fatchan
/
jschan
mirror of https://gitgud.io/fatchan/jschan.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
jschan - Anonymous imageboard software. Classic look, modern features and feel. Works without JavaScript and supports Tor, I2P, Lokinet, etc.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2764 Commits
6 Branches
66 Tags
53 MiB
 
 
 
 
 
Tag: Branch: Tree: 5a7368a0a4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5a7368a0a4'
${ noResults }
jschan/lib/permission/calcperms.js

48 lines
2.1 KiB
Raw Blame History

'use strict';
const { Permissions } = require(__dirname+'/permissions.js')
, Permission = require(__dirname+'/permission.js')
, roleManager = require(__dirname+'/rolemanager.js');
module.exports = (req, res) => {
let calculatedPermissions;
if (req.session && res.locals && res.locals.user) {
//has a session and user, not anon, so their permissions from the db/user instead.
const { user } = res.locals;
calculatedPermissions = new Permission(user.permissions);
//if they are on a board endpoint, also apply the board perms.
if (res.locals.board != null) {
if (res.locals.board.owner === user.username) {
//they are board owner, give them board owner perms, in this board context
calculatedPermissions.set(Permissions.MANAGE_BOARD_OWNER);
} else if (res.locals.board.staff[user.username] != null) {
//they are board staff, give them their board level staff perms, OR'd with account/global perms
const boardPermissions = new Permission(res.locals.board.staff[user.username].permissions);
for (let bit of Permissions._MANAGE_BOARD_BITS) {
const inheritOrGlobal = calculatedPermissions.get(bit) || boardPermissions.get(bit);
calculatedPermissions.set(bit, inheritOrGlobal);
}
}
//and note, in future since we might need multiple-boards permission checks, we will have to change this.
//could even build it with a map for each board, based on their stored permissions in that board, maybe like:
//res.locals.boardPermissions[board] = new Permission(res.locals.board.settings.staff[user.username].permissions);
//and then the MANAGE_BOARD_OWNER inheritance could be removed, since it should be set immutable
//inside the board perms instead. and the existing code would make it for "global" BOs to have the permissions.
//so we would remove the "...permissions.set(Permissions.MANAGE_BOARD_OWNER)..." above
}
//give ROOT all permission, BOARD_OWNER all MANAGE_BOARD*, etc
calculatedPermissions.applyInheritance();
} else {
//not logged in, gets default anon permission
calculatedPermissions = new Permission(roleManager.roles.ANON.base64);
}
return calculatedPermissions;
};