apply template to user accounts ref #377

configs/nginx/snippets/jschan_common_routes.conf

@@ -29,7 +29,7 @@ location /captcha {
 }
 
 # authed, no cache pages
-location ~* ^/((\w+/manage/.*|globalmanage/(reports|bans|recent|boards|globallogs|news|accounts|settings))|account|create|csrf)\.(html|json)$ {
+location ~* ^/((\w+/manage/.*|globalmanage/(reports|bans|recent|boards|globallogs|news|accounts|settings))|mypermissions|account|create|csrf)\.(html|json)$ {
 	expires 0;
 	try_files /dev/null @backend-private;
 }

controllers/forms/editaccount.js

@@ -6,6 +6,7 @@ const editAccount = require(__dirname+'/../../models/forms/editaccount.js')
 	, dynamicResponse = require(__dirname+'/../../helpers/dynamic.js')
 	, paramConverter = require(__dirname+'/../../helpers/paramconverter.js')
 	, Permissions = require(__dirname+'/../../helpers/permissions.js')
+	, { permTemplates } = require(__dirname+'/../../helpers/permtemplates.js')
 	, { checkSchema, lengthBody, numberBody, minmaxBody, numberBodyVariable,
 		inArrayBody, arrayInBody, existsBody } = require(__dirname+'/../../helpers/schema.js');
 
@@ -26,6 +27,9 @@ module.exports = {
 				return res.locals.editingAccount != null;
 			}, expected: true, error: 'Invalid account username' },
 			{ result: (res.locals.user.username === req.body.username), expected: false, error: "You can't edit your own permissions" },
+			{ result: !existsBody(req.body.template) //no template, OR the template is a valid one
+				|| inArrayBody(req.body.template, [permTemplates.ANON.base64, permTemplates.GLOBAL_STAFF.base64, permTemplates.ADMIN.base64]),
+				expected: true, error: "Invalid template selection" },
 		]);
 
 		if (errors.length > 0) {

helpers/permission.js

@@ -6,9 +6,8 @@ const Permissions = require(__dirname+'/permissions.js')
 
 class Permission extends BigBitfield {
 
-	constructor(data, name = 'Custom') {
+	constructor(data) {
 		super(data);
-		this.name = name;
 	}
 
 	static permissionEntries = Object.entries(Permissions)

helpers/permtemplates.js

@@ -15,7 +15,8 @@ ANON.setAll([
 
 const BOARD_STAFF = new Permission(ANON.base64)
 BOARD_STAFF.setAll([
-	Permissions.MANAGE_BOARD_GENERAL, Permissions.MANAGE_BOARD_BANS, Permissions.MANAGE_BOARD_LOGS, Permissions.MANAGE_BOARD_SETTINGS, Permissions.MANAGE_BOARD_CUSTOMISATION,
+	Permissions.MANAGE_BOARD_GENERAL, Permissions.MANAGE_BOARD_BANS, Permissions.MANAGE_BOARD_LOGS, Permissions.MANAGE_BOARD_SETTINGS, 
+	Permissions.MANAGE_BOARD_CUSTOMISATION,
 ]);
 
 const BOARD_OWNER = new Permission(BOARD_STAFF.base64)
@@ -25,12 +26,16 @@ BOARD_OWNER.setAll([
 
 const GLOBAL_STAFF = new Permission(BOARD_OWNER.base64);
 GLOBAL_STAFF.setAll([
-	//no MANAGE_GLOBAL_ACCOUNTS, for now
 	Permissions.MANAGE_GLOBAL_GENERAL, Permissions.MANAGE_GLOBAL_BANS, Permissions.MANAGE_GLOBAL_LOGS, Permissions.MANAGE_GLOBAL_NEWS, 
 	Permissions.MANAGE_GLOBAL_BOARDS, Permissions.MANAGE_GLOBAL_SETTINGS, Permissions.MANAGE_BOARD_OWNER, Permissions.BYPASS_FILTERS, 
 	Permissions.BYPASS_BANS, Permissions.BYPASS_SPAMCHECK, Permissions.BYPASS_RATELIMITS,
 ]);
 
+const ADMIN = new Permission(GLOBAL_STAFF.base64);
+ADMIN.setAll([
+	Permissions.MANAGE_GLOBAL_ACCOUNTS, Permissions.VIEW_RAW_IP,
+]);
+
 const ROOT = new Permission();
 ROOT.setAll(Permission.allPermissions);
 
@@ -41,6 +46,7 @@ module.exports = {
 		BOARD_STAFF,
 		BOARD_OWNER,
 		GLOBAL_STAFF,
+		ADMIN,
 		ROOT,
 	},
 
@@ -49,7 +55,8 @@ module.exports = {
 		[BOARD_STAFF.base64]: 'Board Staff',
 		[BOARD_OWNER.base64]: 'Board Owner',
 		[GLOBAL_STAFF.base64]: 'Global Staff',
-		[ROOT.base64]: 'Admin',
+		[ADMIN.base64]: 'Admin',
+		[ROOT.base64]: 'Root',
 	},
 
 };

models/forms/editaccount.js

@@ -7,47 +7,52 @@ const { Accounts } = require(__dirname+'/../../db/')
 
 module.exports = async (req, res, next) => {
 
-	let updatingPermissions = new Permission(res.locals.editingAccount.permissions);
+	let updatingPermissions;
 
-	//this can probably be made more general
-	updatingPermissions.set(Permissions.VIEW_RAW_IP, (req.body.VIEW_RAW_IP != null));
-	updatingPermissions.set(Permissions.CREATE_BOARD, (req.body.CREATE_BOARD != null));
-	updatingPermissions.set(Permissions.CREATE_ACCOUNT, (req.body.CREATE_ACCOUNT != null));
-	updatingPermissions.set(Permissions.BYPASS_BANS, (req.body.BYPASS_BANS != null));
-	updatingPermissions.set(Permissions.BYPASS_SPAMCHECK, (req.body.BYPASS_SPAMCHECK != null));
-	updatingPermissions.set(Permissions.BYPASS_RATELIMITS, (req.body.BYPASS_RATELIMITS != null));
-	updatingPermissions.set(Permissions.BYPASS_FILTERS, (req.body.BYPASS_FILTERS != null));
-	updatingPermissions.set(Permissions.MANAGE_GLOBAL_GENERAL, (req.body.MANAGE_GLOBAL_GENERAL != null));
-	updatingPermissions.set(Permissions.MANAGE_GLOBAL_BANS, (req.body.MANAGE_GLOBAL_BANS != null));
-	updatingPermissions.set(Permissions.MANAGE_GLOBAL_LOGS, (req.body.MANAGE_GLOBAL_LOGS != null));
-	updatingPermissions.set(Permissions.MANAGE_GLOBAL_NEWS, (req.body.MANAGE_GLOBAL_NEWS != null));
-	updatingPermissions.set(Permissions.MANAGE_GLOBAL_BOARDS, (req.body.MANAGE_GLOBAL_BOARDS != null));
-	updatingPermissions.set(Permissions.MANAGE_GLOBAL_SETTINGS, (req.body.MANAGE_GLOBAL_SETTINGS != null));
-	updatingPermissions.set(Permissions.MANAGE_BOARD_GENERAL, (req.body.MANAGE_BOARD_GENERAL != null));
-	updatingPermissions.set(Permissions.MANAGE_BOARD_OWNER, (req.body.MANAGE_BOARD_OWNER != null));
-	updatingPermissions.set(Permissions.MANAGE_BOARD_BANS, (req.body.MANAGE_BOARD_BANS != null));
-	updatingPermissions.set(Permissions.MANAGE_BOARD_LOGS, (req.body.MANAGE_BOARD_LOGS != null));
-	updatingPermissions.set(Permissions.MANAGE_BOARD_SETTINGS, (req.body.MANAGE_BOARD_SETTINGS != null));
-	updatingPermissions.set(Permissions.MANAGE_BOARD_CUSTOMISATION, (req.body.MANAGE_BOARD_CUSTOMISATION != null));
-	updatingPermissions.set(Permissions.MANAGE_BOARD_STAFF, (req.body.MANAGE_BOARD_STAFF != null));
-	updatingPermissions.set(Permissions.USE_MARKDOWN_PINKTEXT, (req.body.USE_MARKDOWN_PINKTEXT != null));
-	updatingPermissions.set(Permissions.USE_MARKDOWN_GREENTEXT, (req.body.USE_MARKDOWN_GREENTEXT != null));
-	updatingPermissions.set(Permissions.USE_MARKDOWN_BOLD, (req.body.USE_MARKDOWN_BOLD != null));
-	updatingPermissions.set(Permissions.USE_MARKDOWN_UNDERLINE, (req.body.USE_MARKDOWN_UNDERLINE != null));
-	updatingPermissions.set(Permissions.USE_MARKDOWN_STRIKETHROUGH, (req.body.USE_MARKDOWN_STRIKETHROUGH != null));
-	updatingPermissions.set(Permissions.USE_MARKDOWN_TITLE, (req.body.USE_MARKDOWN_TITLE != null));
-	updatingPermissions.set(Permissions.USE_MARKDOWN_ITALIC, (req.body.USE_MARKDOWN_ITALIC != null));
-	updatingPermissions.set(Permissions.USE_MARKDOWN_SPOILER, (req.body.USE_MARKDOWN_SPOILER != null));
-	updatingPermissions.set(Permissions.USE_MARKDOWN_MONO, (req.body.USE_MARKDOWN_MONO != null));
-	updatingPermissions.set(Permissions.USE_MARKDOWN_CODE, (req.body.USE_MARKDOWN_CODE != null));
-	updatingPermissions.set(Permissions.USE_MARKDOWN_DETECTED, (req.body.USE_MARKDOWN_DETECTED != null));
-	updatingPermissions.set(Permissions.USE_MARKDOWN_LINK, (req.body.USE_MARKDOWN_LINK != null));
-	updatingPermissions.set(Permissions.USE_MARKDOWN_DICE, (req.body.USE_MARKDOWN_DICE != null));
-	updatingPermissions.set(Permissions.USE_MARKDOWN_FORTUNE, (req.body.USE_MARKDOWN_FORTUNE != null));
-	if (res.locals.permissions.get(Permissions.ROOT)) {
-		//be careful giving others manage_global_accounts!
-		updatingPermissions.set(Permissions.MANAGE_GLOBAL_ACCOUNTS, (req.body.MANAGE_GLOBAL_ACCOUNTS != null))
-		updatingPermissions.set(Permissions.ROOT, (req.body.ROOT != null));
+	if (req.body.template) {
+		updatingPermissions = new Permission(req.body.template);
+	} else {
+		updatingPermissions = new Permission(res.locals.editingAccount.permissions);
+		//this can probably be made more general
+		updatingPermissions.set(Permissions.VIEW_RAW_IP, (req.body.VIEW_RAW_IP != null));
+		updatingPermissions.set(Permissions.CREATE_BOARD, (req.body.CREATE_BOARD != null));
+		updatingPermissions.set(Permissions.CREATE_ACCOUNT, (req.body.CREATE_ACCOUNT != null));
+		updatingPermissions.set(Permissions.BYPASS_BANS, (req.body.BYPASS_BANS != null));
+		updatingPermissions.set(Permissions.BYPASS_SPAMCHECK, (req.body.BYPASS_SPAMCHECK != null));
+		updatingPermissions.set(Permissions.BYPASS_RATELIMITS, (req.body.BYPASS_RATELIMITS != null));
+		updatingPermissions.set(Permissions.BYPASS_FILTERS, (req.body.BYPASS_FILTERS != null));
+		updatingPermissions.set(Permissions.MANAGE_GLOBAL_GENERAL, (req.body.MANAGE_GLOBAL_GENERAL != null));
+		updatingPermissions.set(Permissions.MANAGE_GLOBAL_BANS, (req.body.MANAGE_GLOBAL_BANS != null));
+		updatingPermissions.set(Permissions.MANAGE_GLOBAL_LOGS, (req.body.MANAGE_GLOBAL_LOGS != null));
+		updatingPermissions.set(Permissions.MANAGE_GLOBAL_NEWS, (req.body.MANAGE_GLOBAL_NEWS != null));
+		updatingPermissions.set(Permissions.MANAGE_GLOBAL_BOARDS, (req.body.MANAGE_GLOBAL_BOARDS != null));
+		updatingPermissions.set(Permissions.MANAGE_GLOBAL_SETTINGS, (req.body.MANAGE_GLOBAL_SETTINGS != null));
+		updatingPermissions.set(Permissions.MANAGE_BOARD_GENERAL, (req.body.MANAGE_BOARD_GENERAL != null));
+		updatingPermissions.set(Permissions.MANAGE_BOARD_OWNER, (req.body.MANAGE_BOARD_OWNER != null));
+		updatingPermissions.set(Permissions.MANAGE_BOARD_BANS, (req.body.MANAGE_BOARD_BANS != null));
+		updatingPermissions.set(Permissions.MANAGE_BOARD_LOGS, (req.body.MANAGE_BOARD_LOGS != null));
+		updatingPermissions.set(Permissions.MANAGE_BOARD_SETTINGS, (req.body.MANAGE_BOARD_SETTINGS != null));
+		updatingPermissions.set(Permissions.MANAGE_BOARD_CUSTOMISATION, (req.body.MANAGE_BOARD_CUSTOMISATION != null));
+		updatingPermissions.set(Permissions.MANAGE_BOARD_STAFF, (req.body.MANAGE_BOARD_STAFF != null));
+		updatingPermissions.set(Permissions.USE_MARKDOWN_PINKTEXT, (req.body.USE_MARKDOWN_PINKTEXT != null));
+		updatingPermissions.set(Permissions.USE_MARKDOWN_GREENTEXT, (req.body.USE_MARKDOWN_GREENTEXT != null));
+		updatingPermissions.set(Permissions.USE_MARKDOWN_BOLD, (req.body.USE_MARKDOWN_BOLD != null));
+		updatingPermissions.set(Permissions.USE_MARKDOWN_UNDERLINE, (req.body.USE_MARKDOWN_UNDERLINE != null));
+		updatingPermissions.set(Permissions.USE_MARKDOWN_STRIKETHROUGH, (req.body.USE_MARKDOWN_STRIKETHROUGH != null));
+		updatingPermissions.set(Permissions.USE_MARKDOWN_TITLE, (req.body.USE_MARKDOWN_TITLE != null));
+		updatingPermissions.set(Permissions.USE_MARKDOWN_ITALIC, (req.body.USE_MARKDOWN_ITALIC != null));
+		updatingPermissions.set(Permissions.USE_MARKDOWN_SPOILER, (req.body.USE_MARKDOWN_SPOILER != null));
+		updatingPermissions.set(Permissions.USE_MARKDOWN_MONO, (req.body.USE_MARKDOWN_MONO != null));
+		updatingPermissions.set(Permissions.USE_MARKDOWN_CODE, (req.body.USE_MARKDOWN_CODE != null));
+		updatingPermissions.set(Permissions.USE_MARKDOWN_DETECTED, (req.body.USE_MARKDOWN_DETECTED != null));
+		updatingPermissions.set(Permissions.USE_MARKDOWN_LINK, (req.body.USE_MARKDOWN_LINK != null));
+		updatingPermissions.set(Permissions.USE_MARKDOWN_DICE, (req.body.USE_MARKDOWN_DICE != null));
+		updatingPermissions.set(Permissions.USE_MARKDOWN_FORTUNE, (req.body.USE_MARKDOWN_FORTUNE != null));
+		if (res.locals.permissions.get(Permissions.ROOT)) {
+			//be careful giving others manage_global_accounts!
+			updatingPermissions.set(Permissions.MANAGE_GLOBAL_ACCOUNTS, (req.body.MANAGE_GLOBAL_ACCOUNTS != null))
+			updatingPermissions.set(Permissions.ROOT, (req.body.ROOT != null));
+		}
 	}
 
 	const updated = await Accounts.setAccountPermissions(req.body.username, updatingPermissions).then(r => r.matchedCount);

models/pages/globalmanage/accounts.js

@@ -40,7 +40,6 @@ module.exports = async (req, res, next) => {
 	.set('Cache-Control', 'private, max-age=5')
 	.render('globalmanageaccounts', {
 		csrf: req.csrfToken(),
-		user: res.locals.user,
 		permissions: res.locals.permissions,
 		user: res.locals.user,
 		queryString,

models/pages/globalmanage/editaccount.js

@@ -1,6 +1,7 @@
 'use strict';
 
 const { Accounts } = require(__dirname+'/../../../db/')
+	, { permTemplates } = require(__dirname+'/../../../helpers/permtemplates.js')
 	, Permission = require(__dirname+'/../../../helpers/permission.js');
 
 module.exports = async (req, res, next) => {
@@ -19,6 +20,7 @@ module.exports = async (req, res, next) => {
 		board: res.locals.board,
 		accountUsername: req.params.accountusername,
 		accountPermissions: new Permission(editingAccount.permissions),
+		permTemplates,
 	});
 
 }

views/pages/editaccount.pug

@@ -25,3 +25,14 @@ block content
 					.rlabel #{jsonPermissions[perm].label}
 					p #{jsonPermissions[perm].desc}
 			input(type='submit', value='Save')
+			hr(size=1)
+			h4.mv-5 Or, apply a role:
+			.row
+				.label Role
+				select(name='template')
+					option(disabled selected) None
+					//-limiting which ones atm
+					option(value=permTemplates.ANON.base64) Regular User
+					option(value=permTemplates.GLOBAL_STAFF.base64) Global Staff
+					option(value=permTemplates.ADMIN.base64) Admin
+			input(type='submit', value='Apply')

views/pages/managestaff.pug

@@ -20,8 +20,9 @@ block content
 			input(type='submit', value='Add')
 	hr(size=1)
 	h4.no-m-p Current Staff:
-	- const staffNames = Object.keys(board.staff);
-	if staffNames.length > 0
+	//-ew
+	- const staffEntries = Object.entries(board.staff).sort((a, b) => new Date(a[1].addedDate) - new Date(b[1].addedDate));
+	if staffEntries.length > 0
 		form.form-post.nogrow(action=`/forms/board/${board._id}/deletestaff` method='POST' enctype='application/x-www-form-urlencoded')
 			input(type='hidden' name='_csrf' value=csrf)
 			.table-container.flex-left.mv-5.text-center
@@ -31,19 +32,17 @@ block content
 						th Username
 						th Date Added
 						th Logs
-						th Role
 						th Permissions
-					for username in staffNames
+					for staff in staffEntries
 						tr
 							td: input(type='checkbox' name='checkedstaff' value=username)
-							td #{username} #{user.username === username ? '(You)' : ''}
+							td #{staff[0]}#{user.username === staff[0] ? ' (You)' : ''}
 							td 
-								time.reltime(datetime=board.staff[username].addedDate) #{board.staff[username].addedDate.toLocaleString(undefined, {hourCycle:'h23'})}
-							td: a(href=`/${board._id}/manage/logs.html?username=${username}`) [View]
-							td #{permTemplateMap[board.staff[username].permissions.toString('base64')] || 'Custom'}
+								time.reltime(datetime=staff[1].addedDate) #{staff[1].addedDate.toLocaleString(undefined, {hourCycle:'h23'})}
+							td: a(href=`/${board._id}/manage/logs.html?username=${staff[0]}`) [View]
 							td
-								if user.username !== username
-									a(href=`/${board._id}/manage/editstaff/${username}.html`) [Edit]
+								if user.username !== staff[0]
+									a(href=`/${board._id}/manage/editstaff/${staff[0]}.html`) [Edit]
 								else
 									a(href=`/${board._id}/manage/mypermissions.html`) [View]