Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-26 16:46:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

breaking: remove socket.emit('admin.categories.setPrivilege') and socket.emit('admin.categories.getPrivilegeSettings')

Browse Source
This commit is contained in:
Barış Soner Uşaklı
2021-12-06 21:47:47 -05:00
parent 0b9c01f9a0
commit cc3f82bc83
9 changed files with 143 additions and 145 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
public/openapi/write.yaml
View File

@@ -92,6 +92,8 @@ paths:
$ref: 'write/categories/cid/privileges.yaml' $ref: 'write/categories/cid/privileges.yaml'
/categories/{cid}/privileges/{privilege}: /categories/{cid}/privileges/{privilege}:
$ref: 'write/categories/cid/privileges/privilege.yaml' $ref: 'write/categories/cid/privileges/privilege.yaml'
/categories/{cid}/moderator/{uid}:
$ref: 'write/categories/cid/moderator/uid.yaml'
/topics/: /topics/:
$ref: 'write/topics.yaml' $ref: 'write/topics.yaml'
/topics/{tid}: /topics/{tid}:

64
public/openapi/write/categories/cid/moderator/uid.yaml Normal file
View File

@@ -0,0 +1,64 @@
put:
tags:
- categories
summary: Make a user moderator of category
description: This operation makes a user the moderator of a specific category
parameters:
- in: path
name: cid
schema:
type: string
required: true
description: a valid category id
example: 1
- in: path
name: uid
schema:
type: string
required: true
description: The uid of the user that will be the moderator
example: 2
responses:
'200':
description: User successfully made moderator
content:
application/json:
schema:
type: object
properties:
status:
$ref: ../../../../components/schemas/Status.yaml#/Status
response:
type: object
delete:
tags:
- categories
summary: Remove a category moderator
description: This operation removes a user from category moderators
parameters:
- in: path
name: cid
schema:
type: string
required: true
description: a valid category id
example: 1
- in: path
name: uid
schema:
type: string
required: true
description: The uid of the user that will be removed from moderators
example: 2
responses:
'200':
description: User successfully made moderator
content:
application/json:
schema:
type: object
properties:
status:
$ref: ../../../../components/schemas/Status.yaml#/Status
response:
type: object

14
public/src/admin/manage/admins-mods.js
View File

@@ -87,12 +87,7 @@ define('admin/manage/admins-mods', [
autocomplete.user($('.moderator-search'), function (ev, ui) { autocomplete.user($('.moderator-search'), function (ev, ui) {
const input = $(ev.target); const input = $(ev.target);
const cid = $(ev.target).attr('data-cid'); const cid = $(ev.target).attr('data-cid');
socket.emit('admin.categories.setPrivilege', { api.put(`/categories/${cid}/moderator/${ui.item.user.uid}`, {}, function (err) {
cid: cid,
privilege: ajaxify.data.allPrivileges,
set: true,
member: ui.item.user.uid,
}, function (err) {
if (err) { if (err) {
return alerts.error(err); return alerts.error(err);
} }
@@ -118,12 +113,7 @@ define('admin/manage/admins-mods', [
bootbox.confirm('[[admin/manage/users:alerts.confirm-remove-moderator]]', function (confirm) { bootbox.confirm('[[admin/manage/users:alerts.confirm-remove-moderator]]', function (confirm) {
if (confirm) { if (confirm) {
socket.emit('admin.categories.setPrivilege', { api.delete(`/categories/${cid}/moderator/${uid}`, {}, function (err) {
cid: cid,
privilege: ajaxify.data.allPrivileges,
set: false,
member: uid,
}, function (err) {
if (err) { if (err) {
return alerts.error(err); return alerts.error(err);
} }

4
src/controllers/admin/admins-mods.js
View File

@@ -19,11 +19,10 @@ AdminsMods.get = async function (req, res, next) {
if (!selectedCategory) { if (!selectedCategory) {
return next(); return next();
} }
const [admins, globalMods, moderators, categoryPrivList] = await Promise.all([ const [admins, globalMods, moderators] = await Promise.all([
groups.get('administrators', { uid: req.uid }), groups.get('administrators', { uid: req.uid }),
groups.get('Global Moderators', { uid: req.uid }), groups.get('Global Moderators', { uid: req.uid }),
getModeratorsOfCategories(selectedCategory), getModeratorsOfCategories(selectedCategory),
privileges.categories.getUserPrivilegeList(),
]); ]);
res.render('admin/manage/admins-mods', { res.render('admin/manage/admins-mods', {
@@ -31,7 +30,6 @@ AdminsMods.get = async function (req, res, next) {
globalMods: globalMods, globalMods: globalMods,
categoryMods: [moderators], categoryMods: [moderators],
selectedCategory: selectedCategory, selectedCategory: selectedCategory,
allPrivileges: categoryPrivList,
}); });
}; };

14
src/controllers/write/categories.js
View File

@@ -66,3 +66,17 @@ Categories.setPrivilege = async (req, res) => {
const privilegeSet = await api.categories.getPrivileges(req, req.params.cid); const privilegeSet = await api.categories.getPrivileges(req, req.params.cid);
helpers.formatApiResponse(200, res, privilegeSet); helpers.formatApiResponse(200, res, privilegeSet);
}; };
Categories.setModerator = async (req, res) => {
if (!await privileges.admin.can('admin:admins-mods', req.uid)) {
throw new Error('[[error:no-privileges]]');
}
const privilegeList = await privileges.categories.getUserPrivilegeList();
await api.categories.setPrivilege(req, {
cid: req.params.cid,
privilege: privilegeList,
member: req.params.uid,
set: req.method === 'PUT',
});
helpers.formatApiResponse(200, res);
};

3
src/privileges/admin.js
View File

@@ -77,9 +77,6 @@ privsAdmin.socketMap = {
'admin.analytics.get': 'admin:dashboard', 'admin.analytics.get': 'admin:dashboard',
'admin.categories.copySettingsFrom': 'admin:categories', 'admin.categories.copySettingsFrom': 'admin:categories',
'admin.categories.getPrivilegeSettings': 'admin:privileges',
'admin.categories.setPrivilege': 'admin:privileges;admin:admins-mods',
'admin.categories.copyPrivilegesToChildren': 'admin:privileges', 'admin.categories.copyPrivilegesToChildren': 'admin:privileges',
'admin.categories.copyPrivilegesFrom': 'admin:privileges', 'admin.categories.copyPrivilegesFrom': 'admin:privileges',
'admin.categories.copyPrivilegesToAllCategories': 'admin:privileges', 'admin.categories.copyPrivilegesToAllCategories': 'admin:privileges',

3
src/routes/write/categories.js
View File

@@ -19,5 +19,8 @@ module.exports = function () {
setupApiRoute(router, 'put', '/:cid/privileges/:privilege', [...middlewares, middleware.checkRequired.bind(null, ['member'])], controllers.write.categories.setPrivilege); setupApiRoute(router, 'put', '/:cid/privileges/:privilege', [...middlewares, middleware.checkRequired.bind(null, ['member'])], controllers.write.categories.setPrivilege);
setupApiRoute(router, 'delete', '/:cid/privileges/:privilege', [...middlewares, middleware.checkRequired.bind(null, ['member'])], controllers.write.categories.setPrivilege); setupApiRoute(router, 'delete', '/:cid/privileges/:privilege', [...middlewares, middleware.checkRequired.bind(null, ['member'])], controllers.write.categories.setPrivilege);
setupApiRoute(router, 'put', '/:cid/moderator/:uid', [...middlewares], controllers.write.categories.setModerator);
setupApiRoute(router, 'delete', '/:cid/moderator/:uid', [...middlewares], controllers.write.categories.setModerator);
return router; return router;
}; };

20
src/socket.io/admin/categories.js
View File

@@ -2,8 +2,6 @@
const categories = require('../../categories'); const categories = require('../../categories');
const api = require('../../api');
const sockets = require('..');
const Categories = module.exports; const Categories = module.exports;
@@ -11,24 +9,6 @@ Categories.getNames = async function () {
return await categories.getAllCategoryFields(['cid', 'name']); return await categories.getAllCategoryFields(['cid', 'name']);
}; };
Categories.setPrivilege = async function (socket, data) {
sockets.warnDeprecated(socket, 'PUT /api/v3/categories/:cid/privileges/:privilege');
if (!data) {
throw new Error('[[error:invalid-data]]');
}
return await api.categories.setPrivilege(socket, data);
};
Categories.getPrivilegeSettings = async function (socket, cid) {
sockets.warnDeprecated(socket, 'GET /api/v3/categories/:cid/privileges');
if (!isFinite(cid) && cid !== 'admin') {
throw new Error('[[error:invalid-data]]');
}
return await api.categories.getPrivileges(socket, cid);
};
Categories.copyPrivilegesToChildren = async function (socket, data) { Categories.copyPrivilegesToChildren = async function (socket, data) {
const result = await categories.getChildren([data.cid], socket.uid); const result = await categories.getChildren([data.cid], socket.uid);
const children = result[0]; const children = result[0];

158
test/categories.js
View File

@@ -468,67 +468,43 @@ describe('Categories', () => {
}); });
}); });
it('should give privilege', (done) => { it('should give privilege', async () => {
socketCategories.setPrivilege({ uid: adminUid }, { cid: categoryObj.cid, privilege: ['groups:topics:delete'], set: true, member: 'registered-users' }, (err) => { await apiCategories.setPrivilege({ uid: adminUid }, { cid: categoryObj.cid, privilege: ['groups:topics:delete'], set: true, member: 'registered-users' });
assert.ifError(err); const canDeleteTopics = await privileges.categories.can('topics:delete', categoryObj.cid, posterUid);
privileges.categories.can('topics:delete', categoryObj.cid, posterUid, (err, canDeleteTopcis) => { assert(canDeleteTopics);
assert.ifError(err);
assert(canDeleteTopcis);
done();
});
});
}); });
it('should remove privilege', (done) => { it('should remove privilege', async () => {
socketCategories.setPrivilege({ uid: adminUid }, { cid: categoryObj.cid, privilege: 'groups:topics:delete', set: false, member: 'registered-users' }, (err) => { await apiCategories.setPrivilege({ uid: adminUid }, { cid: categoryObj.cid, privilege: 'groups:topics:delete', set: false, member: 'registered-users' });
assert.ifError(err); const canDeleteTopics = await privileges.categories.can('topics:delete', categoryObj.cid, posterUid);
privileges.categories.can('topics:delete', categoryObj.cid, posterUid, (err, canDeleteTopcis) => { assert(!canDeleteTopics);
assert.ifError(err);
assert(!canDeleteTopcis);
done();
});
});
}); });
it('should get privilege settings', (done) => { it('should get privilege settings', async () => {
socketCategories.getPrivilegeSettings({ uid: adminUid }, categoryObj.cid, (err, data) => { const data = await apiCategories.getPrivileges({ uid: adminUid }, categoryObj.cid);
assert.ifError(err); assert(data.labels);
assert(data); assert(data.labels.users);
done(); assert(data.labels.groups);
}); assert(data.keys.users);
assert(data.keys.groups);
assert(data.users);
assert(data.groups);
}); });
it('should copy privileges to children', (done) => { it('should copy privileges to children', async () => {
let parentCid; const parentCategory = await Categories.create({ name: 'parent' });
let child1Cid; const parentCid = parentCategory.cid;
let child2Cid; const child1 = await Categories.create({ name: 'child1', parentCid: parentCid });
async.waterfall([ const child2 = await Categories.create({ name: 'child2', parentCid: child1.cid });
function (next) { await apiCategories.setPrivilege({ uid: adminUid }, {
Categories.create({ name: 'parent' }, next); cid: parentCid,
}, privilege: 'groups:topics:delete',
function (category, next) { set: true,
parentCid = category.cid; member: 'registered-users',
Categories.create({ name: 'child1', parentCid: parentCid }, next); });
}, await socketCategories.copyPrivilegesToChildren({ uid: adminUid }, { cid: parentCid, group: '' });
function (category, next) { const canDelete = await privileges.categories.can('topics:delete', child2.cid, posterUid);
child1Cid = category.cid;
Categories.create({ name: 'child2', parentCid: child1Cid }, next);
},
function (category, next) {
child2Cid = category.cid;
socketCategories.setPrivilege({ uid: adminUid }, { cid: parentCid, privilege: 'groups:topics:delete', set: true, member: 'registered-users' }, next);
},
function (next) {
socketCategories.copyPrivilegesToChildren({ uid: adminUid }, { cid: parentCid, group: '' }, next);
},
function (next) {
privileges.categories.can('topics:delete', child2Cid, posterUid, next);
},
function (canDelete, next) {
assert(canDelete); assert(canDelete);
next();
},
], done);
}); });
it('should create category with settings from', (done) => { it('should create category with settings from', (done) => {
@@ -579,60 +555,34 @@ describe('Categories', () => {
], done); ], done);
}); });
it('should copy privileges from another category', (done) => { it('should copy privileges from another category', async () => {
let child1Cid; const parent = await Categories.create({ name: 'parent', description: 'copy me' });
let parentCid; const parentCid = parent.cid;
async.waterfall([ const child1 = await Categories.create({ name: 'child1' });
function (next) { await apiCategories.setPrivilege({ uid: adminUid }, {
Categories.create({ name: 'parent', description: 'copy me' }, next); cid: parentCid,
}, privilege: 'groups:topics:delete',
function (category, next) { set: true,
parentCid = category.cid; member: 'registered-users',
Categories.create({ name: 'child1' }, next); });
}, await socketCategories.copyPrivilegesFrom({ uid: adminUid }, { fromCid: parentCid, toCid: child1.cid });
function (category, next) { const canDelete = await privileges.categories.can('topics:delete', child1.cid, posterUid);
child1Cid = category.cid;
socketCategories.setPrivilege({ uid: adminUid }, { cid: parentCid, privilege: 'groups:topics:delete', set: true, member: 'registered-users' }, next);
},
function (next) {
socketCategories.copyPrivilegesFrom({ uid: adminUid }, { fromCid: parentCid, toCid: child1Cid }, next);
},
function (next) {
privileges.categories.can('topics:delete', child1Cid, posterUid, next);
},
function (canDelete, next) {
assert(canDelete); assert(canDelete);
next();
},
], done);
}); });
it('should copy privileges from another category for a single group', (done) => { it('should copy privileges from another category for a single group', async () => {
let child1Cid; const parent = await Categories.create({ name: 'parent', description: 'copy me' });
let parentCid; const parentCid = parent.cid;
async.waterfall([ const child1 = await Categories.create({ name: 'child1' });
function (next) { await apiCategories.setPrivilege({ uid: adminUid }, {
Categories.create({ name: 'parent', description: 'copy me' }, next); cid: parentCid,
}, privilege: 'groups:topics:delete',
function (category, next) { set: true,
parentCid = category.cid; member: 'registered-users',
Categories.create({ name: 'child1' }, next); });
}, await socketCategories.copyPrivilegesFrom({ uid: adminUid }, { fromCid: parentCid, toCid: child1.cid, group: 'registered-users' });
function (category, next) { const canDelete = await privileges.categories.can('topics:delete', child1.cid, 0);
child1Cid = category.cid;
socketCategories.setPrivilege({ uid: adminUid }, { cid: parentCid, privilege: 'groups:topics:delete', set: true, member: 'registered-users' }, next);
},
function (next) {
socketCategories.copyPrivilegesFrom({ uid: adminUid }, { fromCid: parentCid, toCid: child1Cid, group: 'registered-users' }, next);
},
function (next) {
privileges.categories.can('topics:delete', child1Cid, 0, next);
},
function (canDelete, next) {
assert(!canDelete); assert(!canDelete);
next();
},
], done);
}); });
}); });