ref #377 "template names", else "Custom" in accounts/staff table

2 years ago · 8bd41eabd0
parent 448660707a
commit 8bd41eabd0
15 changed files with 52 additions and 95 deletions
--- a/59
+++ b/59
@ -1,59 +0,0 @@
-RANDOM SHIT DISREGARD
-  - [x] permission checks in helpers/checks/actionchecker.js
-  - [x] permission bypasses in helpers/schema.js, and edit controllers schema check perm levels to new Permissions.XXX
-  - [x] helpers/posting/markdown.js markdown permission levels, and in binded custom callback markdowns like diceroll, linkmatch, etc
-  - [x] remove permLevels, permLevels.markdown, the global settings for it, the controller code for checking it, and put a bit of the template into the migrations
-  - [x] helpers/decodequeryip.js for ip query decoding, and handle the iphashpermlevel stuff
-  - [x] make sure a valid permission always passed to markdown. make note about bug for moving, and permission on other posts when getting remarked.
-  - [x] helpers/posting/message.js, argument permlevel, and passing to markdown function (and other places like editing and moving!)
-  - [x] helpers/checks/spamcheck.js, for BYPASS_SPAMCHECKS
-  - [x] helpers/checks/bancheck.js, for BYPASS_BANS or BOARD_MANAGE_OWNER/GENERAL, for board bans
-  - [x] helpers/checks/calcpermsmiddleware.js, make it return the Permission instance, not return and set res.locals.permLevel
-  - [x] remove ipHashPermLevel, use the permission. remove from template.js, globalmanage, controller, etc
-  - [x] remove permLevel bypass in imagehash helper
-  - [x] helpers/posting/name.js, to emulate old "levels" for capcodes
-  - [x] per-board permissions page, to show a users permissions
-  - [x] global permissions page /permissions.html
-  - [x] remove authLevel from models/pages/account.js
-  - [x] update account.html, to show only the pages you are able to access in the quick links
-  - [x] redo whole permissions check in socketio.js, to use calcPerms (and hasPerms? or a separate check)
-  - [x] fix permissions check in views/mixins/managenav.pug, and make it all more like account.pug
-  - [x] remove unnecessary board_owner check in page controllers, since they inherit all othe board perms
-  - [x] link in board staff table, by clicking aand "edit" of the permission base64, to /board/manage/editstaff/username.html,
-  - [x] remove permissions fluff from FAQ, that shit doesnt need to be there
-  - [x] rename addModBoard removeModBoard, getOwnedOrModBoards, modBoards, rename mod to "staff"
-  - [x] db migration, modBoards to staffBoards
-  - [x] create db/boards addStaff method, unused yet, 
-  - [x] update removeStaffBoard to handle staff object instead of moderators, change those db methods to be called "staff" not "moderators"
-  - [x] change board "moderators" array, rename "staff" and make it a map of {username:{permissions, dateAdded, etc}}
-  - [x] add forms to add and delete staff from a board, using new staff methods in db/boards and db/accounts
-  - [x] add new page /board/manage/editstaff/username.html accessible with MANAGE_BOARD_STAFF, showing the permissions for that user ON THAT BOARD (the board_ stuff only basically)
-  - [x] link in accounts table, by clicking and "edit" of the permission base64, to /globalmanage/editpermissions/account_id.html,
-  - [x] add permisions default template to newly created accounts under permissions.
-  - [x] finally remove authLevel from helpers/checks/calcperms.js once the data is in the db
-  - [x] update setting authLevel in db/accounts.js, since it should just be permissions data now
-  - [x] add permtemplates to accounts with migration, based on authlevel, then UNSET auth level
-  - [x] remove deleteBoardsPermLevel, use ther permission (permissions already checked on the endpoint, so remove from template.js, globalmanage, controller, etc
-  - [x] remove authLevelNames
-  - [x] controllers/forms/editstaff.js models/forms/editstaff.js
-  - [x] fix inheriting board staff perms in calcperms
-  - [x] adapt controllers/forms/editaccount.js models/forms/editaccount.js to ACCOUNTS, instead of STAFF!
-  - [x] do another grep for permLevel and authLevel, userBoardCreation, userAccountCreation, ipHashPermLevel, etc
-  - [x] add new setting "dont store raw ips" instead of based on "-1" ipHashPermLevel which is now removed.
-  - [x] remove "allow user board creation" and "allow user account creation" in global settings, since it should be part of editing the default/anon users permission template
-  - [x] make sure staff/acount adding and removing stays consistent
-  - [x] change bunch permLevel comparisons, esp in models/forms/makepost. to use the perms, or just a combo of some perm like manage_board_general/manage_global_general
-  - [x] finish migration
-  - [x] get permissions for multiple boards in account page, to show the proper links for staff and all the links can be available in "boards you own" vs "moderate", depending on their staff permissions
-  - [x] add some "edit" link and edit account "upgrade"-type buttons, like the local->global post history links (where permssions allow)
-  - [x] add some "friendly" permission names and descriptions for permissions.toJSON, mostly for frontend, and will be good for translation later
-  - [x] make permission class better, static allPermissions and permissionEntries
-  - [x] make BOs show up properly in edit staff, controller check to prevent editing them
-  - [~] make at least the ANON template editable with MANAGE_GLOBAL_ACCOUNTS. can store in globalsettings for now, since there are only the default 5 (for now)
-  - [~] implement showing "template name" or "custom", based on id a permission is one of the templates or not
-  - [ ] update nginx config
-Improvements for later
-  - [ ] update jschan-docs. add a section about accounts, staff and permissions.
-  - [ ] !!explore options for permission changes applying to users when a template is updated. e.g. change the anon template to add the CREATE_BOARD, but an existing user (who does not have this permission) doesnt get it added to their account. I think use mongo $bitsAllSet+$bitsAllClear works for this (since the binary is stored), and then set the new permission binary. for missing ADDED permissions, inheriting from anon could be a good interim solution, but needs to be properly changed to handle the inverse properly.
-  - [ ] permission editing page to mass update or apply a change to multiple users just for specific permissions, not a full overwrite. maybe a page with options "dont change, set to false, set to true"? 
-  - [ ] full on ability to add custom templates for roles, and 
--- a/gulpfile.js
+++ b/gulpfile.js
@ -7,7 +7,7 @@ const config = require(__dirname+'/config.js')
 	, semver = require('semver')
 	, uploadDirectory = require(__dirname+'/helpers/files/uploadDirectory.js')
 	, commit = require(__dirname+'/helpers/commit.js')
-	, PermissionTemplates = require(__dirname+'/helpers/permtemplates.js')
+	, { permTemplates } = require(__dirname+'/helpers/permtemplates.js')
 	, replace = require('gulp-replace')
 	, less = require('gulp-less')
 	, concat = require('gulp-concat')
@ -204,7 +204,7 @@ async function wipe() {
 	await Posts.db.createIndex({ 'globalreports.0': 1 }, { 'partialFilterExpression': {	'globalreports.0': { '$exists': true } } })

 	const randomPassword = randomBytes(20).toString('base64')
-	await Accounts.insertOne('admin', 'admin', randomPassword, PermissionTemplates.ROOT);
+	await Accounts.insertOne('admin', 'admin', randomPassword, permTemplates.ROOT);
 	console.log('=====LOGIN DETAILS=====\nusername: admin\npassword:', randomPassword, '\n=======================');

 	await db.collection('version').replaceOne({
--- a/helpers/checks/calcperms.js
+++ b/helpers/checks/calcperms.js
@ -2,7 +2,7 @@

 const Permissions = require(__dirname+'/../permissions.js') //needs rename
 	, Permission = require(__dirname+'/../permission.js')
-	, PermissionTemplates = require(__dirname+'/../permtemplates.js');
+	, { permTemplates } = require(__dirname+'/../permtemplates.js');

 module.exports = (req, res) => {

@ -40,7 +40,7 @@ module.exports = (req, res) => {

 	} else {
 		//not logged in, gets default anon permission
-		calculatedPermissions = new Permission(PermissionTemplates.ANON.base64);
+		calculatedPermissions = new Permission(permTemplates.ANON.base64);
 	}

 	return calculatedPermissions;
--- a/helpers/permtemplates.js
+++ b/helpers/permtemplates.js
@ -35,9 +35,21 @@ const ROOT = new Permission();
 ROOT.setAll(Permission.allPermissions);

 module.exports = {
-	ANON,
-	BOARD_STAFF,
-	BOARD_OWNER,
-	GLOBAL_STAFF,
-	ROOT,
+
+	permTemplates: {
+		ANON,
+		BOARD_STAFF,
+		BOARD_OWNER,
+		GLOBAL_STAFF,
+		ROOT,
+	},
+
+	permTemplateMap: {
+		[ANON.base64]: 'Regular User',
+		[BOARD_STAFF.base64]: 'Board Staff',
+		[BOARD_OWNER.base64]: 'Board Owner',
+		[GLOBAL_STAFF.base64]: 'Global Staff',
+		[ROOT.base64]: 'Admin',
+	},
+
 };
--- a/helpers/posting/message.js
+++ b/helpers/posting/message.js
@ -5,7 +5,7 @@ const quoteHandler = require(__dirname+'/quotes.js')
 	, { markdown } = require(__dirname+'/markdown.js')
 	, sanitizeOptions = require(__dirname+'/sanitizeoptions.js')
 	, Permission = require(__dirname+'/../permissions.js')
-	, PermissionTemplates = require(__dirname+'/../permtemplates.js')
+	, { permTemplates } = require(__dirname+'/../permtemplates.js')
 	, sanitize = require('sanitize-html');

 module.exports = async (inputMessage, boardName, threadId=null, permissions=null) => {
@ -16,7 +16,7 @@ module.exports = async (inputMessage, boardName, threadId=null, permissions=null

 	if (permissions === null) {
 		//technically there has for a long time been a bug here, but it can be fixed later. permissions unknown for old msgs
-		permissions = new Permission(PermissionTemplates.ANON.base64);
+		permissions = new Permission(permTemplates.ANON.base64);
 	}

 	//markdown a post, link the quotes, sanitize and return message and quote arrays
--- a/helpers/render.js
+++ b/helpers/render.js
@ -12,6 +12,7 @@ const { outputFile } = require('fs-extra')
 	, { version } = require(__dirname+'/../package.json')
 	, templateDirectory = path.join(__dirname+'/../views/pages/')
 	, Permissions = require(__dirname+'/permissions.js')
+	, { permTemplateMap } = require(__dirname+'/permtemplates.js')
 	, config = require(__dirname+'/../config.js');

 let { archiveLinksURL, lockWait, globalLimits, boardDefaults, cacheTemplates, 
@ -22,6 +23,7 @@ const updateLocals = () => {
 	({ archiveLinksURL, lockWait, globalLimits, boardDefaults, cacheTemplates,
 		reverseImageLinksURL, meta, enableWebring, captchaOptions, globalAnnouncement } = config.get);
 	renderLocals = {
+		permTemplateMap,
 		Permissions,
 		cache: cacheTemplates,
 		archiveLinksURL,
--- a/migrations/0.4.0.js
+++ b/migrations/0.4.0.js
@ -1,6 +1,6 @@
 'use strict';

-const PermissionTemplates = require(__dirname+'/../helpers/permtemplates.js')
+const { permTemplates } = require(__dirname+'/../helpers/permtemplates.js')
 	, Permission = require(__dirname+'/../helpers/permission.js')
 	, { Binary } = require('mongodb');

@ -9,19 +9,19 @@ module.exports = async(db, redis) => {
 	console.log('setting new permission templates to replace old permission "levels"');
 	await db.collection('accounts').updateMany({ permLevel: 0 }, {
 		'$set': {
-			'permissions': Binary(PermissionTemplates.ROOT.array),
+			'permissions': Binary(permTemplates.ROOT.array),
 		},
 	});
 	await db.collection('accounts').updateMany({ permLevel: 1 }, {
 		'$set': {
-			'permissions': Binary(PermissionTemplates.GLOBAL_STAFF.array),
+			'permissions': Binary(permTemplates.GLOBAL_STAFF.array),
 		},
 	});
 	//not doing 2 and 3 anymore, since they were a weird, ugly part of the old "levels" system.
 	//they can be added back manually by editing global perms if desired
 	await db.collection('accounts').updateMany({ permLevel: { $gte: 2 } }, { //gte2, to get 2, 3, and 4.
 		'$set': {
-			'permissions': Binary(PermissionTemplates.ANON.array),
+			'permissions': Binary(permTemplates.ANON.array),
 		},
 	});
 	console.log('renaming account modBoards->staffBoards');
@ -51,14 +51,14 @@ module.exports = async(db, redis) => {
 	const bulkWrites = allBoards.map(board => {
 		const staffObject = board.moderators.reduce((acc, mod) => {
 			acc[mod] = {
-				permissions: Binary(PermissionTemplates.BOARD_STAFF.array),
+				permissions: Binary(permTemplates.BOARD_STAFF.array),
 				addedDate: new Date(),
 			};
 			return acc;
 		}, {});
 		//add add the BO to staff
 		staffObject[board.owner] = {
-			permissions: Binary(PermissionTemplates.BOARD_OWNER.array),
+			permissions: Binary(permTemplates.BOARD_OWNER.array),
 			addedDate: new Date(),
 		}
 		return {
--- a/models/forms/addstaff.js
+++ b/models/forms/addstaff.js
@ -2,13 +2,13 @@

 const { Boards, Accounts } = require(__dirname+'/../../db/')
 	, dynamicResponse = require(__dirname+'/../../helpers/dynamic.js')
-	, PermissionTemplates = require(__dirname+'/../../helpers/permtemplates.js');
+	, { permTemplates } = require(__dirname+'/../../helpers/permtemplates.js');

 module.exports = async (req, res, next) => {

 	await Promise.all([
 		Accounts.addStaffBoard([req.body.username], res.locals.board._id),
-		Boards.addStaff(res.locals.board._id, req.body.username, PermissionTemplates.BOARD_STAFF)
+		Boards.addStaff(res.locals.board._id, req.body.username, permTemplates.BOARD_STAFF)
 	]);

 	return dynamicResponse(req, res, 200, 'message', {
--- a/models/forms/create.js
+++ b/models/forms/create.js
@ -3,7 +3,7 @@
 const { Boards, Accounts } = require(__dirname+'/../../db/')
 	, { Binary } = require(__dirname+'/../../db/db.js')
 	, dynamicResponse = require(__dirname+'/../../helpers/dynamic.js')
-	, PermissionTemplates = require(__dirname+'/../../helpers/permtemplates.js')
+	, { permTemplates } = require(__dirname+'/../../helpers/permtemplates.js')
 	, uploadDirectory = require(__dirname+'/../../helpers/files/uploadDirectory.js')
 	, restrictedURIs = new Set(['captcha', 'forms', 'randombanner', 'all'])
 	, { ensureDir } = require('fs-extra')
@ -52,7 +52,7 @@ module.exports = async (req, res, next) => {
 		'webring': false,
 		'staff': {
 			[owner]: {
-				'permissions': Binary(PermissionTemplates.BOARD_OWNER.array),
+				'permissions': Binary(permTemplates.BOARD_OWNER.array),
 				'addedDate': new Date(),
 			},
 		},
--- a/models/forms/register.js
+++ b/models/forms/register.js
@ -2,7 +2,7 @@

 const { Accounts } = require(__dirname+'/../../db/')
 	, dynamicResponse = require(__dirname+'/../../helpers/dynamic.js')
-	, PermissionTemplates = require(__dirname+'/../../helpers/permtemplates.js');
+	, { permTemplates } = require(__dirname+'/../../helpers/permtemplates.js');

 module.exports = async (req, res, next) => {

@ -22,7 +22,7 @@ module.exports = async (req, res, next) => {
 	}

 	// add account to db. password is hashed in db model func for easier tests
-	await Accounts.insertOne(original, username, password, PermissionTemplates.ANON);
+	await Accounts.insertOne(original, username, password, permTemplates.ANON);

 	return res.redirect('/login.html');

--- a/models/forms/transferboard.js
+++ b/models/forms/transferboard.js
@ -2,7 +2,7 @@

 const { Boards, Accounts } = require(__dirname+'/../../db/')
 	, dynamicResponse = require(__dirname+'/../../helpers/dynamic.js')
-	, PermissionTemplates = require(__dirname+'/../../helpers/permtemplates.js');
+	, { permTemplates } = require(__dirname+'/../../helpers/permtemplates.js');

 module.exports = async (req, res, next) => {

@ -20,14 +20,14 @@ module.exports = async (req, res, next) => {
 	if (res.locals.board.staff[newOwner._id] != null) {
 		//if already a staff, just change their permission instead of removing+adding back
 		await Promise.all([
-			Boards.setStaffPermissions(req.params.board, newOwner._id, PermissionTemplates.BOARD_OWNER, true),
+			Boards.setStaffPermissions(req.params.board, newOwner._id, permTemplates.BOARD_OWNER, true),
 			Accounts.removeStaffBoard([newOwner._id], req.params.board),
 			Accounts.addOwnedBoard(newOwner._id, req.params.board),
 		]);
 	} else {
 		//otherwise add them as a new staff+owner
 		await Promise.all([
-			Boards.addStaff(req.params.board, newOwner._id, PermissionTemplates.BOARD_OWNER, true),
+			Boards.addStaff(req.params.board, newOwner._id, permTemplates.BOARD_OWNER, true),
 			Accounts.addOwnedBoard(newOwner._id, req.params.board),
 		]);
 	}
--- a/server.js
+++ b/server.js
@ -16,8 +16,9 @@ const config = require(__dirname+'/config.js')
 	, commit = require(__dirname+'/helpers/commit.js')
 	, { version } = require(__dirname+'/package.json')
 	, formatSize = require(__dirname+'/helpers/files/formatsize.js')
+	, CachePugTemplates = require('cache-pug-templates')
 	, Permissions = require(__dirname+'/helpers/permissions.js')
-	, CachePugTemplates = require('cache-pug-templates');
+	, { permTemplateMap } = require(__dirname+'/helpers/permtemplates.js');

 (async () => {

@ -71,6 +72,7 @@ const config = require(__dirname+'/config.js')
 		app.cache = {};
 		app[cacheTemplates === true ? 'enable' : 'disable']('view cache');
 		//default settings
+		app.locals.permTemplateMap = permTemplateMap;
 		app.locals.Permissions = Permissions;
 		app.locals.defaultTheme = boardDefaults.theme;
 		app.locals.defaultCodeTheme = boardDefaults.codeTheme;
--- a/socketio.js
+++ b/socketio.js
@ -6,9 +6,7 @@ const { redis: redisConfig } = require(__dirname+'/configs/secrets.js')
 	, roomRegex = /^(?<roomBoard>[a-z0-9]+)-(?<roomName>[a-z0-9-]+)$/i
 	, calcPerms = require(__dirname+'/helpers/checks/calcperms.js')
 	, Permissions = require(__dirname+'/helpers/permissions.js')
-	, Permission = require(__dirname+'/helpers/permission.js')
-	, PermissionTemplates = require(__dirname+'/helpers/permtemplates.js');
-
+	, Permission = require(__dirname+'/helpers/permission.js');

 module.exports = {

--- a/views/pages/globalmanageaccounts.pug
+++ b/views/pages/globalmanageaccounts.pug
@ -24,7 +24,7 @@ block content
 		if accounts && accounts.length > 0
 			form.form-post.nogrow(action=`/forms/global/deleteaccounts` method='POST' enctype='application/x-www-form-urlencoded')
 				input(type='hidden' name='_csrf' value=csrf)
-				.table-container.flex-left
+				.table-container.flex-left.text-center
 					table
 						tr
 							th
@ -32,7 +32,8 @@ block content
 							th Own Boards
 							th Staff Boards
 							th Last Active
-							th(colspan=2) Permissions
+							th Role
+							th Permissions
 						for account in accounts
 							tr
 								td: input(type='checkbox', name='checkedaccounts' value=account._id)
@ -56,7 +57,7 @@ block content
 										time.reltime(datetime=account.lastActiveDate.toISOString()) #{account.lastActiveDate.toLocaleString(undefined, {hourCycle:'h23'})}
 									else
 										| -		
-								td: span.mono #{account.permissions.toString('base64')}
+								td #{permTemplateMap[account.permissions.toString('base64')] || 'Custom'}
 								td
 									if account._id !== user.username
 										a(href=`/globalmanage/editaccount/${account._id}.html`) [Edit]
--- a/views/pages/managestaff.pug
+++ b/views/pages/managestaff.pug
@ -24,14 +24,15 @@ block content
 	if staffNames.length > 0
 		form.form-post.nogrow(action=`/forms/board/${board._id}/deletestaff` method='POST' enctype='application/x-www-form-urlencoded')
 			input(type='hidden' name='_csrf' value=csrf)
-			.table-container.flex-left.mv-5
+			.table-container.flex-left.mv-5.text-center
 				table
 					tr
 						th
 						th Username
 						th Date Added
 						th Logs
-						th(colspan=2) Permissions
+						th Role
+						th Permissions
 					for username in staffNames
 						tr
 							td: input(type='checkbox' name='checkedstaff' value=username)
@ -39,7 +40,7 @@ block content
 							td 
 								time.reltime(datetime=board.staff[username].addedDate) #{board.staff[username].addedDate.toLocaleString(undefined, {hourCycle:'h23'})}
 							td: a(href=`/${board._id}/manage/logs.html?username=${username}`) [View]
-							td: span.mono #{board.staff[username].permissions.toString('base64')}
+							td #{permTemplateMap[board.staff[username].permissions.toString('base64')] || 'Custom'}
 							td
 								if user.username !== username
 									a(href=`/${board._id}/manage/editstaff/${username}.html`) [Edit]