refactored group category permissions, removed getCategoryAccess method call

11 years ago · 2495b5b89b
parent ab16b1184d
commit 2495b5b89b
5 changed files with 124 additions and 70 deletions
--- a/public/src/forum/admin/categories.js
+++ b/public/src/forum/admin/categories.js
@ -213,7 +213,7 @@ define(['uploader'], function(uploader) {
 		var	modal = $('#category-permissions-modal'),
 			searchEl = modal.find('#permission-search'),
 			resultsEl = modal.find('.search-results'),
-                        groupsResultsEl = modal.find('.groups-results'),
+			groupsResultsEl = modal.find('.groups-results'),
 			searchDelay;
 		searchEl.off().on('keyup', function() {
@ -266,22 +266,23 @@ define(['uploader'], function(uploader) {
 			searchEl.keyup();
 		});
-                // User Groups and privileges
+		// User Groups and privileges
-		socket.emit('api:admin.categories.groupsearch', cid, function(err, results) {
+		socket.emit('api:admin.categories.groupsList', cid, function(err, results) {
 			var groupsFrag = document.createDocumentFragment(),
-			trEl = document.createElement('tr');
+				numResults = results.length,
-			var numResults = results.length,
+				trEl = document.createElement('tr'),
 			    resultObj;
 			for(var x=0;x<numResults;x++) {
 				resultObj = results[x];
 				trEl.setAttribute('data-gid', resultObj.gid);
-				trEl.innerHTML = '<td><h4>' + resultObj.name + '</h4></td><td>' +
+				trEl.innerHTML =	'<td><h4>' + resultObj.name + '</h4></td>' +
-							'<div class="btn-group pull-right">' +
+									'<td>' +
-							  '<button type="button" data-gpriv="+gr" class="btn btn-default' + (resultObj.privileges['+gr'] ? ' active' : '') + '">Read</button>' +
+										'<div class="btn-group pull-right">' +
-							  '<button type="button" data-gpriv="+gw" class="btn btn-default' + (resultObj.privileges['+gw'] ? ' active' : '') + '">Write</button>' +
+											'<button type="button" data-gpriv="g+r" class="btn btn-default' + (resultObj.privileges['g+r'] ? ' active' : '') + '">Read</button>' +
-							'</div>' +
+											'<button type="button" data-gpriv="g+w" class="btn btn-default' + (resultObj.privileges['g+w'] ? ' active' : '') + '">Write</button>' +
-						 '</td>';
+										'</div>' +
 									'</td>';
 				groupsFrag.appendChild(trEl.cloneNode(true));
 			}
@ -290,12 +291,14 @@ define(['uploader'], function(uploader) {
 		});
 		groupsResultsEl.off().on('click', '[data-gpriv]', function(e) {
-			var btnEl = $(this),
+			var	btnEl = $(this),
-			    gid = btnEl.parents('li[data-gid]').attr('data-gid'),
+				gid = btnEl.parents('tr[data-gid]').attr('data-gid'),
-			    privilege = this.getAttribute('data-gpriv');
+				privilege = this.getAttribute('data-gpriv');
 			e.preventDefault();
-			socket.emit('api:admin.categories.setGroupPrivilege', cid, gid, privilege, !btnEl.hasClass('active'), function(err, privileges) {
+			socket.emit('api:admin.categories.setGroupPrivilege', cid, gid, privilege, !btnEl.hasClass('active'), function(err) {
-			    btnEl.toggleClass('active', privileges[privilege]);
+				if (!err) {
 					btnEl.toggleClass('active');
 				}
 			});
 		})
--- a/src/categoryTools.js
+++ b/src/categoryTools.js
@ -47,6 +47,46 @@ CategoryTools.privileges = function(cid, uid, callback) {
 				}
 			});
 		},
 		"g+r": function(next) {
 			var	key = 'cid:' + cid + ':privileges:g+r';
 			Groups.exists(key, function(err, exists) {
 				if (exists) {
 					async.parallel({
 						isMember: function(next) {
 							Groups.isMemberOfGroupAny(uid, key, next);
 						},
 						isEmpty: function(next) {
 							Groups.isEmptyByGroupName(key, next);
 						}
 					}, next);
 				} else {
 					next(null, {
 						isMember: false,
 						isEmpty: true
 					});
 				}
 			});
 		},
 		"g+w": function(next) {
 			var	key = 'cid:' + cid + ':privileges:g+w';
 			Groups.exists(key, function(err, exists) {
 				if (exists) {
 					async.parallel({
 						isMember: function(next) {
 							Groups.isMemberOfGroupAny(uid, key, next);
 						},
 						isEmpty: function(next) {
 							Groups.isEmptyByGroupName(key, next);
 						}
 					}, next);
 				} else {
 					next(null, {
 						isMember: false,
 						isEmpty: true
 					});
 				}
 			});
 		},
 		moderator: function(next) {
 			User.isModerator(uid, cid, next);
 		},
@ -57,8 +97,24 @@ CategoryTools.privileges = function(cid, uid, callback) {
 		callback(err, !privileges ? null : {
 			"+r": privileges['+r'].isMember,
 			"+w": privileges['+w'].isMember,
-			read: (privileges['+r'].isMember || privileges['+r'].isEmpty) || privileges.moderator || privileges.admin,
+			"g+r": privileges['g+r'].isMember,
-			write: (privileges['+w'].isMember || privileges['+w'].isEmpty) || privileges.moderator || privileges.admin,
+			"g+w": privileges['g+w'].isMember,
 			read: (
 				(
 					(privileges['+r'].isMember || privileges['+r'].isEmpty) &&
 					(privileges['g+r'].isMember || privileges['g+r'].isEmpty)
 				) ||
 				privileges.moderator ||
 				privileges.admin
 			),
 			write: (
 				(
 					(privileges['+w'].isMember || privileges['+w'].isEmpty) &&
 					(privileges['g+w'].isMember || privileges['g+w'].isEmpty)
 				) ||
 				privileges.moderator ||
 				privileges.admin
 			),
 			editable: privileges.moderator || privileges.admin,
 			view_deleted: privileges.moderator || privileges.admin
 		});
@ -67,16 +123,13 @@ CategoryTools.privileges = function(cid, uid, callback) {
 CategoryTools.groupPrivileges = function(cid, gid, callback) {
 	async.parallel({
-		"+gr": function(next) {
+		"g+r": function(next) {
-			var	key = 'cid:' + cid + ':privileges:+gr';
+			var	key = 'cid:' + cid + ':privileges:g+r';
 			Groups.exists(key, function(err, exists) {
 				if (exists) {
 					async.parallel({
 						isMember: function(next) {
 							Groups.isMemberByGroupName(gid, key, next);
 						},
 						isEmpty: function(next) {
 							Groups.isEmptyByGroupName(key, next);
 						}
 					}, next);
 				} else {
@ -87,16 +140,13 @@ CategoryTools.groupPrivileges = function(cid, gid, callback) {
 				}
 			});
 		},
-		"+gw": function(next) {
+		"g+w": function(next) {
-			var	key = 'cid:' + cid + ':privileges:+gw';
+			var	key = 'cid:' + cid + ':privileges:g+w';
 			Groups.exists(key, function(err, exists) {
 				if (exists) {
 					async.parallel({
 						isMember: function(next) {
 							Groups.isMemberByGroupName(gid, key, next);
 						},
 						isEmpty: function(next) {
 							Groups.isEmptyByGroupName(key, next);
 						}
 					}, next);
 				} else {
@ -109,10 +159,8 @@ CategoryTools.groupPrivileges = function(cid, gid, callback) {
 		}
 	}, function(err, privileges) {
 		callback(err, !privileges ? null : {
-			"+gr": privileges['+gr'].isMember,
+			"g+r": privileges['g+r'].isMember,
-			"+gw": privileges['+gw'].isMember,
+			"g+w": privileges['g+w'].isMember
 			read: (privileges['+gr'].isMember || privileges['+gr'].isEmpty),
 			write: (privileges['+gw'].isMember || privileges['+gw'].isEmpty),
 		});
 	});
 };
--- a/src/groups.js
+++ b/src/groups.js
@ -106,6 +106,28 @@
 		});
 	};
 	Groups.isMemberOfGroupAny = function(uid, groupListKey, callback) {
 		Groups.getGidFromName(groupListKey, function(err, gid) {
 			if (err || !gid) {
 				return callback(new Error('error-checking-group'));
 			}
 			db.getSetMembers('gid:' + gid + ':members', function(err, gids) {
 				async.some(gids, function(gid, next) {
 					Groups.isMember(uid, gid, function(err, isMember) {
 						if (!err && isMember) {
 							next(true);
 						} else {
 							next(false);
 						}
 					});
 				}, function(result) {
 					callback(null, result);
 				});
 			});
 		})
 	};
 	Groups.isEmpty = function(gid, callback) {
 		db.setCount('gid:' + gid + ':members', function(err, numMembers) {
 			callback(err, numMembers === 0);
@ -266,7 +288,7 @@
 		// check user group read access level
 		async.series([function(callback){
 			// get groups with read permission
-			db.getObjectField('group:gid', 'cid:' + cid + ':privileges:+gr', function(err, gid){
+			db.getObjectField('group:gid', 'cid:' + cid + ':privileges:g+r', function(err, gid){
 				// get the user groups that belong to this read group
 				db.getSetMembers('gid:' + gid + ':members', function (err, gids) {
 					// check if user belong to any of these user groups
--- a/src/routes/api.js
+++ b/src/routes/api.js
@ -132,15 +132,8 @@ var path = require('path'),
 								if (parseInt(data.deleted, 10) === 1 && parseInt(data.expose_tools, 10) === 0) {
 									return res.json(404, {});
 								}
-								// get the category this post belongs to and check category access
+
-								var cid = data.category_slug.split("/")[0];
+								res.json(data);
 								groups.getCategoryAccess(cid, uid, function(err, access){
 									if (access){
 										res.json(data);
 									} else {
 										res.send(403);
 									}
 								})
 							} else next();
 						});
 					} else {
@ -155,24 +148,17 @@ var path = require('path'),
 				// Category Whitelisting
 				categoryTools.privileges(req.params.id, uid, function(err, privileges) {
 					if (!err && privileges.read) {
-						groups.getCategoryAccess(req.params.id, uid, function(err, access){
+						categories.getCategoryById(req.params.id, uid, function (err, data) {
-							if (access){
+							if(err) {
-								categories.getCategoryById(req.params.id, uid, function (err, data) {
+								return next(err);
 									if(err) {
 										return next(err);
 									}
 									if (data && parseInt(data.disabled, 10) === 0) {
 										res.json(data);
 									} else {
 										next();
 									}
 								}, req.params.id, uid);
 							} else {
 								res.send(403);
 							}
-						});
+							if (data && parseInt(data.disabled, 10) === 0) {
 								res.json(data);
 							} else {
 								next();
 							}
 						}, req.params.id, uid);
 					} else {
 						res.send(403);
 					}
--- a/src/websockets.js
+++ b/src/websockets.js
@ -1136,32 +1136,27 @@ websockets.init = function(io) {
 		});
 		socket.on('api:admin.categories.setGroupPrivilege', function(cid, gid, privilege, set, callback) {
 			var	cb = function(err) {
 				CategoryTools.groupPrivileges(cid, gid, callback);
 			};
 			if (set) {
-				groups.joinByGroupName('cid:' + cid + ':privileges:' + privilege, gid, cb);
+				groups.joinByGroupName('cid:' + cid + ':privileges:' + privilege, gid, callback);
 			} else {
-				groups.leaveByGroupName('cid:' + cid + ':privileges:' + privilege, gid, cb);
+				groups.leaveByGroupName('cid:' + cid + ':privileges:' + privilege, gid, callback);
 			}
 		});
-		socket.on('api:admin.categories.groupsearch', function(cid, callback) {
+		socket.on('api:admin.categories.groupsList', function(cid, callback) {
 			groups.list({expand:false}, function(err, data){
 				async.map(data, function(groupObj, next) {
 					CategoryTools.groupPrivileges(cid, groupObj.gid, function(err, privileges) {
 						if (!err) {
 							groupObj.privileges = privileges;
 						} else {
-							winston.error('[socket api:admin.categories.groupsearch] Could not retrieve permissions');
+							winston.error('[socket api:admin.categories.groupsList] Could not retrieve permissions');
 						}
 						next(null, groupObj);
 					});
 				}, function(err, data) {
-					if (!callback) socket.emit('api:admin.categories.groupsearch', data);
+					callback(null, data);
 					else callback(null, data);
 				});
 			});
 		});