hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added filterUids method to privileges

Browse Source 
used to filter uids on a single category
v1.18.x
barisusakli
parent 493d0dea1e
commit 4e6719e0aa
8 changed files with 114 additions and 23 deletions

4
src/categories.js
Unescape Escape View File

@ -216,7 +216,7 @@ var db = require('./database'),
return callback(null, []); return callback(null, []);
} }
privileges.categories.filter(privilege, cids, uid, function(err, cids) { privileges.categories.filterCids(privilege, cids, uid, function(err, cids) {
if (err) { if (err) {
return callback(err); return callback(err);
} }
@ -402,7 +402,7 @@ var db = require('./database'),
async.waterfall([ async.waterfall([
async.apply(db.getSortedSetRange, 'categories:cid', 0, -1), async.apply(db.getSortedSetRange, 'categories:cid', 0, -1),
function(cids, next) { function(cids, next) {
privileges.categories.filter('find', cids, uid, next); privileges.categories.filterCids('find', cids, uid, next);
}, },
function (cids, next) { function (cids, next) {
Categories.getCategoriesData(cids, next); Categories.getCategoriesData(cids, next);

41
src/groups.js
Unescape Escape View File

@ -173,6 +173,9 @@
Groups.isMemberOfGroupList = function(uid, groupListKey, callback) { Groups.isMemberOfGroupList = function(uid, groupListKey, callback) {
db.getSetMembers('group:' + groupListKey + ':members', function(err, groupNames) { db.getSetMembers('group:' + groupListKey + ':members', function(err, groupNames) {
if (err) {
return callback(err);
}
groupNames = internals.removeEphemeralGroups(groupNames); groupNames = internals.removeEphemeralGroups(groupNames);
if (groupNames.length === 0) { if (groupNames.length === 0) {
return callback(null, null); return callback(null, null);
@ -180,11 +183,7 @@
async.some(groupNames, function(groupName, next) { async.some(groupNames, function(groupName, next) {
Groups.isMember(uid, groupName, function(err, isMember) { Groups.isMember(uid, groupName, function(err, isMember) {
if (!err && isMember) { next(!err && isMember);
next(true);
} else {
next(false);
}
}); });
}, function(result) { }, function(result) {
callback(null, result); callback(null, result);
@ -192,6 +191,38 @@
}); });
}; };
Groups.isMembersOfGroupList = function(uids, groupListKey, callback) {
db.getSetMembers('group:' + groupListKey + ':members', function(err, groupNames) {
if (err) {
return callback(err);
}
groupNames = internals.removeEphemeralGroups(groupNames);
if (groupNames.length === 0) {
return callback(null, null);
}
var results = [];
uids.forEach(function() {
results.push(false);
});
async.each(groupNames, function(groupName, next) {
Groups.isMembers(uids, groupName, function(err, isMembers) {
if (err) {
return next(err);
}
results.forEach(function(isMember, index) {
if (!isMember && isMembers[index]) {
results[index] = true;
}
});
next();
});
}, function(err) {
callback(err, results);
});
});
};
Groups.exists = function(name, callback) { Groups.exists = function(name, callback) {
if (Array.isArray(name)) { if (Array.isArray(name)) {
db.isSetMembers('groups', name, callback); db.isSetMembers('groups', name, callback);

41
src/privileges/categories.js
Unescape Escape View File

@ -16,10 +16,10 @@ module.exports = function(privileges) {
privileges.categories.get = function(cid, uid, callback) { privileges.categories.get = function(cid, uid, callback) {
async.parallel({ async.parallel({
'topics:create': function(next) { 'topics:create': function(next) {
helpers.allowedTo('topics:create', uid, [cid], next); helpers.isUserAllowedTo('topics:create', uid, [cid], next);
}, },
read: function(next) { read: function(next) {
helpers.allowedTo('read', uid, [cid], next); helpers.isUserAllowedTo('read', uid, [cid], next);
}, },
isAdministrator: function(next) { isAdministrator: function(next) {
user.isAdministrator(uid, next); user.isAdministrator(uid, next);
@ -55,7 +55,7 @@ module.exports = function(privileges) {
helpers.some([ helpers.some([
function(next) { function(next) {
helpers.allowedTo(privilege, uid, [cid], function(err, results) { helpers.isUserAllowedTo(privilege, uid, [cid], function(err, results) {
next(err, Array.isArray(results) && results.length ? results[0] : false); next(err, Array.isArray(results) && results.length ? results[0] : false);
}); });
}, },
@ -69,7 +69,7 @@ module.exports = function(privileges) {
}); });
}; };
privileges.categories.filter = function(privilege, cids, uid, callback) { privileges.categories.filterCids = function(privilege, cids, uid, callback) {
if (!cids.length) { if (!cids.length) {
return callback(null, []); return callback(null, []);
} }
@ -80,7 +80,7 @@ module.exports = function(privileges) {
async.parallel({ async.parallel({
allowedTo: function(next) { allowedTo: function(next) {
helpers.allowedTo(privilege, uid, cids, next); helpers.isUserAllowedTo(privilege, uid, cids, next);
}, },
isModerators: function(next) { isModerators: function(next) {
user.isModerator(uid, cids, next); user.isModerator(uid, cids, next);
@ -104,6 +104,37 @@ module.exports = function(privileges) {
}); });
}; };
privileges.categories.filterUids = function(privilege, cid, uids, callback) {
if (!uids.length) {
return callback(null, []);
}
uids = uids.filter(function(uid, index, array) {
return array.indexOf(uid) === index;
});
async.parallel({
allowedTo: function(next) {
helpers.isUsersAllowedTo(privilege, uids, cid, next);
},
isModerators: function(next) {
user.isModerator(uids, cid, next);
},
isAdmin: function(next) {
user.isAdministrator(uids, next);
}
}, function(err, results) {
if (err) {
return callback(err);
}
uids = uids.filter(function(uid, index) {
return results.allowedTo[index] || results.isModerators[index] || results.isAdmin[index];
});
callback(null, uids);
});
};
privileges.categories.isAdminOrMod = function(cids, uid, callback) { privileges.categories.isAdminOrMod = function(cids, uid, callback) {
async.parallel({ async.parallel({
isModerators: function(next) { isModerators: function(next) {

31
src/privileges/helpers.js
Unescape Escape View File

@ -20,7 +20,7 @@ helpers.some = function(tasks, callback) {
}); });
}; };
helpers.allowedTo = function(privilege, uid, cids, callback) { helpers.isUserAllowedTo = function(privilege, uid, cids, callback) {
if (parseInt(uid, 10) === 0) { if (parseInt(uid, 10) === 0) {
return isGuestAllowedTo(privilege, cids, callback); return isGuestAllowedTo(privilege, cids, callback);
} }
@ -61,6 +61,35 @@ helpers.allowedTo = function(privilege, uid, cids, callback) {
}); });
}; };
helpers.isUsersAllowedTo = function(privilege, uids, cid, callback) {
async.parallel({
userPrivilegeExists: function(next) {
groups.exists('cid:' + cid + ':privileges:' + privilege, next);
},
groupPrivilegeExists: function(next) {
groups.exists('cid:' + cid + ':privileges:groups:' + privilege, next);
},
hasUserPrivilege: function(next) {
groups.isMembers(uids, 'cid:' + cid + ':privileges:' + privilege, next);
},
hasGroupPrivilege: function(next) {
groups.isMembersOfGroupList(uids, 'cid:' + cid + ':privileges:groups:' + privilege, next);
}
}, function(err, results) {
if (err) {
return callback(err);
}
var result = [];
for(var i=0; i<uids.length; ++i) {
result.push((!results.userPrivilegeExists && !results.groupPrivilegeExists) || results.hasUserPrivilege[i] || results.hasGroupPrivilege[i]);
}
callback(null, result);
});
};
function isGuestAllowedTo(privilege, cids, callback) { function isGuestAllowedTo(privilege, cids, callback) {
var userKeys = [], groupKeys = []; var userKeys = [], groupKeys = [];
for (var i=0; i<cids.length; ++i) { for (var i=0; i<cids.length; ++i) {

2
src/privileges/posts.js
Unescape Escape View File

@ -89,7 +89,7 @@ module.exports = function(privileges) {
return {pid: pid, cid: cids[index]}; return {pid: pid, cid: cids[index]};
}); });
privileges.categories.filter(privilege, cids, uid, function(err, cids) { privileges.categories.filterCids(privilege, cids, uid, function(err, cids) {
if (err) { if (err) {
return callback(err); return callback(err);
} }

6
src/privileges/topics.js
Unescape Escape View File

@ -23,10 +23,10 @@ module.exports = function(privileges) {
async.parallel({ async.parallel({
'topics:reply': function(next) { 'topics:reply': function(next) {
helpers.allowedTo('topics:reply', uid, [cid], next); helpers.isUserAllowedTo('topics:reply', uid, [cid], next);
}, },
read: function(next) { read: function(next) {
helpers.allowedTo('read', uid, [cid], next); helpers.isUserAllowedTo('read', uid, [cid], next);
}, },
isOwner: function(next) { isOwner: function(next) {
topics.isOwner(tid, uid, next); topics.isOwner(tid, uid, next);
@ -93,7 +93,7 @@ module.exports = function(privileges) {
return topic.cid; return topic.cid;
}); });
privileges.categories.filter(privilege, cids, uid, function(err, cids) { privileges.categories.filterCids(privilege, cids, uid, function(err, cids) {
if (err) { if (err) {
return callback(err); return callback(err);
} }

6
src/user.js
Unescape Escape View File

@ -396,7 +396,11 @@ var
}); });
groups.isMemberOfGroups(uid, groupNames, callback); groups.isMemberOfGroups(uid, groupNames, callback);
} else { } else {
groups.isMember(uid, 'cid:' + cid + ':privileges:mods', callback); if (Array.isArray(uid)) {
groups.isMembers(uid, 'cid:' + cid + ':privileges:mods', callback);
} else {
groups.isMember(uid, 'cid:' + cid + ':privileges:mods', callback);
}
} }
}; };

6
src/user/notifications.js
Unescape Escape View File

@ -275,11 +275,7 @@ var async = require('async'),
return; return;
} }
async.filter(followers, function(uid, next) { privileges.categories.filterUids('read', results.topic.cid, followers, function(followers) {
privileges.categories.can('read', results.topic.cid, uid, function(err, canRead) {
next(!err && canRead);
});
}, function(followers) {
if (!followers.length) { if (!followers.length) {
return; return;
} }

Write Preview
Loading…
Cancel
Save