Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-29 18:16:17 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: add privilege give/rescind hooks (#8336)

Browse Source 
* feat: add privilege give/rescind hooks

action:privileges.categories.give/rescind
action:privileges.global.give/rescind

breaking change, privileges.categories.give/rescind and privileges.global.give/rescind use full privilege name for groups ie `groups:find` instead of `find`

* fix: tests, privileges renamed
This commit is contained in:
Barış Soner Uşaklı
2020-05-26 21:57:38 -04:00
committed by GitHub
parent a0e243eea1
commit ec5582b53c
30 changed files with 154 additions and 136 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
test/controllers.js
View File

@@ -689,13 +689,13 @@ describe('Controllers', function () {
});
it('should load users search page', function (done) {
privileges.global.give(['search:users'], 'guests', function (err) {
privileges.global.give(['groups:search:users'], 'guests', function (err) {
assert.ifError(err);
request(nconf.get('url') + '/users?term=bar&section=sort-posts', function (err, res, body) {
assert.ifError(err);
assert.equal(res.statusCode, 200);
assert(body);
privileges.global.rescind(['search:users'], 'guests', done);
privileges.global.rescind(['groups:search:users'], 'guests', done);
});
});
});
@@ -1344,13 +1344,13 @@ describe('Controllers', function () {
});
it('should return 401 if user does not have view:users privilege', function (done) {
privileges.global.rescind(['view:users'], 'guests', function (err) {
privileges.global.rescind(['groups:view:users'], 'guests', function (err) {
assert.ifError(err);
request(nconf.get('url') + '/api/user/foo', { json: true }, function (err, res, body) {
assert.ifError(err);
assert.equal(res.statusCode, 401);
assert.equal(body, 'not-authorized');
privileges.global.give(['view:users'], 'guests', done);
privileges.global.give(['groups:view:users'], 'guests', done);
});
});
});
@@ -1624,12 +1624,12 @@ describe('Controllers', function () {
});
it('should 403 if user does not have read privilege', function (done) {
privileges.categories.rescind(['topics:read'], category.cid, 'registered-users', function (err) {
privileges.categories.rescind(['groups:topics:read'], category.cid, 'registered-users', function (err) {
assert.ifError(err);
request(nconf.get('url') + '/api/post/' + pid, { jar: jar }, function (err, res) {
assert.ifError(err);
assert.equal(res.statusCode, 403);
privileges.categories.give(['topics:read'], category.cid, 'registered-users', done);
privileges.categories.give(['groups:topics:read'], category.cid, 'registered-users', done);
});
});
});
@@ -1916,7 +1916,7 @@ describe('Controllers', function () {
it('should return 401 if not allowed to read', function (done) {
categories.create({ name: 'hidden' }, function (err, category) {
assert.ifError(err);
privileges.categories.rescind(['read'], category.cid, 'guests', function (err) {
privileges.categories.rescind(['groups:read'], category.cid, 'guests', function (err) {
assert.ifError(err);
request(nconf.get('url') + '/api/category/' + category.slug, function (err, res) {
assert.ifError(err);