mainpost]]'));
}
isAdminOrMod(pid, uid, callback);
});
isAdminOrMod(pid, uid, next);
},
], callback);
};
privileges.posts.canPurge = function (pid, uid, callback) {
@@ -251,13 +251,14 @@ module.exports = function (privileges) {
function isAdminOrMod(pid, uid, callback) {
helpers.some([
function (next) {
posts.getCidByPid(pid, function (err, cid) {
if (err || !cid) {
return next(err, false);
}
async.waterfall([
function (next) {
posts.getCidByPid(pid, next);
},
function (cid, next) {
user.isModerator(uid, cid, next);
});
},
], next);
},
function (next) {
user.isAdministrator(uid, next);

41
src/privileges/topics.js
View File

@@ -28,11 +28,7 @@ module.exports = function (privileges) {
disabled: async.apply(categories.getCategoryField, topic.cid, 'disabled'),
}, next);
},
], function (err, results) {
if (err) {
return callback(err);
}
function (results, next) {
var privData = _.object(privs, results.privileges);
var disabled = parseInt(results.disabled, 10) === 1;
var locked = parseInt(topic.locked, 10) === 1;
@@ -57,8 +53,9 @@ module.exports = function (privileges) {
disabled: disabled,
tid: tid,
uid: uid,
}, callback);
});
}, next);
},
], callback);
};
privileges.topics.can = function (privilege, tid, uid, callback) {
@@ -194,13 +191,9 @@ module.exports = function (privileges) {
'topics:delete': async.apply(helpers.isUserAllowedTo, 'topics:delete', uid, [topicData.cid]),
}, next);
},
], function (err, results) {
if (err) {
return callback(err);
}
function (results, next) {
if (results.isModerator || results.isAdministrator) {
return callback(null, true);
return next(null, true);
}
var preventTopicDeleteAfterReplies = parseInt(meta.config.preventTopicDeleteAfterReplies, 10) || 0;
@@ -208,15 +201,16 @@ module.exports = function (privileges) {
var langKey = preventTopicDeleteAfterReplies > 1 ?
'[[error:cant-delete-topic-has-replies, ' + meta.config.preventTopicDeleteAfterReplies + ']]' :
'[[error:cant-delete-topic-has-reply]]';
return callback(new Error(langKey));
return next(new Error(langKey));
}
if (!results['topics:delete'][0]) {
return callback(null, false);
return next(null, false);
}
callback(null, results.isOwner);
});
next(null, results.isOwner);
},
], callback);
};
privileges.topics.canEdit = function (tid, uid, callback) {
@@ -234,16 +228,17 @@ module.exports = function (privileges) {
], callback);
};
privileges.topics.isAdminOrMod = function (tid, uid, callback) {
helpers.some([
function (next) {
topics.getTopicField(tid, 'cid', function (err, cid) {
if (err) {
return next(err);
}
async.waterfall([
function (next) {
topics.getTopicField(tid, 'cid', next);
},
function (cid, next) {
user.isModerator(uid, cid, next);
});
},
], next);
},
function (next) {
user.isAdministrator(uid, next);

87
src/privileges/users.js
View File

@@ -40,17 +40,17 @@ module.exports = function (privileges) {
if (!parseInt(uid, 10)) {
return filterIsModerator(cids, uid, cids.map(function () { return false; }), callback);
}
privileges.users.isGlobalModerator(uid, function (err, isGlobalModerator) {
if (err) {
return callback(err);
}
var uniqueCids;
async.waterfall([
function (next) {
privileges.users.isGlobalModerator(uid, next);
},
function (isGlobalModerator, next) {
if (isGlobalModerator) {
return filterIsModerator(cids, uid, cids.map(function () { return true; }), callback);
}
var uniqueCids = cids.filter(function (cid, index, array) {
uniqueCids = cids.filter(function (cid, index, array) {
return array.indexOf(cid) === index;
});
@@ -65,11 +65,9 @@ module.exports = function (privileges) {
async.parallel({
user: async.apply(groups.isMemberOfGroups, uid, groupNames),
group: async.apply(groups.isMemberOfGroupsList, uid, groupListNames),
}, function (err, checks) {
if (err) {
return callback(err);
}
}, next);
},
function (checks, next) {
var isMembers = checks.user.map(function (isMember, idx) {
return isMember || checks.group[idx];
});
@@ -83,62 +81,67 @@ module.exports = function (privileges) {
return map[cid];
});
filterIsModerator(cids, uid, isModerator, callback);
});
});
filterIsModerator(cids, uid, isModerator, next);
},
], callback);
}
function isModeratorsOfCategory(cid, uids, callback) {
async.waterfall([
function (next) {
async.parallel([
async.apply(privileges.users.isGlobalModerator, uids),
async.apply(groups.isMembers, uids, 'cid:' + cid + ':privileges:mods'),
async.apply(groups.isMembersOfGroupList, uids, 'cid:' + cid + ':privileges:groups:moderate'),
], function (err, checks) {
if (err) {
return callback(err);
}
], next);
},
function (checks, next) {
var isModerator = checks[0].map(function (isMember, idx) {
return isMember || checks[1][idx] || checks[2][idx];
});
filterIsModerator(cid, uids, isModerator, callback);
});
filterIsModerator(cid, uids, isModerator, next);
},
], callback);
}
function isModeratorOfCategory(cid, uid, callback) {
async.waterfall([
function (next) {
async.parallel([
async.apply(privileges.users.isGlobalModerator, uid),
async.apply(groups.isMember, uid, 'cid:' + cid + ':privileges:mods'),
async.apply(groups.isMemberOfGroupList, uid, 'cid:' + cid + ':privileges:groups:moderate'),
], function (err, checks) {
if (err) {
return callback(err);
}
], next);
},
function (checks, next) {
var isModerator = checks[0] || checks[1] || checks[2];
filterIsModerator(cid, uid, isModerator, callback);
});
filterIsModerator(cid, uid, isModerator, next);
},
], callback);
}
function filterIsModerator(cid, uid, isModerator, callback) {
plugins.fireHook('filter:user.isModerator', { uid: uid, cid: cid, isModerator: isModerator }, function (err, data) {
if (err) {
return callback(err);
}
async.waterfall([
function (next) {
plugins.fireHook('filter:user.isModerator', { uid: uid, cid: cid, isModerator: isModerator }, next);
},
function (data, next) {
if ((Array.isArray(uid) || Array.isArray(cid)) && !Array.isArray(data.isModerator)) {
return callback(new Error('filter:user.isModerator - i/o mismatch'));
}
callback(null, data.isModerator);
});
next(null, data.isModerator);
},
], callback);
}
privileges.users.canEdit = function (callerUid, uid, callback) {
if (parseInt(callerUid, 10) === parseInt(uid, 10)) {
return process.nextTick(callback, null, true);
}
async.waterfall([
function (next) {
async.parallel({
isAdmin: function (next) {
privileges.users.isAdministrator(callerUid, next);
@@ -149,14 +152,14 @@ module.exports = function (privileges) {
isTargetAdmin: function (next) {
privileges.users.isAdministrator(uid, next);
},
}, function (err, results) {
if (err) {
return callback(err);
}
}, next);
},
function (results, next) {
var canEdit = results.isAdmin || (results.isGlobalMod && !results.isTargetAdmin);
callback(null, canEdit);
});
next(null, canEdit);
},
], callback);
};
privileges.users.canBanUser = function (callerUid, uid, callback) {