From 7a3095594fc384fb6100bcd16df4982574165986 Mon Sep 17 00:00:00 2001 From: Thomas Lynch Date: Tue, 3 Jan 2023 21:11:44 +1100 Subject: [PATCH] Change permissions metadata to be keyed by the permission bits Refactor form handling for permissions in editrole/editaccount, make mush shorter and more maintainable --- lib/permission/permission.js | 31 ++++---- lib/permission/permissions.js | 94 ++++++++++++------------ models/forms/editaccount.js | 44 +---------- models/forms/editrole.js | 43 +---------- views/includes/globalpermissionsform.pug | 18 ++--- 5 files changed, 77 insertions(+), 153 deletions(-) diff --git a/lib/permission/permission.js b/lib/permission/permission.js index da3fb54e..5de21e9d 100644 --- a/lib/permission/permission.js +++ b/lib/permission/permission.js @@ -9,29 +9,34 @@ class Permission extends BigBitfield { super(data); } - static permissionEntries = Object.entries(Permissions) + // List of permission bits + static allPermissions = Object.values(Permissions) .filter(e => typeof e[1] === 'number'); - static allPermissions = this.permissionEntries - .map(e => e[1]); - + // Convert to a map of bit to metadata and state, for use in templates toJSON() { - return this.constructor.permissionEntries + return Object.entries(Metadata) .reduce((acc, entry) => { - const { label, desc, title, subtitle, parent } = Metadata[entry[0]]; acc[entry[0]] = { - bit: entry[1], - state: this.get(entry[1]), - parent, - label, - desc, - title, - subtitle, + state: this.get(entry[0]), + ...entry[1], }; return acc; }, {}); } + // Update permission based on body and another users permission + handleBody(body, editorPermission) { + for (let bit in Metadata) { + // If perm has no "parent" bit, or current user has the parent permission, set each bit based on the form input + const allowedParent = !Metadata[bit].parent + || editorPermission.get(Metadata[bit].parent); + if (allowedParent) { + this.set(parseInt(bit), (body[`permission_bit_${bit}`] != null)); + } + } + } + applyInheritance() { if (this.get(Permissions.ROOT)){ //root gets all perms this.setAll(this.constructor.allPermissions); diff --git a/lib/permission/permissions.js b/lib/permission/permissions.js index 5a67a853..27ed5766 100644 --- a/lib/permission/permissions.js +++ b/lib/permission/permissions.js @@ -51,54 +51,54 @@ const Permissions = Object.seal(Object.freeze(Object.preventExtensions({ }))); //todo: make these keyed by the bits? but then how to get the name param for form fields? might change that -const Metadata = { - - ROOT: { title: 'Root', label: 'Root', desc: 'Full control. Use with caution!', parent: Permissions.ROOT }, - - VIEW_RAW_IP: { title: 'Raw IPs', label: 'View Raw IPs', desc: 'Ability to see raw IPs in moderation interfaces.' }, - - CREATE_BOARD: { title: 'Create', label: 'Create Board', desc: 'Ability to create new boards.' }, - CREATE_ACCOUNT: { label: 'Create Account', desc: 'Ability to register an account.' }, - - BYPASS_BANS: { title: 'Bypasses', label: 'Bypass Bans', desc: 'Bypass all bans.' }, - BYPASS_SPAMCHECK: { label: 'Bypass Spamcheck', desc: 'Bypass the basic anti-flood spamcheck for too frequent similar posting.' }, - BYPASS_RATELIMITS: { label: 'Bypass Ratelimits', desc: 'Bypass ratelimits for getting new captchas, editing posts, editing board settings, etc.' }, - BYPASS_FILTERS: { label: 'Bypass Filters', desc: 'Bypass all post filters.' }, - BYPASS_CAPTCHA: { label: 'Bypass Captcha', desc: 'Bypass captcha.' }, - - MANAGE_GLOBAL_GENERAL: { title: 'Global Management',label: 'Global Staff', desc: 'General global staff permission. Access to recent posts and reports. Ability to submit global actions.' }, - MANAGE_GLOBAL_BANS: { label: 'Global Bans', desc: 'Access global bans. Ability to unban, edit, or deny appeals.' }, - MANAGE_GLOBAL_LOGS: { label: 'Global Logs', desc: 'Access global logs. Ability to search/filter' }, - MANAGE_GLOBAL_NEWS: { label: 'News', desc: 'Access news posting. Ability to add, edit, or delete newsposts.' }, - MANAGE_GLOBAL_BOARDS: { label: 'Boards', desc: 'Access the global board list. Ability to search/filter. Also grants the ability to transfer or delete any board.' }, - MANAGE_GLOBAL_SETTINGS: { label: 'Global Settings', desc: 'Access global settings. Ability to change any settings.' }, - MANAGE_GLOBAL_ACCOUNTS: { label: 'Accounts', desc: 'Access the accounts list. Ability to search/sort. Ability to edit permissions of any user.', parent: Permissions.ROOT }, - MANAGE_GLOBAL_ROLES: { label: 'Roles', desc: 'Access roles list. Ability to edit roles', parent: Permissions.ROOT }, - - MANAGE_BOARD_OWNER: { title: 'Board Management', subtitle: 'Note: Setting board management permissions on an account/role level will grant them globally i.e for all boards.\nTo make somebody a normal board owner/staff, transfer them the board or give them the appropriate permissions in the board staff permission editing interface.', label: 'Board Owner', desc: 'Full control of the board, equivalent to the BO. Can delete and/or transfer the board. Can only be given by somebody else with "Board Owner" permission. Use with caution!' }, - MANAGE_BOARD_GENERAL: { label: 'Board Staff', desc: 'General board staff permission. Access mod index, catalog, recent posts and reports. Ability to submit mod actions. Bypass board-specific bans and post filters.' }, - MANAGE_BOARD_BANS: { label: 'Bans', desc: 'Access board bans. Ability to unban, edit, or deny appeals.' }, - MANAGE_BOARD_LOGS: { label: 'Logs', desc: 'Access board logs. Ability to search/filter.' }, - MANAGE_BOARD_SETTINGS: { label: 'Settings', desc: 'Access board settings. Ability to change any settings. Settings page will show transfer/delete forms for those with "Board Owner" permission.' }, - MANAGE_BOARD_CUSTOMISATION: { label: 'Customisation', desc: 'Access to board assets and custompages. Ability to upload, create, edit, delete.' }, - MANAGE_BOARD_STAFF: { label: 'Staff', desc: 'Access to staff management, and ability to add or remove permissions from others. Can only be given by somebody else with "Board Owner" permission. Use with caution!' }, - - USE_MARKDOWN_PINKTEXT: { title: 'Post styling', label: 'Pinktext', desc: 'Use pinktext' }, - USE_MARKDOWN_GREENTEXT: { label: 'Greentext', desc: 'Use greentext' }, - USE_MARKDOWN_BOLD: { label: 'Bold', desc: 'Use bold' }, - USE_MARKDOWN_UNDERLINE: { label: 'Underline', desc: 'Use underline' }, - USE_MARKDOWN_STRIKETHROUGH: { label: 'Strikethrough', desc: 'Use strikethrough' }, - USE_MARKDOWN_TITLE: { label: 'Title', desc: 'Use titles' }, - USE_MARKDOWN_ITALIC: { label: 'Italic', desc: 'Use italics' }, - USE_MARKDOWN_SPOILER: { label: 'Spoiler', desc: 'Use spoilers' }, - USE_MARKDOWN_MONO: { label: 'Inline Monospace', desc: 'Use inline monospace' }, - USE_MARKDOWN_CODE: { label: 'Code Block', desc: 'Use code blocks' }, - USE_MARKDOWN_DETECTED: { label: 'Detected', desc: 'Use detected' }, - USE_MARKDOWN_LINK: { label: 'Links', desc: 'Make links clickable' }, - USE_MARKDOWN_DICE: { label: 'Dice Roll', desc: 'Use dice rolls' }, - USE_MARKDOWN_FORTUNE: { label: 'Fortune', desc: 'Use fortunes' }, +const Metadata = Object.seal(Object.freeze(Object.preventExtensions({ + + [Permissions.ROOT]: { title: 'Root', label: 'Root', desc: 'Full control. Use with caution!', parent: Permissions.ROOT }, + + [Permissions.VIEW_RAW_IP]: { title: 'Raw IPs', label: 'View Raw IPs', desc: 'Ability to see raw IPs in moderation interfaces.' }, + + [Permissions.CREATE_BOARD]: { title: 'Create', label: 'Create Board', desc: 'Ability to create new boards.' }, + [Permissions.CREATE_ACCOUNT]: { label: 'Create Account', desc: 'Ability to register an account.' }, + + [Permissions.BYPASS_BANS]: { title: 'Bypasses', label: 'Bypass Bans', desc: 'Bypass all bans.' }, + [Permissions.BYPASS_SPAMCHECK]: { label: 'Bypass Spamcheck', desc: 'Bypass the basic anti-flood spamcheck for too frequent similar posting.' }, + [Permissions.BYPASS_RATELIMITS]: { label: 'Bypass Ratelimits', desc: 'Bypass ratelimits for getting new captchas, editing posts, editing board settings, etc.' }, + [Permissions.BYPASS_FILTERS]: { label: 'Bypass Filters', desc: 'Bypass all post filters.' }, + [Permissions.BYPASS_CAPTCHA]: { label: 'Bypass Captcha', desc: 'Bypass captcha.' }, + + [Permissions.MANAGE_GLOBAL_GENERAL]: { title: 'Global Management',label: 'Global Staff', desc: 'General global staff permission. Access to recent posts and reports. Ability to submit global actions.' }, + [Permissions.MANAGE_GLOBAL_BANS]: { label: 'Global Bans', desc: 'Access global bans. Ability to unban, edit, or deny appeals.' }, + [Permissions.MANAGE_GLOBAL_LOGS]: { label: 'Global Logs', desc: 'Access global logs. Ability to search/filter' }, + [Permissions.MANAGE_GLOBAL_NEWS]: { label: 'News', desc: 'Access news posting. Ability to add, edit, or delete newsposts.' }, + [Permissions.MANAGE_GLOBAL_BOARDS]: { label: 'Boards', desc: 'Access the global board list. Ability to search/filter. Also grants the ability to transfer or delete any board.' }, + [Permissions.MANAGE_GLOBAL_SETTINGS]: { label: 'Global Settings', desc: 'Access global settings. Ability to change any settings.' }, + [Permissions.MANAGE_GLOBAL_ACCOUNTS]: { label: 'Accounts', desc: 'Access the accounts list. Ability to search/sort. Ability to edit permissions of any user.', parent: Permissions.ROOT }, + [Permissions.MANAGE_GLOBAL_ROLES]: { label: 'Roles', desc: 'Access roles list. Ability to edit roles', parent: Permissions.ROOT }, + + [Permissions.MANAGE_BOARD_OWNER]: { title: 'Board Management', subtitle: 'Note: Setting board management permissions on an account/role level will grant them globally i.e for all boards.\nTo make somebody a normal board owner/staff, transfer them the board or give them the appropriate permissions in the board staff permission editing interface.', label: 'Board Owner', desc: 'Full control of the board, equivalent to the BO. Can delete and/or transfer the board. Can only be given by somebody else with "Board Owner" permission. Use with caution!' }, + [Permissions.MANAGE_BOARD_GENERAL]: { label: 'Board Staff', desc: 'General board staff permission. Access mod index, catalog, recent posts and reports. Ability to submit mod actions. Bypass board-specific bans and post filters.' }, + [Permissions.MANAGE_BOARD_BANS]: { label: 'Bans', desc: 'Access board bans. Ability to unban, edit, or deny appeals.' }, + [Permissions.MANAGE_BOARD_LOGS]: { label: 'Logs', desc: 'Access board logs. Ability to search/filter.' }, + [Permissions.MANAGE_BOARD_SETTINGS]: { label: 'Settings', desc: 'Access board settings. Ability to change any settings. Settings page will show transfer/delete forms for those with "Board Owner" permission.' }, + [Permissions.MANAGE_BOARD_CUSTOMISATION]: { label: 'Customisation', desc: 'Access to board assets and custompages. Ability to upload, create, edit, delete.' }, + [Permissions.MANAGE_BOARD_STAFF]: { label: 'Staff', desc: 'Access to staff management, and ability to add or remove permissions from others. Can only be given by somebody else with "Board Owner" permission. Use with caution!' }, + + [Permissions.USE_MARKDOWN_PINKTEXT]: { title: 'Post styling', label: 'Pinktext', desc: 'Use pinktext' }, + [Permissions.USE_MARKDOWN_GREENTEXT]: { label: 'Greentext', desc: 'Use greentext' }, + [Permissions.USE_MARKDOWN_BOLD]: { label: 'Bold', desc: 'Use bold' }, + [Permissions.USE_MARKDOWN_UNDERLINE]: { label: 'Underline', desc: 'Use underline' }, + [Permissions.USE_MARKDOWN_STRIKETHROUGH]: { label: 'Strikethrough', desc: 'Use strikethrough' }, + [Permissions.USE_MARKDOWN_TITLE]: { label: 'Title', desc: 'Use titles' }, + [Permissions.USE_MARKDOWN_ITALIC]: { label: 'Italic', desc: 'Use italics' }, + [Permissions.USE_MARKDOWN_SPOILER]: { label: 'Spoiler', desc: 'Use spoilers' }, + [Permissions.USE_MARKDOWN_MONO]: { label: 'Inline Monospace', desc: 'Use inline monospace' }, + [Permissions.USE_MARKDOWN_CODE]: { label: 'Code Block', desc: 'Use code blocks' }, + [Permissions.USE_MARKDOWN_DETECTED]: { label: 'Detected', desc: 'Use detected' }, + [Permissions.USE_MARKDOWN_LINK]: { label: 'Links', desc: 'Make links clickable' }, + [Permissions.USE_MARKDOWN_DICE]: { label: 'Dice Roll', desc: 'Use dice rolls' }, + [Permissions.USE_MARKDOWN_FORTUNE]: { label: 'Fortune', desc: 'Use fortunes' }, -}; +}))); module.exports = { diff --git a/models/forms/editaccount.js b/models/forms/editaccount.js index 26ba61a6..9aec55ac 100644 --- a/models/forms/editaccount.js +++ b/models/forms/editaccount.js @@ -2,7 +2,6 @@ const { Accounts } = require(__dirname+'/../../db/') , dynamicResponse = require(__dirname+'/../../lib/misc/dynamic.js') - , { Permissions } = require(__dirname+'/../../lib/permission/permissions.js') , Permission = require(__dirname+'/../../lib/permission/permission.js'); module.exports = async (req, res) => { @@ -13,47 +12,8 @@ module.exports = async (req, res) => { updatingPermissions = new Permission(req.body.template); } else { updatingPermissions = new Permission(res.locals.editingAccount.permissions); - //TODO: change to just be a loop now, and use Metadata[].bit to handle the check on l49 - updatingPermissions.set(Permissions.VIEW_RAW_IP, (req.body.VIEW_RAW_IP != null)); - updatingPermissions.set(Permissions.CREATE_BOARD, (req.body.CREATE_BOARD != null)); - updatingPermissions.set(Permissions.CREATE_ACCOUNT, (req.body.CREATE_ACCOUNT != null)); - updatingPermissions.set(Permissions.BYPASS_BANS, (req.body.BYPASS_BANS != null)); - updatingPermissions.set(Permissions.BYPASS_SPAMCHECK, (req.body.BYPASS_SPAMCHECK != null)); - updatingPermissions.set(Permissions.BYPASS_RATELIMITS, (req.body.BYPASS_RATELIMITS != null)); - updatingPermissions.set(Permissions.BYPASS_FILTERS, (req.body.BYPASS_FILTERS != null)); - updatingPermissions.set(Permissions.BYPASS_CAPTCHA, (req.body.BYPASS_CAPTCHA != null)); - updatingPermissions.set(Permissions.MANAGE_GLOBAL_GENERAL, (req.body.MANAGE_GLOBAL_GENERAL != null)); - updatingPermissions.set(Permissions.MANAGE_GLOBAL_BANS, (req.body.MANAGE_GLOBAL_BANS != null)); - updatingPermissions.set(Permissions.MANAGE_GLOBAL_LOGS, (req.body.MANAGE_GLOBAL_LOGS != null)); - updatingPermissions.set(Permissions.MANAGE_GLOBAL_NEWS, (req.body.MANAGE_GLOBAL_NEWS != null)); - updatingPermissions.set(Permissions.MANAGE_GLOBAL_BOARDS, (req.body.MANAGE_GLOBAL_BOARDS != null)); - updatingPermissions.set(Permissions.MANAGE_GLOBAL_SETTINGS, (req.body.MANAGE_GLOBAL_SETTINGS != null)); - updatingPermissions.set(Permissions.MANAGE_BOARD_GENERAL, (req.body.MANAGE_BOARD_GENERAL != null)); - updatingPermissions.set(Permissions.MANAGE_BOARD_OWNER, (req.body.MANAGE_BOARD_OWNER != null)); - updatingPermissions.set(Permissions.MANAGE_BOARD_BANS, (req.body.MANAGE_BOARD_BANS != null)); - updatingPermissions.set(Permissions.MANAGE_BOARD_LOGS, (req.body.MANAGE_BOARD_LOGS != null)); - updatingPermissions.set(Permissions.MANAGE_BOARD_SETTINGS, (req.body.MANAGE_BOARD_SETTINGS != null)); - updatingPermissions.set(Permissions.MANAGE_BOARD_CUSTOMISATION, (req.body.MANAGE_BOARD_CUSTOMISATION != null)); - updatingPermissions.set(Permissions.MANAGE_BOARD_STAFF, (req.body.MANAGE_BOARD_STAFF != null)); - updatingPermissions.set(Permissions.USE_MARKDOWN_PINKTEXT, (req.body.USE_MARKDOWN_PINKTEXT != null)); - updatingPermissions.set(Permissions.USE_MARKDOWN_GREENTEXT, (req.body.USE_MARKDOWN_GREENTEXT != null)); - updatingPermissions.set(Permissions.USE_MARKDOWN_BOLD, (req.body.USE_MARKDOWN_BOLD != null)); - updatingPermissions.set(Permissions.USE_MARKDOWN_UNDERLINE, (req.body.USE_MARKDOWN_UNDERLINE != null)); - updatingPermissions.set(Permissions.USE_MARKDOWN_STRIKETHROUGH, (req.body.USE_MARKDOWN_STRIKETHROUGH != null)); - updatingPermissions.set(Permissions.USE_MARKDOWN_TITLE, (req.body.USE_MARKDOWN_TITLE != null)); - updatingPermissions.set(Permissions.USE_MARKDOWN_ITALIC, (req.body.USE_MARKDOWN_ITALIC != null)); - updatingPermissions.set(Permissions.USE_MARKDOWN_SPOILER, (req.body.USE_MARKDOWN_SPOILER != null)); - updatingPermissions.set(Permissions.USE_MARKDOWN_MONO, (req.body.USE_MARKDOWN_MONO != null)); - updatingPermissions.set(Permissions.USE_MARKDOWN_CODE, (req.body.USE_MARKDOWN_CODE != null)); - updatingPermissions.set(Permissions.USE_MARKDOWN_DETECTED, (req.body.USE_MARKDOWN_DETECTED != null)); - updatingPermissions.set(Permissions.USE_MARKDOWN_LINK, (req.body.USE_MARKDOWN_LINK != null)); - updatingPermissions.set(Permissions.USE_MARKDOWN_DICE, (req.body.USE_MARKDOWN_DICE != null)); - updatingPermissions.set(Permissions.USE_MARKDOWN_FORTUNE, (req.body.USE_MARKDOWN_FORTUNE != null)); - if (res.locals.permissions.get(Permissions.ROOT)) { - updatingPermissions.set(Permissions.MANAGE_GLOBAL_ACCOUNTS, (req.body.MANAGE_GLOBAL_ACCOUNTS != null)); - updatingPermissions.set(Permissions.MANAGE_GLOBAL_ROLES, (req.body.MANAGE_GLOBAL_ROLES != null)); - updatingPermissions.set(Permissions.ROOT, (req.body.ROOT != null)); - } + updatingPermissions.handleBody(req.body, res.locals.permissions); + updatingPermissions.applyInheritance(); } updatingPermissions.applyInheritance(); diff --git a/models/forms/editrole.js b/models/forms/editrole.js index e42e6121..8cf40a0f 100644 --- a/models/forms/editrole.js +++ b/models/forms/editrole.js @@ -4,53 +4,12 @@ const { Roles, Accounts } = require(__dirname+'/../../db/') , redis = require(__dirname+'/../../lib/redis/redis.js') , dynamicResponse = require(__dirname+'/../../lib/misc/dynamic.js') , roleManager = require(__dirname+'/../../lib/permission/rolemanager.js') - , { Permissions } = require(__dirname+'/../../lib/permission/permissions.js') , Permission = require(__dirname+'/../../lib/permission/permission.js'); module.exports = async (req, res) => { let rolePermissions = new Permission(res.locals.editingRole.permissions); - //TODO: change to just be a loop now, and use Metadata[].bit to handle the check on l49 - rolePermissions.set(Permissions.VIEW_RAW_IP, (req.body.VIEW_RAW_IP != null)); - rolePermissions.set(Permissions.CREATE_BOARD, (req.body.CREATE_BOARD != null)); - rolePermissions.set(Permissions.CREATE_ACCOUNT, (req.body.CREATE_ACCOUNT != null)); - rolePermissions.set(Permissions.BYPASS_BANS, (req.body.BYPASS_BANS != null)); - rolePermissions.set(Permissions.BYPASS_SPAMCHECK, (req.body.BYPASS_SPAMCHECK != null)); - rolePermissions.set(Permissions.BYPASS_RATELIMITS, (req.body.BYPASS_RATELIMITS != null)); - rolePermissions.set(Permissions.BYPASS_FILTERS, (req.body.BYPASS_FILTERS != null)); - rolePermissions.set(Permissions.BYPASS_CAPTCHA, (req.body.BYPASS_CAPTCHA != null)); - rolePermissions.set(Permissions.MANAGE_GLOBAL_GENERAL, (req.body.MANAGE_GLOBAL_GENERAL != null)); - rolePermissions.set(Permissions.MANAGE_GLOBAL_BANS, (req.body.MANAGE_GLOBAL_BANS != null)); - rolePermissions.set(Permissions.MANAGE_GLOBAL_LOGS, (req.body.MANAGE_GLOBAL_LOGS != null)); - rolePermissions.set(Permissions.MANAGE_GLOBAL_NEWS, (req.body.MANAGE_GLOBAL_NEWS != null)); - rolePermissions.set(Permissions.MANAGE_GLOBAL_BOARDS, (req.body.MANAGE_GLOBAL_BOARDS != null)); - rolePermissions.set(Permissions.MANAGE_GLOBAL_SETTINGS, (req.body.MANAGE_GLOBAL_SETTINGS != null)); - rolePermissions.set(Permissions.MANAGE_BOARD_GENERAL, (req.body.MANAGE_BOARD_GENERAL != null)); - rolePermissions.set(Permissions.MANAGE_BOARD_OWNER, (req.body.MANAGE_BOARD_OWNER != null)); - rolePermissions.set(Permissions.MANAGE_BOARD_BANS, (req.body.MANAGE_BOARD_BANS != null)); - rolePermissions.set(Permissions.MANAGE_BOARD_LOGS, (req.body.MANAGE_BOARD_LOGS != null)); - rolePermissions.set(Permissions.MANAGE_BOARD_SETTINGS, (req.body.MANAGE_BOARD_SETTINGS != null)); - rolePermissions.set(Permissions.MANAGE_BOARD_CUSTOMISATION, (req.body.MANAGE_BOARD_CUSTOMISATION != null)); - rolePermissions.set(Permissions.MANAGE_BOARD_STAFF, (req.body.MANAGE_BOARD_STAFF != null)); - rolePermissions.set(Permissions.USE_MARKDOWN_PINKTEXT, (req.body.USE_MARKDOWN_PINKTEXT != null)); - rolePermissions.set(Permissions.USE_MARKDOWN_GREENTEXT, (req.body.USE_MARKDOWN_GREENTEXT != null)); - rolePermissions.set(Permissions.USE_MARKDOWN_BOLD, (req.body.USE_MARKDOWN_BOLD != null)); - rolePermissions.set(Permissions.USE_MARKDOWN_UNDERLINE, (req.body.USE_MARKDOWN_UNDERLINE != null)); - rolePermissions.set(Permissions.USE_MARKDOWN_STRIKETHROUGH, (req.body.USE_MARKDOWN_STRIKETHROUGH != null)); - rolePermissions.set(Permissions.USE_MARKDOWN_TITLE, (req.body.USE_MARKDOWN_TITLE != null)); - rolePermissions.set(Permissions.USE_MARKDOWN_ITALIC, (req.body.USE_MARKDOWN_ITALIC != null)); - rolePermissions.set(Permissions.USE_MARKDOWN_SPOILER, (req.body.USE_MARKDOWN_SPOILER != null)); - rolePermissions.set(Permissions.USE_MARKDOWN_MONO, (req.body.USE_MARKDOWN_MONO != null)); - rolePermissions.set(Permissions.USE_MARKDOWN_CODE, (req.body.USE_MARKDOWN_CODE != null)); - rolePermissions.set(Permissions.USE_MARKDOWN_DETECTED, (req.body.USE_MARKDOWN_DETECTED != null)); - rolePermissions.set(Permissions.USE_MARKDOWN_LINK, (req.body.USE_MARKDOWN_LINK != null)); - rolePermissions.set(Permissions.USE_MARKDOWN_DICE, (req.body.USE_MARKDOWN_DICE != null)); - rolePermissions.set(Permissions.USE_MARKDOWN_FORTUNE, (req.body.USE_MARKDOWN_FORTUNE != null)); - if (res.locals.permissions.get(Permissions.ROOT)) { - rolePermissions.set(Permissions.MANAGE_GLOBAL_ACCOUNTS, (req.body.MANAGE_GLOBAL_ACCOUNTS != null)); - rolePermissions.set(Permissions.MANAGE_GLOBAL_ROLES, (req.body.MANAGE_GLOBAL_ROLES != null)); - rolePermissions.set(Permissions.ROOT, (req.body.ROOT != null)); - } + rolePermissions.handleBody(req.body, res.locals.permissions); rolePermissions.applyInheritance(); const existingRoleName = roleManager.roleNameMap[rolePermissions.base64]; diff --git a/views/includes/globalpermissionsform.pug b/views/includes/globalpermissionsform.pug index a7c2f87f..d43b7778 100644 --- a/views/includes/globalpermissionsform.pug +++ b/views/includes/globalpermissionsform.pug @@ -1,13 +1,13 @@ -for perm, index in Object.keys(jsonPermissions) - if jsonPermissions[perm].title && index > 0 +for bit, index in Object.keys(jsonPermissions) + if jsonPermissions[bit].title && index > 0 hr(size=1) - h4.mv-5 #{jsonPermissions[perm].title} - if jsonPermissions[perm].subtitle - p #{jsonPermissions[perm].subtitle} + h4.mv-5 #{jsonPermissions[bit].title} + if jsonPermissions[bit].subtitle + p #{jsonPermissions[bit].subtitle} .row - - const hasParent = jsonPermissions[perm].parent == null || permissions.get(jsonPermissions[perm].parent); + - const hasParent = jsonPermissions[bit].parent == null || permissions.get(jsonPermissions[bit].parent); label.postform-style.ph-5(class=(!hasParent ? 'notallowed' : null)) - input(type='checkbox' name=perm value=jsonPermissions[perm].bit checked=jsonPermissions[perm].state disabled=!hasParent) - .rlabel #{jsonPermissions[perm].label} - p #{jsonPermissions[perm].desc} + input(type='checkbox' name=`permission_bit_${bit}` value=bit checked=jsonPermissions[bit].state disabled=!hasParent) + .rlabel #{jsonPermissions[bit].label} + p #{jsonPermissions[bit].desc} input(type='submit', value='Save')