From 864a0701633c3c276dbece34633e57b7e564c132 Mon Sep 17 00:00:00 2001 From: NGPixel Date: Sat, 29 Apr 2017 12:28:59 -0400 Subject: [PATCH] feat: All Pages - Limit to user access rights --- server/controllers/ws.js | 2 +- server/libs/entries.js | 28 +++++++++++++++++----------- server/libs/rights.js | 8 +++++--- 3 files changed, 23 insertions(+), 15 deletions(-) diff --git a/server/controllers/ws.js b/server/controllers/ws.js index a5894019..78c4193d 100644 --- a/server/controllers/ws.js +++ b/server/controllers/ws.js @@ -25,7 +25,7 @@ module.exports = (socket) => { if (socket.request.user.logged_in) { socket.on('treeFetch', (data, cb) => { cb = cb || _.noop - entries.getFromTree(data.basePath).then((f) => { + entries.getFromTree(data.basePath, socket.request.user).then((f) => { return cb(f) || true }) }) diff --git a/server/libs/entries.js b/server/libs/entries.js index 9ebeddfa..bb5e24a0 100644 --- a/server/libs/entries.js +++ b/server/libs/entries.js @@ -300,10 +300,10 @@ module.exports = { /** * Create a new document * - * @param {String} entryPath The entry path - * @param {String} contents The markdown-formatted contents + * @param {String} entryPath The entry path + * @param {String} contents The markdown-formatted contents * @param {Object} author The author user object - * @return {Promise} True on success, false on failure + * @return {Promise} True on success, false on failure */ create (entryPath, contents, author) { let self = this @@ -327,10 +327,10 @@ module.exports = { /** * Makes a document persistent to disk and git repository * - * @param {String} entryPath The entry path - * @param {String} contents The markdown-formatted contents + * @param {String} entryPath The entry path + * @param {String} contents The markdown-formatted contents * @param {Object} author The author user object - * @return {Promise} True on success, false on failure + * @return {Promise} True on success, false on failure */ makePersistent (entryPath, contents, author) { let fpath = entryHelper.getFullPath(entryPath) @@ -343,10 +343,10 @@ module.exports = { /** * Move a document * - * @param {String} entryPath The current entry path - * @param {String} newEntryPath The new entry path + * @param {String} entryPath The current entry path + * @param {String} newEntryPath The new entry path * @param {Object} author The author user object - * @return {Promise} Promise of the operation + * @return {Promise} Promise of the operation */ move (entryPath, newEntryPath, author) { let self = this @@ -393,9 +393,15 @@ module.exports = { * Get all entries from base path * * @param {String} basePath Path to list from + * @param {Object} usr Current user * @return {Promise} List of entries */ - getFromTree (basePath) { - return db.Entry.find({ parentPath: basePath }, 'title parentPath isDirectory isEntry').sort({ title: 'asc' }) + getFromTree (basePath, usr) { + return db.Entry.find({ parentPath: basePath }, 'title parentPath isDirectory isEntry').sort({ title: 'asc' }).then(results => { + return _.filter(results, r => { + console.log(r._id, rights.checkRole(r._id, usr.rights, 'read')) + return rights.checkRole('/' + r._id, usr.rights, 'read') + }) + }) } } diff --git a/server/libs/rights.js b/server/libs/rights.js index 2c60f05e..ce82882b 100644 --- a/server/libs/rights.js +++ b/server/libs/rights.js @@ -58,15 +58,15 @@ module.exports = { let rt = [] let p = _.chain(req.originalUrl).toLower().trim().value() - // Load User Rights + // Load user rights if (_.isArray(req.user.rights)) { rt = req.user.rights } - // Is admin? + // Check rights - if (_.find(rt, { role: 'admin' })) { + if (self.checkRole(p, rt, 'admin')) { perm.read = true perm.write = true perm.manage = true @@ -89,6 +89,8 @@ module.exports = { * @return {boolean} True if authorized */ checkRole (p, rt, role) { + if (_.find(rt, { role: 'admin' })) { return true } + // Check specific role on path let filteredRights = _.filter(rt, (r) => {