mirror of https://gitgud.io/fatchan/jschan.git
Start making roles editable ref #377
permtemplates are now roles. They are in the db and can be edited. Still have to do a few things like the migration, gulpfile and some small details.merge-requests/341/head
parent
78f56b4be0
commit
993924a5f2
35 changed files with 432 additions and 116 deletions
@ -0,0 +1,42 @@ |
||||
'use strict'; |
||||
|
||||
const editRole = require(__dirname+'/../../models/forms/editrole.js') |
||||
, { Roles } = require(__dirname+'/../../db/') |
||||
, dynamicResponse = require(__dirname+'/../../helpers/dynamic.js') |
||||
, paramConverter = require(__dirname+'/../../helpers/paramconverter.js') |
||||
, { checkSchema, lengthBody, numberBody, minmaxBody, numberBodyVariable, |
||||
inArrayBody, arrayInBody, existsBody } = require(__dirname+'/../../helpers/schema.js'); |
||||
|
||||
module.exports = { |
||||
|
||||
paramConverter: paramConverter({ |
||||
objectIdFields: ['roleid'], |
||||
}), |
||||
|
||||
controller: async (req, res, next) => { |
||||
|
||||
const errors = await checkSchema([ |
||||
{ result: existsBody(req.body.roleid), expected: true, error: 'Missing role id' }, |
||||
{ result: async () => { |
||||
res.locals.editingRole = await Roles.findOne(req.body.roleid); |
||||
return res.locals.editingRole != null && res.locals.editingRole.name !== 'ROOT'; |
||||
}, blocking: true, expected: true, error: "You can't edit this role" }, |
||||
]); |
||||
|
||||
if (errors.length > 0) { |
||||
return dynamicResponse(req, res, 400, 'message', { |
||||
'title': 'Bad request', |
||||
'errors': errors, |
||||
'redirect': req.headers.referer || `/${req.params.board}/manage/roles.html`, |
||||
}); |
||||
} |
||||
|
||||
try { |
||||
await editRole(req, res, next); |
||||
} catch (err) { |
||||
return next(err); |
||||
} |
||||
|
||||
} |
||||
|
||||
} |
@ -0,0 +1,46 @@ |
||||
'use strict'; |
||||
|
||||
const Mongo = require(__dirname+'/db.js') |
||||
, db = Mongo.db.collection('roles') |
||||
, cache = require(__dirname+'/../redis.js'); |
||||
|
||||
module.exports = { |
||||
|
||||
db, |
||||
|
||||
findOne: async (id) => { |
||||
//is there any point even caching
|
||||
let role = await cache.get(`role:${id}`); |
||||
if (role) { |
||||
return role; |
||||
} else { |
||||
role = await db.findOne({ '_id': id }); |
||||
if (role) { |
||||
role.permissions = role.permissions.toString('base64'); |
||||
cache.set(`role:${id}`, role); |
||||
} |
||||
} |
||||
return role; |
||||
}, |
||||
|
||||
find: () => { |
||||
return db.find({}).toArray(); |
||||
}, |
||||
|
||||
updateOne: async (id, permissions) => { |
||||
const res = await db.updateOne({ |
||||
'_id': id |
||||
}, { |
||||
'$set': { |
||||
'permissions': Mongo.Binary(permissions.array), |
||||
}, |
||||
}); |
||||
cache.del(`role:${id}`); |
||||
return res; |
||||
}, |
||||
|
||||
deleteAll: () => { |
||||
return db.deleteMany({}); |
||||
}, |
||||
|
||||
}; |
@ -1,62 +0,0 @@ |
||||
'use strict'; |
||||
|
||||
const Permissions = require(__dirname+'/permissions.js') |
||||
, Permission = require(__dirname+'/permission.js'); |
||||
|
||||
const ANON = new Permission() |
||||
ANON.setAll([ |
||||
Permissions.USE_MARKDOWN_PINKTEXT, Permissions.USE_MARKDOWN_GREENTEXT, Permissions.USE_MARKDOWN_BOLD,
|
||||
Permissions.USE_MARKDOWN_UNDERLINE, Permissions.USE_MARKDOWN_STRIKETHROUGH, Permissions.USE_MARKDOWN_TITLE,
|
||||
Permissions.USE_MARKDOWN_ITALIC, Permissions.USE_MARKDOWN_SPOILER, Permissions.USE_MARKDOWN_MONO,
|
||||
Permissions.USE_MARKDOWN_CODE, Permissions.USE_MARKDOWN_DETECTED, Permissions.USE_MARKDOWN_LINK,
|
||||
Permissions.USE_MARKDOWN_DICE, Permissions.USE_MARKDOWN_FORTUNE, Permissions.CREATE_BOARD,
|
||||
Permissions.CREATE_ACCOUNT |
||||
]); |
||||
|
||||
const BOARD_STAFF = new Permission(ANON.base64) |
||||
BOARD_STAFF.setAll([ |
||||
Permissions.MANAGE_BOARD_GENERAL, Permissions.MANAGE_BOARD_BANS, Permissions.MANAGE_BOARD_LOGS,
|
||||
]); |
||||
|
||||
const BOARD_OWNER = new Permission(BOARD_STAFF.base64) |
||||
BOARD_OWNER.setAll([ |
||||
Permissions.MANAGE_BOARD_OWNER, Permissions.MANAGE_BOARD_STAFF, Permissions.MANAGE_BOARD_CUSTOMISATION,
|
||||
Permissions.MANAGE_BOARD_SETTINGS, |
||||
]); |
||||
|
||||
const GLOBAL_STAFF = new Permission(BOARD_OWNER.base64); |
||||
GLOBAL_STAFF.setAll([ |
||||
Permissions.MANAGE_GLOBAL_GENERAL, Permissions.MANAGE_GLOBAL_BANS, Permissions.MANAGE_GLOBAL_LOGS, Permissions.MANAGE_GLOBAL_NEWS,
|
||||
Permissions.MANAGE_GLOBAL_BOARDS, Permissions.MANAGE_GLOBAL_SETTINGS, Permissions.MANAGE_BOARD_OWNER, Permissions.BYPASS_FILTERS,
|
||||
Permissions.BYPASS_BANS, Permissions.BYPASS_SPAMCHECK, Permissions.BYPASS_RATELIMITS, |
||||
]); |
||||
|
||||
const ADMIN = new Permission(GLOBAL_STAFF.base64); |
||||
ADMIN.setAll([ |
||||
Permissions.MANAGE_GLOBAL_ACCOUNTS, Permissions.VIEW_RAW_IP, |
||||
]); |
||||
|
||||
const ROOT = new Permission(); |
||||
ROOT.setAll(Permission.allPermissions); |
||||
|
||||
module.exports = { |
||||
|
||||
permTemplates: { |
||||
ANON, |
||||
BOARD_STAFF, |
||||
BOARD_OWNER, |
||||
GLOBAL_STAFF, |
||||
ADMIN, |
||||
ROOT, |
||||
}, |
||||
|
||||
permTemplateMap: { |
||||
[ANON.base64]: 'Regular User', |
||||
[BOARD_STAFF.base64]: 'Board Staff', |
||||
[BOARD_OWNER.base64]: 'Board Owner', |
||||
[GLOBAL_STAFF.base64]: 'Global Staff', |
||||
[ADMIN.base64]: 'Admin', |
||||
[ROOT.base64]: 'Root', |
||||
}, |
||||
|
||||
}; |
@ -0,0 +1,103 @@ |
||||
'use strict'; |
||||
|
||||
const { Roles } = require(__dirname+'/../db/') |
||||
, { Binary } = require(__dirname+'/../db/db.js') |
||||
, redis = require(__dirname+'/../redis.js') |
||||
, Permissions = require(__dirname+'/permissions.js') |
||||
, Permission = require(__dirname+'/permission.js'); |
||||
|
||||
const load = async () => { |
||||
|
||||
//todo: take a message argument from callback,
|
||||
//maybe need separate func just for reloading single role
|
||||
|
||||
let roles = await Roles.find(); |
||||
roles = roles.reduce((acc, r) => { |
||||
acc[r.name] = new Permission(r.permissions.toString('base64')); |
||||
return acc; |
||||
}, {}); |
||||
|
||||
const { ANON, BOARD_STAFF, BOARD_OWNER, GLOBAL_STAFF, ADMIN, ROOT } = roles; |
||||
|
||||
module.exports.roles = { |
||||
ANON, |
||||
BOARD_STAFF, |
||||
BOARD_OWNER, |
||||
GLOBAL_STAFF, |
||||
ADMIN, |
||||
ROOT, |
||||
}; |
||||
|
||||
module.exports.roleNameMap = { |
||||
[ANON.base64]: 'Regular User', |
||||
[BOARD_STAFF.base64]: 'Board Staff', |
||||
[BOARD_OWNER.base64]: 'Board Owner', |
||||
[GLOBAL_STAFF.base64]: 'Global Staff', |
||||
[ADMIN.base64]: 'Admin', |
||||
[ROOT.base64]: 'Root', |
||||
}; |
||||
|
||||
// put in role edit model on successful edit
|
||||
// redis.redisPublisher.publish('roles', JSON.stringify({/*ROLES OBJECT, make */}));
|
||||
|
||||
}; |
||||
|
||||
//possibly, will call a different function like "updaterole", with mesage for single
|
||||
//role name, for when a role is edited
|
||||
//redis.addCallback('roles', load);
|
||||
|
||||
module.exports = { |
||||
roles: {}, |
||||
roleNameMap: {}, |
||||
load, |
||||
}; |
||||
|
||||
//put in gulpfile/migration!!
|
||||
|
||||
//const ANON = new Permission()
|
||||
//ANON.setAll([
|
||||
// Permissions.USE_MARKDOWN_PINKTEXT, Permissions.USE_MARKDOWN_GREENTEXT, Permissions.USE_MARKDOWN_BOLD,
|
||||
// Permissions.USE_MARKDOWN_UNDERLINE, Permissions.USE_MARKDOWN_STRIKETHROUGH, Permissions.USE_MARKDOWN_TITLE,
|
||||
// Permissions.USE_MARKDOWN_ITALIC, Permissions.USE_MARKDOWN_SPOILER, Permissions.USE_MARKDOWN_MONO,
|
||||
// Permissions.USE_MARKDOWN_CODE, Permissions.USE_MARKDOWN_DETECTED, Permissions.USE_MARKDOWN_LINK,
|
||||
// Permissions.USE_MARKDOWN_DICE, Permissions.USE_MARKDOWN_FORTUNE, Permissions.CREATE_BOARD,
|
||||
// Permissions.CREATE_ACCOUNT
|
||||
//]);
|
||||
//
|
||||
//const BOARD_STAFF = new Permission(ANON.base64)
|
||||
//BOARD_STAFF.setAll([
|
||||
// Permissions.MANAGE_BOARD_GENERAL, Permissions.MANAGE_BOARD_BANS, Permissions.MANAGE_BOARD_LOGS,
|
||||
//]);
|
||||
//
|
||||
//const BOARD_OWNER = new Permission(BOARD_STAFF.base64)
|
||||
//BOARD_OWNER.setAll([
|
||||
// Permissions.MANAGE_BOARD_OWNER, Permissions.MANAGE_BOARD_STAFF, Permissions.MANAGE_BOARD_CUSTOMISATION,
|
||||
// Permissions.MANAGE_BOARD_SETTINGS,
|
||||
//]);
|
||||
//
|
||||
//const GLOBAL_STAFF = new Permission(BOARD_OWNER.base64);
|
||||
//GLOBAL_STAFF.setAll([
|
||||
// Permissions.MANAGE_GLOBAL_GENERAL, Permissions.MANAGE_GLOBAL_BANS, Permissions.MANAGE_GLOBAL_LOGS, Permissions.MANAGE_GLOBAL_NEWS,
|
||||
// Permissions.MANAGE_GLOBAL_BOARDS, Permissions.MANAGE_GLOBAL_SETTINGS, Permissions.MANAGE_BOARD_OWNER, Permissions.BYPASS_FILTERS,
|
||||
// Permissions.BYPASS_BANS, Permissions.BYPASS_SPAMCHECK, Permissions.BYPASS_RATELIMITS,
|
||||
//]);
|
||||
//
|
||||
//const ADMIN = new Permission(GLOBAL_STAFF.base64);
|
||||
//ADMIN.setAll([
|
||||
// Permissions.MANAGE_GLOBAL_ACCOUNTS, Permissions.MANAGE_GLOBAL_ROLES, Permissions.VIEW_RAW_IP,
|
||||
//]);
|
||||
//
|
||||
//const ROOT = new Permission();
|
||||
//ROOT.setAll(Permission.allPermissions);
|
||||
//
|
||||
// if (roles.length === 0) {
|
||||
// await Roles.db.insertMany([
|
||||
// { name: 'ANON', permission: Binary(ANON.array) },
|
||||
// { name: 'BOARD_STAFF', permission: Binary(BOARD_STAFF.array) },
|
||||
// { name: 'BOARD_OWNER', permission: Binary(BOARD_OWNER.array) },
|
||||
// { name: 'GLOBAL_STAFF', permission: Binary(GLOBAL_STAFF.array) },
|
||||
// { name: 'ADMIN', permission: Binary(ADMIN.array) },
|
||||
// { name: 'ROOT', permission: Binary(ROOT.array) },
|
||||
// ]);
|
||||
// console.log((await Roles.find()))
|
||||
// }
|
@ -0,0 +1,72 @@ |
||||
'use strict'; |
||||
|
||||
const { Roles } = require(__dirname+'/../../db/') |
||||
, dynamicResponse = require(__dirname+'/../../helpers/dynamic.js') |
||||
, Permissions = require(__dirname+'/../../helpers/permissions.js') |
||||
, Permission = require(__dirname+'/../../helpers/permission.js'); |
||||
|
||||
module.exports = async (req, res, next) => { |
||||
|
||||
let rolePermissions; |
||||
|
||||
rolePermissions = new Permission(res.locals.editingRole.permissions); |
||||
rolePermissions.set(Permissions.VIEW_RAW_IP, (req.body.VIEW_RAW_IP != null)); |
||||
rolePermissions.set(Permissions.CREATE_BOARD, (req.body.CREATE_BOARD != null)); |
||||
rolePermissions.set(Permissions.CREATE_ACCOUNT, (req.body.CREATE_ACCOUNT != null)); |
||||
rolePermissions.set(Permissions.BYPASS_BANS, (req.body.BYPASS_BANS != null)); |
||||
rolePermissions.set(Permissions.BYPASS_SPAMCHECK, (req.body.BYPASS_SPAMCHECK != null)); |
||||
rolePermissions.set(Permissions.BYPASS_RATELIMITS, (req.body.BYPASS_RATELIMITS != null)); |
||||
rolePermissions.set(Permissions.BYPASS_FILTERS, (req.body.BYPASS_FILTERS != null)); |
||||
rolePermissions.set(Permissions.MANAGE_GLOBAL_GENERAL, (req.body.MANAGE_GLOBAL_GENERAL != null)); |
||||
rolePermissions.set(Permissions.MANAGE_GLOBAL_BANS, (req.body.MANAGE_GLOBAL_BANS != null)); |
||||
rolePermissions.set(Permissions.MANAGE_GLOBAL_LOGS, (req.body.MANAGE_GLOBAL_LOGS != null)); |
||||
rolePermissions.set(Permissions.MANAGE_GLOBAL_NEWS, (req.body.MANAGE_GLOBAL_NEWS != null)); |
||||
rolePermissions.set(Permissions.MANAGE_GLOBAL_BOARDS, (req.body.MANAGE_GLOBAL_BOARDS != null)); |
||||
rolePermissions.set(Permissions.MANAGE_GLOBAL_SETTINGS, (req.body.MANAGE_GLOBAL_SETTINGS != null)); |
||||
rolePermissions.set(Permissions.MANAGE_BOARD_GENERAL, (req.body.MANAGE_BOARD_GENERAL != null)); |
||||
rolePermissions.set(Permissions.MANAGE_BOARD_OWNER, (req.body.MANAGE_BOARD_OWNER != null)); |
||||
rolePermissions.set(Permissions.MANAGE_BOARD_BANS, (req.body.MANAGE_BOARD_BANS != null)); |
||||
rolePermissions.set(Permissions.MANAGE_BOARD_LOGS, (req.body.MANAGE_BOARD_LOGS != null)); |
||||
rolePermissions.set(Permissions.MANAGE_BOARD_SETTINGS, (req.body.MANAGE_BOARD_SETTINGS != null)); |
||||
rolePermissions.set(Permissions.MANAGE_BOARD_CUSTOMISATION, (req.body.MANAGE_BOARD_CUSTOMISATION != null)); |
||||
rolePermissions.set(Permissions.MANAGE_BOARD_STAFF, (req.body.MANAGE_BOARD_STAFF != null)); |
||||
rolePermissions.set(Permissions.USE_MARKDOWN_PINKTEXT, (req.body.USE_MARKDOWN_PINKTEXT != null)); |
||||
rolePermissions.set(Permissions.USE_MARKDOWN_GREENTEXT, (req.body.USE_MARKDOWN_GREENTEXT != null)); |
||||
rolePermissions.set(Permissions.USE_MARKDOWN_BOLD, (req.body.USE_MARKDOWN_BOLD != null)); |
||||
rolePermissions.set(Permissions.USE_MARKDOWN_UNDERLINE, (req.body.USE_MARKDOWN_UNDERLINE != null)); |
||||
rolePermissions.set(Permissions.USE_MARKDOWN_STRIKETHROUGH, (req.body.USE_MARKDOWN_STRIKETHROUGH != null)); |
||||
rolePermissions.set(Permissions.USE_MARKDOWN_TITLE, (req.body.USE_MARKDOWN_TITLE != null)); |
||||
rolePermissions.set(Permissions.USE_MARKDOWN_ITALIC, (req.body.USE_MARKDOWN_ITALIC != null)); |
||||
rolePermissions.set(Permissions.USE_MARKDOWN_SPOILER, (req.body.USE_MARKDOWN_SPOILER != null)); |
||||
rolePermissions.set(Permissions.USE_MARKDOWN_MONO, (req.body.USE_MARKDOWN_MONO != null)); |
||||
rolePermissions.set(Permissions.USE_MARKDOWN_CODE, (req.body.USE_MARKDOWN_CODE != null)); |
||||
rolePermissions.set(Permissions.USE_MARKDOWN_DETECTED, (req.body.USE_MARKDOWN_DETECTED != null)); |
||||
rolePermissions.set(Permissions.USE_MARKDOWN_LINK, (req.body.USE_MARKDOWN_LINK != null)); |
||||
rolePermissions.set(Permissions.USE_MARKDOWN_DICE, (req.body.USE_MARKDOWN_DICE != null)); |
||||
rolePermissions.set(Permissions.USE_MARKDOWN_FORTUNE, (req.body.USE_MARKDOWN_FORTUNE != null)); |
||||
if (res.locals.permissions.get(Permissions.ROOT)) { |
||||
rolePermissions.set(Permissions.MANAGE_GLOBAL_ACCOUNTS, (req.body.MANAGE_GLOBAL_ACCOUNTS != null)) |
||||
rolePermissions.set(Permissions.MANAGE_GLOBAL_ROLES, (req.body.MANAGE_GLOBAL_ROLES != null)) |
||||
rolePermissions.set(Permissions.ROOT, (req.body.ROOT != null)); |
||||
} |
||||
rolePermissions.applyInheritance(); |
||||
|
||||
//todo: error for making role with same permissions as another role.
|
||||
|
||||
const updated = await Roles.updateOne(req.body.roleid, rolePermissions).then(r => r.matchedCount); |
||||
|
||||
if (updated === 0) { |
||||
return dynamicResponse(req, res, 400, 'message', { |
||||
'title': 'Bad request', |
||||
'errors': 'Role does not exist', |
||||
'redirect': req.headers.referer || `/globalmanage/roles.html`, |
||||
}); |
||||
} |
||||
|
||||
return dynamicResponse(req, res, 200, 'message', { |
||||
'title': 'Success', |
||||
'message': 'Edited role', |
||||
'redirect': `/globalmanage/editrole/${req.body.roleid}.html`, |
||||
}); |
||||
|
||||
} |
@ -0,0 +1,23 @@ |
||||
'use strict'; |
||||
|
||||
const { Roles } = require(__dirname+'/../../../db/') |
||||
, Permission = require(__dirname+'/../../../helpers/permission.js'); |
||||
|
||||
module.exports = async (req, res, next) => { |
||||
|
||||
const role = await Roles.findOne(req.params.roleid); |
||||
|
||||
if (role == null) { |
||||
//role does not exist
|
||||
return next(); |
||||
} |
||||
|
||||
res |
||||
.set('Cache-Control', 'private, max-age=5') |
||||
.render('editrole', { |
||||
csrf: req.csrfToken(), |
||||
role, |
||||
rolePermissions: new Permission(role.permissions), |
||||
}); |
||||
|
||||
} |
@ -0,0 +1,17 @@ |
||||
'use strict'; |
||||
|
||||
const { Roles } = require(__dirname+'/../../../db/') |
||||
|
||||
module.exports = async (req, res, next) => { |
||||
|
||||
const roles = await Roles.find(); |
||||
|
||||
res |
||||
.set('Cache-Control', 'private, max-age=5') |
||||
.render('globalmanageroles', { |
||||
csrf: req.csrfToken(), |
||||
permissions: res.locals.permissions, |
||||
roles, |
||||
}); |
||||
|
||||
} |
@ -0,0 +1,27 @@ |
||||
extends ../layout.pug |
||||
include ../mixins/globalmanagenav.pug |
||||
|
||||
block head |
||||
title Edit role |
||||
|
||||
block content |
||||
h1.board-title Global Management |
||||
br |
||||
+globalmanagenav('roles', true) |
||||
hr(size=1) |
||||
h4.mv-5 Edit role "#{roleNameMap[rolePermissions.base64]}" |
||||
- const jsonPermissions = rolePermissions.toJSON(); |
||||
.form-wrapper.flexleft |
||||
form(action=`/forms/global/editrole` method='POST') |
||||
input(type='hidden' name='_csrf' value=csrf) |
||||
input(type='hidden' name='roleid' value=role._id) |
||||
for perm, index in Object.keys(jsonPermissions) |
||||
if jsonPermissions[perm].title && index > 0 |
||||
hr(size=1) |
||||
h4.mv-5 #{jsonPermissions[perm].title} |
||||
.row |
||||
label.postform-style.ph-5 |
||||
input(type='checkbox' name=perm value=jsonPermissions[perm].bit checked=jsonPermissions[perm].state) |
||||
.rlabel #{jsonPermissions[perm].label} |
||||
p #{jsonPermissions[perm].desc} |
||||
input(type='submit', value='Save') |
@ -0,0 +1,22 @@ |
||||
extends ../layout.pug |
||||
include ../mixins/globalmanagenav.pug |
||||
|
||||
block head |
||||
title Roles |
||||
|
||||
block content |
||||
h1.board-title Global Management |
||||
br |
||||
+globalmanagenav('roles') |
||||
hr(size=1) |
||||
h4.mv-5 Roles: |
||||
.table-container.flex-left.text-center |
||||
table |
||||
tr |
||||
th Role |
||||
th Permissions |
||||
for role in roles |
||||
tr |
||||
td #{roleNameMap[role.permissions.toString('base64')]} |
||||
td: a(href=`/globalmanage/editrole/${role._id}.html`) [Edit] |
||||
|
Loading…
Reference in new issue