Ben Lubar 9 years ago
parent 26df552d55
commit f62da5c4e9

@ -28,7 +28,7 @@ define('forum/topic/posts', [
data.posts.forEach(function(post) { data.posts.forEach(function(post) {
post.selfPost = !!app.user.uid && parseInt(post.uid, 10) === parseInt(app.user.uid, 10); post.selfPost = !!app.user.uid && parseInt(post.uid, 10) === parseInt(app.user.uid, 10);
post.display_edit_tools = (ajaxify.data.privileges.editOwnPosts && post.selfPost) || ajaxify.data.privileges.isAdminOrMod; post.display_edit_tools = (ajaxify.data.privileges.editOwnPosts && post.selfPost) || ajaxify.data.privileges.isAdminOrMod;
post.display_delete_tools = (ajaxify.data.privileges.editOwnPosts && post.selfPost) || ajaxify.data.privileges.isAdminOrMod; post.display_delete_tools = (ajaxify.data.privileges.deleteOwnPosts && post.selfPost) || ajaxify.data.privileges.isAdminOrMod;
post.display_moderator_tools = post.display_edit_tools || post.display_delete_tools; post.display_moderator_tools = post.display_edit_tools || post.display_delete_tools;
post.display_move_tools = ajaxify.data.privileges.isAdminOrMod; post.display_move_tools = ajaxify.data.privileges.isAdminOrMod;
post.display_post_menu = ajaxify.data.privileges.isAdminOrMod || post.selfPost || ((app.user.uid || ajaxify.data.postSharing.length) && !post.deleted); post.display_post_menu = ajaxify.data.privileges.isAdminOrMod || post.selfPost || ((app.user.uid || ajaxify.data.postSharing.length) && !post.deleted);

@ -48,7 +48,7 @@ module.exports = function(Categories) {
function(data, next) { function(data, next) {
category = data.category; category = data.category;
var defaultPrivileges = ['find', 'read', 'topics:read', 'topics:create', 'topics:reply', 'edit', 'delete', 'upload:post:image']; var defaultPrivileges = ['find', 'read', 'topics:read', 'topics:create', 'topics:reply', 'posts:edit', 'posts:delete', 'upload:post:image'];
async.series([ async.series([
async.apply(db.setObject, 'category:' + category.cid, category), async.apply(db.setObject, 'category:' + category.cid, category),

@ -8,8 +8,8 @@ privileges.userPrivilegeList = [
'topics:read', 'topics:read',
'topics:create', 'topics:create',
'topics:reply', 'topics:reply',
'edit', 'posts:edit',
'delete', 'posts:delete',
'topics:delete', 'topics:delete',
'upload:post:image', 'upload:post:image',
'upload:post:file', 'upload:post:file',
@ -23,8 +23,8 @@ privileges.groupPrivilegeList = [
'groups:topics:read', 'groups:topics:read',
'groups:topics:create', 'groups:topics:create',
'groups:topics:reply', 'groups:topics:reply',
'groups:edit', 'groups:posts:edit',
'groups:delete', 'groups:posts:delete',
'groups:topics:delete', 'groups:topics:delete',
'groups:upload:post:image', 'groups:upload:post:image',
'groups:upload:post:file', 'groups:upload:post:file',

@ -365,11 +365,11 @@ module.exports = function(privileges) {
'topics:reply': function(next) { 'topics:reply': function(next) {
groups.isMember(uid, 'cid:' + cid + ':privileges:topics:reply', next); groups.isMember(uid, 'cid:' + cid + ':privileges:topics:reply', next);
}, },
'edit': function(next) { 'posts:edit': function(next) {
groups.isMember(uid, 'cid:' + cid + ':privileges:edit', next); groups.isMember(uid, 'cid:' + cid + ':privileges:posts:edit', next);
}, },
'delete': function(next) { 'posts:delete': function(next) {
groups.isMember(uid, 'cid:' + cid + ':privileges:delete', next); groups.isMember(uid, 'cid:' + cid + ':privileges:posts:delete', next);
}, },
'topics:delete': function(next) { 'topics:delete': function(next) {
groups.isMember(uid, 'cid:' + cid + ':privileges:topics:delete', next); groups.isMember(uid, 'cid:' + cid + ':privileges:topics:delete', next);
@ -392,11 +392,11 @@ module.exports = function(privileges) {
'groups:topics:reply': function(next) { 'groups:topics:reply': function(next) {
groups.isMember(groupName, 'cid:' + cid + ':privileges:groups:topics:reply', next); groups.isMember(groupName, 'cid:' + cid + ':privileges:groups:topics:reply', next);
}, },
'groups:edit': function(next) { 'groups:posts:edit': function(next) {
groups.isMember(groupName, 'cid:' + cid + ':privileges:groups:edit', next); groups.isMember(groupName, 'cid:' + cid + ':privileges:groups:posts:edit', next);
}, },
'groups:delete': function(next) { 'groups:posts:delete': function(next) {
groups.isMember(groupName, 'cid:' + cid + ':privileges:groups:delete', next); groups.isMember(groupName, 'cid:' + cid + ':privileges:groups:posts:delete', next);
}, },
'groups:topics:delete': function(next) { 'groups:topics:delete': function(next) {
groups.isMember(groupName, 'cid:' + cid + ':privileges:groups:topics:delete', next); groups.isMember(groupName, 'cid:' + cid + ':privileges:groups:topics:delete', next);

@ -30,7 +30,7 @@ module.exports = function(privileges) {
isOwner: async.apply(posts.isOwner, pids, uid), isOwner: async.apply(posts.isOwner, pids, uid),
'topics:read': async.apply(helpers.isUserAllowedTo, 'topics:read', uid, cids), 'topics:read': async.apply(helpers.isUserAllowedTo, 'topics:read', uid, cids),
read: async.apply(helpers.isUserAllowedTo, 'read', uid, cids), read: async.apply(helpers.isUserAllowedTo, 'read', uid, cids),
edit: async.apply(helpers.isUserAllowedTo, 'edit', uid, cids), 'posts:edit': async.apply(helpers.isUserAllowedTo, 'posts:edit', uid, cids),
}, next); }, next);
} }
], function(err, results) { ], function(err, results) {
@ -42,7 +42,7 @@ module.exports = function(privileges) {
for (var i=0; i<pids.length; ++i) { for (var i=0; i<pids.length; ++i) {
var isAdminOrMod = results.isAdmin || results.isModerator[i]; var isAdminOrMod = results.isAdmin || results.isModerator[i];
var editable = isAdminOrMod || (results.isOwner[i] && results.edit[i]); var editable = isAdminOrMod || (results.isOwner[i] && results['posts:edit'][i]);
privileges.push({ privileges.push({
editable: editable, editable: editable,
@ -171,7 +171,7 @@ module.exports = function(privileges) {
isAdminOrMod: async.apply(isAdminOrMod, pid, uid), isAdminOrMod: async.apply(isAdminOrMod, pid, uid),
isLocked: async.apply(topics.isLocked, postData.tid), isLocked: async.apply(topics.isLocked, postData.tid),
isOwner: async.apply(posts.isOwner, pid, uid), isOwner: async.apply(posts.isOwner, pid, uid),
'delete': async.apply(privileges.posts.can, 'delete', pid, uid) 'posts:delete': async.apply(privileges.posts.can, 'posts:delete', pid, uid)
}, next); }, next);
} }
], function(err, results) { ], function(err, results) {
@ -184,7 +184,7 @@ module.exports = function(privileges) {
if (results.isLocked) { if (results.isLocked) {
return callback(new Error('[[error:topic-locked]]')); return callback(new Error('[[error:topic-locked]]'));
} }
if (!results['delete']) { if (!results['posts:delete']) {
return callback(null, false); return callback(null, false);
} }
var postDeleteDuration = parseInt(meta.config.postDeleteDuration, 10); var postDeleteDuration = parseInt(meta.config.postDeleteDuration, 10);
@ -241,7 +241,7 @@ module.exports = function(privileges) {
async.parallel({ async.parallel({
owner: async.apply(posts.isOwner, pid, uid), owner: async.apply(posts.isOwner, pid, uid),
edit: async.apply(privileges.posts.can, 'edit', pid, uid) edit: async.apply(privileges.posts.can, 'posts:edit', pid, uid)
}, next); }, next);
}, },
function(result, next) { function(result, next) {

@ -23,8 +23,8 @@ module.exports = function(privileges) {
'topics:reply': async.apply(helpers.isUserAllowedTo, 'topics:reply', uid, [topic.cid]), 'topics:reply': async.apply(helpers.isUserAllowedTo, 'topics:reply', uid, [topic.cid]),
'topics:read': async.apply(helpers.isUserAllowedTo, 'topics:read', uid, [topic.cid]), 'topics:read': async.apply(helpers.isUserAllowedTo, 'topics:read', uid, [topic.cid]),
'topics:delete': async.apply(helpers.isUserAllowedTo, 'topics:delete', uid, [topic.cid]), 'topics:delete': async.apply(helpers.isUserAllowedTo, 'topics:delete', uid, [topic.cid]),
edit: async.apply(helpers.isUserAllowedTo, 'edit', uid, [topic.cid]), 'posts:edit': async.apply(helpers.isUserAllowedTo, 'posts:edit', uid, [topic.cid]),
'delete': async.apply(helpers.isUserAllowedTo, 'delete', uid, [topic.cid]), 'posts:delete': async.apply(helpers.isUserAllowedTo, 'posts:delete', uid, [topic.cid]),
read: async.apply(helpers.isUserAllowedTo, 'read', uid, [topic.cid]), read: async.apply(helpers.isUserAllowedTo, 'read', uid, [topic.cid]),
isOwner: function(next) { isOwner: function(next) {
next(null, !!parseInt(uid, 10) && parseInt(uid, 10) === parseInt(topic.uid, 10)); next(null, !!parseInt(uid, 10) && parseInt(uid, 10) === parseInt(topic.uid, 10));
@ -57,8 +57,8 @@ module.exports = function(privileges) {
disabled: disabled, disabled: disabled,
tid: tid, tid: tid,
uid: uid, uid: uid,
editOwnPosts: results.edit[0], editOwnPosts: results['posts:edit'][0],
deleteOwnPosts: results['delete'][0] deleteOwnPosts: results['posts:delete'][0]
}, callback); }, callback);
}); });
}; };

@ -141,8 +141,8 @@ module.exports = function(Topics) {
var loggedIn = !!parseInt(topicPrivileges.uid, 10); var loggedIn = !!parseInt(topicPrivileges.uid, 10);
topicData.posts.forEach(function(post) { topicData.posts.forEach(function(post) {
if (post) { if (post) {
post.display_edit_tools = topicPrivileges.isAdminOrMod || (post.selfPost && topicPrivileges['edit']); post.display_edit_tools = topicPrivileges.isAdminOrMod || (post.selfPost && topicPrivileges['posts:edit']);
post.display_delete_tools = topicPrivileges.isAdminOrMod || (post.selfPost && topicPrivileges['delete']); post.display_delete_tools = topicPrivileges.isAdminOrMod || (post.selfPost && topicPrivileges['posts:delete']);
post.display_moderator_tools = post.display_edit_tools || post.display_delete_tools; post.display_moderator_tools = post.display_edit_tools || post.display_delete_tools;
post.display_move_tools = topicPrivileges.isAdminOrMod && post.index !== 0; post.display_move_tools = topicPrivileges.isAdminOrMod && post.index !== 0;
post.display_post_menu = topicPrivileges.isAdminOrMod || post.selfPost || ((loggedIn || topicData.postSharing.length) && !post.deleted); post.display_post_menu = topicPrivileges.isAdminOrMod || post.selfPost || ((loggedIn || topicData.postSharing.length) && !post.deleted);

@ -10,7 +10,7 @@ var db = require('./database'),
schemaDate, thisSchemaDate, schemaDate, thisSchemaDate,
// IMPORTANT: REMEMBER TO UPDATE VALUE OF latestSchema // IMPORTANT: REMEMBER TO UPDATE VALUE OF latestSchema
latestSchema = Date.UTC(2016, 8, 6); latestSchema = Date.UTC(2016, 8, 7);
Upgrade.check = function(callback) { Upgrade.check = function(callback) {
db.get('schemaDate', function(err, value) { db.get('schemaDate', function(err, value) {
@ -684,11 +684,11 @@ Upgrade.upgrade = function(callback) {
} }
}, },
function(next) { function(next) {
thisSchemaDate = Date.UTC(2016, 8, 6); thisSchemaDate = Date.UTC(2016, 8, 7);
if (schemaDate < thisSchemaDate) { if (schemaDate < thisSchemaDate) {
updatesMade = true; updatesMade = true;
winston.info('[2016/08/06] Granting edit/delete/delete topic on existing categories'); winston.info('[2016/08/07] Granting edit/delete/delete topic on existing categories');
var groupsAPI = require('./groups'); var groupsAPI = require('./groups');
var privilegesAPI = require('./privileges'); var privilegesAPI = require('./privileges');
@ -704,11 +704,11 @@ Upgrade.upgrade = function(callback) {
async.eachSeries(groups, function(group, next) { async.eachSeries(groups, function(group, next) {
if (group.privileges['groups:topics:reply']) { if (group.privileges['groups:topics:reply']) {
return async.parallel([ return async.parallel([
async.apply(groupsAPI.join, 'cid:' + cid + ':privileges:groups:edit', group.name), async.apply(groupsAPI.join, 'cid:' + cid + ':privileges:groups:posts:edit', group.name),
async.apply(groupsAPI.join, 'cid:' + cid + ':privileges:groups:delete', group.name) async.apply(groupsAPI.join, 'cid:' + cid + ':privileges:groups:posts:delete', group.name)
], function(err) { ], function(err) {
if (!err) { if (!err) {
winston.info('cid:' + cid + ':privileges:groups:edit, cid:' + cid + ':privileges:groups:delete granted to gid: ' + group.name); winston.info('cid:' + cid + ':privileges:groups:posts:edit, cid:' + cid + ':privileges:groups:posts:delete granted to gid: ' + group.name);
} }
return next(err); return next(err);
@ -737,11 +737,11 @@ Upgrade.upgrade = function(callback) {
async.eachSeries(users, function(user, next) { async.eachSeries(users, function(user, next) {
if (user.privileges['topics:reply']) { if (user.privileges['topics:reply']) {
return async.parallel([ return async.parallel([
async.apply(groupsAPI.join, 'cid:' + cid + ':privileges:edit', user.uid), async.apply(groupsAPI.join, 'cid:' + cid + ':privileges:posts:edit', user.uid),
async.apply(groupsAPI.join, 'cid:' + cid + ':privileges:delete', user.uid) async.apply(groupsAPI.join, 'cid:' + cid + ':privileges:posts:delete', user.uid)
], function(err) { ], function(err) {
if (!err) { if (!err) {
winston.info('cid:' + cid + ':privileges:edit, cid:' + cid + ':privileges:delete granted to uid: ' + user.uid); winston.info('cid:' + cid + ':privileges:posts:edit, cid:' + cid + ':privileges:posts:delete granted to uid: ' + user.uid);
} }
return next(err); return next(err);
@ -779,12 +779,12 @@ Upgrade.upgrade = function(callback) {
return next(err); return next(err);
} }
winston.info('[2016/08/06] Granting edit/delete/delete topic on existing categories - done'); winston.info('[2016/08/07] Granting edit/delete/delete topic on existing categories - done');
Upgrade.update(thisSchemaDate, next); Upgrade.update(thisSchemaDate, next);
}); });
}); });
} else { } else {
winston.info('[2016/08/06] Granting edit/delete/delete topic on existing categories - skipped!'); winston.info('[2016/08/07] Granting edit/delete/delete topic on existing categories - skipped!');
next(); next();
} }
} }

@ -10,8 +10,8 @@
<li role="presentation"><a href="#" data-priv="groups:topics:read" class="<!-- IF groups.privileges.groups:topics:read -->active<!-- ENDIF groups.privileges.groups:topics:read -->">Access Topics</a></li> <li role="presentation"><a href="#" data-priv="groups:topics:read" class="<!-- IF groups.privileges.groups:topics:read -->active<!-- ENDIF groups.privileges.groups:topics:read -->">Access Topics</a></li>
<li role="presentation"><a href="#" data-priv="groups:topics:create" class="<!-- IF groups.privileges.groups:topics:create -->active<!-- ENDIF groups.privileges.groups:topics:create -->">Create Topics</a></li> <li role="presentation"><a href="#" data-priv="groups:topics:create" class="<!-- IF groups.privileges.groups:topics:create -->active<!-- ENDIF groups.privileges.groups:topics:create -->">Create Topics</a></li>
<li role="presentation"><a href="#" data-priv="groups:topics:reply" class="<!-- IF groups.privileges.groups:topics:reply -->active<!-- ENDIF groups.privileges.groups:topics:reply -->">Reply to Topics</a></li> <li role="presentation"><a href="#" data-priv="groups:topics:reply" class="<!-- IF groups.privileges.groups:topics:reply -->active<!-- ENDIF groups.privileges.groups:topics:reply -->">Reply to Topics</a></li>
<li role="presentation"><a href="#" data-priv="groups:edit" class="<!-- IF groups.privileges.groups:edit -->active<!-- ENDIF groups.privileges.groups:edit -->">Edit Posts</a></li> <li role="presentation"><a href="#" data-priv="groups:posts:edit" class="<!-- IF groups.privileges.groups:posts:edit -->active<!-- ENDIF groups.privileges.groups:posts:edit -->">Edit Posts</a></li>
<li role="presentation"><a href="#" data-priv="groups:delete" class="<!-- IF groups.privileges.groups:delete -->active<!-- ENDIF groups.privileges.groups:delete -->">Delete Posts</a></li> <li role="presentation"><a href="#" data-priv="groups:posts:delete" class="<!-- IF groups.privileges.groups:posts:delete -->active<!-- ENDIF groups.privileges.groups:posts:delete -->">Delete Posts</a></li>
<li role="presentation"><a href="#" data-priv="groups:topics:delete" class="<!-- IF groups.privileges.groups:topics:delete -->active<!-- ENDIF groups.privileges.groups:topics:delete -->">Delete Topics</a></li> <li role="presentation"><a href="#" data-priv="groups:topics:delete" class="<!-- IF groups.privileges.groups:topics:delete -->active<!-- ENDIF groups.privileges.groups:topics:delete -->">Delete Topics</a></li>
</ul> </ul>
</div> </div>

@ -10,8 +10,8 @@
<li role="presentation"><a href="#" data-priv="topics:read" class="<!-- IF users.privileges.topics:read -->active<!-- ENDIF users.privileges.topics:read -->">Access Topics</a></li> <li role="presentation"><a href="#" data-priv="topics:read" class="<!-- IF users.privileges.topics:read -->active<!-- ENDIF users.privileges.topics:read -->">Access Topics</a></li>
<li role="presentation"><a href="#" data-priv="topics:create" class="<!-- IF users.privileges.topics:create -->active<!-- ENDIF users.privileges.topics:create -->">Create Topics</a></li> <li role="presentation"><a href="#" data-priv="topics:create" class="<!-- IF users.privileges.topics:create -->active<!-- ENDIF users.privileges.topics:create -->">Create Topics</a></li>
<li role="presentation"><a href="#" data-priv="topics:reply" class="<!-- IF users.privileges.topics:reply -->active<!-- ENDIF users.privileges.topics:reply -->">Reply to Topics</a></li> <li role="presentation"><a href="#" data-priv="topics:reply" class="<!-- IF users.privileges.topics:reply -->active<!-- ENDIF users.privileges.topics:reply -->">Reply to Topics</a></li>
<li role="presentation"><a href="#" data-priv="edit" class="<!-- IF users.privileges.edit -->active<!-- ENDIF users.privileges.edit -->">Edit Posts</a></li> <li role="presentation"><a href="#" data-priv="posts:edit" class="<!-- IF users.privileges.posts:edit -->active<!-- ENDIF users.privileges.posts:edit -->">Edit Posts</a></li>
<li role="presentation"><a href="#" data-priv="delete" class="<!-- IF users.privileges.delete -->active<!-- ENDIF users.privileges.delete -->">Delete Posts</a></li> <li role="presentation"><a href="#" data-priv="posts:delete" class="<!-- IF users.privileges.posts:delete -->active<!-- ENDIF users.privileges.posts:delete -->">Delete Posts</a></li>
<li role="presentation"><a href="#" data-priv="topics:delete" class="<!-- IF users.privileges.topics:delete -->active<!-- ENDIF users.privileges.topics:delete -->">Delete Topics</a></li> <li role="presentation"><a href="#" data-priv="topics:delete" class="<!-- IF users.privileges.topics:delete -->active<!-- ENDIF users.privileges.topics:delete -->">Delete Topics</a></li>
<li role="presentation" class="divider"></li> <li role="presentation" class="divider"></li>
<li role="presentation"><a href="#" data-priv="mods" class="<!-- IF users.privileges.mods -->active<!-- ENDIF users.privileges.mods -->">Moderator</a></li> <li role="presentation"><a href="#" data-priv="mods" class="<!-- IF users.privileges.mods -->active<!-- ENDIF users.privileges.mods -->">Moderator</a></li>

Loading…
Cancel
Save