Fixed privileges

2014-09-30 22:09:43 +02:00 · 2014-09-30 22:09:43 +02:00 · 4c458d8b20
commit 4c458d8b20
parent 0cfb7b821d
9 changed files with 39 additions and 19 deletions
--- a/data/config.ini
+++ b/data/config.ini
@ -25,6 +25,7 @@ needEmailActivationToRegister = 1
 [security.privileges]
 register                = anonymous
 listUsers               = regularUser, powerUser, moderator, administrator
+viewUsers               = regularUser, powerUser, moderator, administrator
 deleteOwnAccount        = regularUser, powerUser, moderator, administrator
 deleteAllAccounts       = administrator
 changeOwnName           = regularUser, powerUser, moderator, administrator
@ -40,9 +41,8 @@ changeAccessRank        = administrator
 viewAllEmailAddresses   = moderator, administrator
 ban                     = moderator, administrator

-listSafePosts           = anonymous, regularUser, powerUser, moderator, administrator
-listSketchyPosts        = anonymous, regularUser, powerUser, moderator, administrator
-listUnsafePosts         = anonymous, regularUser, powerUser, moderator, administrator
+listPosts               = anonymous, regularUser, powerUser, moderator, administrator
+viewPosts               = anonymous, regularUser, powerUser, moderator, administrator
 uploadPosts             = regularUser, powerUser, moderator, administrator
 uploadPostsAnonymously  = regularUser, powerUser, moderator, administrator
 deletePosts             = moderator, administrator
--- a/public_html/js/Auth.js
+++ b/public_html/js/Auth.js
@ -5,6 +5,7 @@ App.Auth = function(_, jQuery, util, api, appState, promise) {
 	var privileges = {
 		register: 'register',
 		listUsers: 'listUsers',
+		viewUsers: 'viewUsers',
 		viewAllEmailAddresses: 'viewAllEmailAddresses',
 		changeAccessRank: 'changeAccessRank',
 		changeOwnAvatarStyle: 'changeOwnAvatarStyle',
@ -19,9 +20,8 @@ App.Auth = function(_, jQuery, util, api, appState, promise) {
 		deleteAllAccounts: 'deleteAllAccounts',
 		ban: 'ban',

-		listSafePosts: 'listSafePosts',
-		listSketchyPosts: 'listSketchyPosts',
-		listUnsafePosts: 'listUnsafePosts',
+		listPosts: 'listPosts',
+		viewPosts: 'viewPosts',
 		uploadPosts: 'uploadPosts',
 		uploadPostsAnonymously: 'uploadPostsAnonymously',
 		deletePosts: 'deletePosts',
--- a/public_html/js/Presenters/HomePresenter.js
+++ b/public_html/js/Presenters/HomePresenter.js
@ -7,6 +7,7 @@ App.Presenters.HomePresenter = function(
 	util,
 	promise,
 	api,
+	auth,
 	topNavigationPresenter,
 	messagePresenter) {

@ -50,6 +51,8 @@ App.Presenters.HomePresenter = function(
 			postContentTemplate: postContentTemplate,
 			globals: globals,
 			title: topNavigationPresenter.getBaseTitle(),
+			canViewUsers: auth.hasPrivilege(auth.privileges.viewUsers),
+			canViewPosts: auth.hasPrivilege(auth.privileges.viewPosts),
 			formatRelativeTime: util.formatRelativeTime,
 			formatFileSize: util.formatFileSize,
 		}));
@ -62,4 +65,4 @@ App.Presenters.HomePresenter = function(

 };

-App.DI.register('homePresenter', ['_', 'jQuery', 'util', 'promise', 'api', 'topNavigationPresenter', 'messagePresenter'], App.Presenters.HomePresenter);
+App.DI.register('homePresenter', ['_', 'jQuery', 'util', 'promise', 'api', 'auth', 'topNavigationPresenter', 'messagePresenter'], App.Presenters.HomePresenter);
--- a/public_html/js/Presenters/PostPresenter.js
+++ b/public_html/js/Presenters/PostPresenter.js
@ -79,7 +79,7 @@ App.Presenters.PostPresenter = function(
 				topNavigationPresenter.changeTitle('@' + post.id);
 				render();
 				loaded();
-			});
+			}).fail(loaded);
 	}

 	function refreshPost() {
@ -344,6 +344,9 @@ App.Presenters.PostPresenter = function(
 	}

 	function showGenericError(response) {
+		if ($messages === $el) {
+			$el.empty();
+		}
 		messagePresenter.showError($messages, response.json && response.json.error || response);
 	}

--- a/public_html/js/Presenters/TopNavigationPresenter.js
+++ b/public_html/js/Presenters/TopNavigationPresenter.js
@ -38,9 +38,7 @@ App.Presenters.TopNavigationPresenter = function(
 			loggedIn: auth.isLoggedIn(),
 			user: auth.getCurrentUser(),
 			canListUsers: auth.hasPrivilege(auth.privileges.listUsers),
-			canListPosts: auth.hasPrivilege(auth.privileges.listSafePosts) ||
-				auth.hasPrivilege(auth.privileges.listSketchyPosts) ||
-				auth.hasPrivilege(auth.privileges.listUnsafePosts),
+			canListPosts: auth.hasPrivilege(auth.privileges.listPosts),
 			canListTags: auth.hasPrivilege(auth.privileges.listTags),
 			canUploadPosts: auth.hasPrivilege(auth.privileges.uploadPosts),
 		}));
--- a/public_html/templates/home.tpl
+++ b/public_html/templates/home.tpl
@ -10,9 +10,17 @@
 			<div class="post-footer">

 				<span class="left">
-					<a href="#/post/<%= post.id %>">
-						<%= post.idMarkdown %>
-					</a>
+					<% var showLink = canViewPosts %>
+
+					<% if (showLink) { %>
+						<a href="#/post/<%= post.id %>">
+					<% } %>
+
+					<%= post.idMarkdown %>
+
+					<% if (showLink) { %>
+						</a>
+					<% } %>

 					uploaded
 					<%= formatRelativeTime(post.uploadTime) %>
@ -21,7 +29,9 @@
 				<span class="right">
 					featured by

-					<% if (post.user.name) { %>
+					<% var showLink = canViewUsers && post.user.name %>
+
+					<% if (showLink) { %>
 						<a href="#/user/<%= post.user.name %>">
 					<% } %>

@ -31,7 +41,7 @@

 					<%= post.user.name || 'Anonymous user' %>

-					<% if (post.user.name) { %>
+					<% if (showLink) { %>
 						</a>
 					<% } %>
 				</span>
--- a/src/Controllers/PostController.php
+++ b/src/Controllers/PostController.php
@ -43,18 +43,23 @@ final class PostController extends AbstractController

 	public function getByNameOrId($postNameOrId)
 	{
+		if ($postNameOrId !== 'featured')
+			$this->privilegeService->assertPrivilege(\Szurubooru\Privilege::VIEW_POSTS);
+
 		$post = $this->getByNameOrIdWithoutProxy($postNameOrId);
 		return $this->postViewProxy->fromEntity($post, $this->getFullFetchConfig());
 	}

 	public function getHistory($postNameOrId)
 	{
+		$this->privilegeService->assertPrivilege(\Szurubooru\Privilege::VIEW_HISTORY);
 		$post = $this->getByNameOrIdWithoutProxy($postNameOrId);
 		return ['data' => $this->snapshotViewProxy->fromArray($this->postService->getHistory($post))];
 	}

 	public function getFiltered()
 	{
+		$this->privilegeService->assertPrivilege(\Szurubooru\Privilege::LIST_POSTS);
 		$filter = $this->postSearchParser->createFilterFromInputReader($this->inputReader);
 		$filter->setPageSize($this->config->posts->postsPerPage);
 		$result = $this->postService->getFiltered($filter);
--- a/src/Controllers/UserController.php
+++ b/src/Controllers/UserController.php
@ -44,6 +44,7 @@ final class UserController extends AbstractController

 	public function getByNameOrEmail($userNameOrEmail)
 	{
+		$this->privilegeService->assertPrivilege(\Szurubooru\Privilege::VIEW_USERS);
 		$user = $this->userService->getByNameOrEmail($userNameOrEmail);
 		return $this->userViewProxy->fromEntity($user);
 	}
--- a/src/Privilege.php
+++ b/src/Privilege.php
@ -5,6 +5,7 @@ class Privilege
 {
 	const REGISTER = 'register';
 	const LIST_USERS = 'listUsers';
+	const VIEW_USERS = 'viewUsers';
 	const VIEW_ALL_EMAIL_ADDRESSES = 'viewAllEmailAddresses';
 	const CHANGE_ACCESS_RANK = 'changeAccessRank';
 	const CHANGE_OWN_AVATAR_STYLE = 'changeOwnAvatarStyle';
@ -19,9 +20,8 @@ class Privilege
 	const DELETE_ALL_ACCOUNTS = 'deleteAllAccounts';
 	const BAN = 'ban';

-	const LIST_SAFE_POSTS = 'listSafePosts';
-	const LIST_SKETCHY_POSTS = 'listSketchyPosts';
-	const LIST_UNSAFE_POSTS = 'listUnsafePosts';
+	const LIST_POSTS = 'listPosts';
+	const VIEW_POSTS = 'viewPosts';
 	const UPLOAD_POSTS = 'uploadPosts';
 	const UPLOAD_POSTS_ANONYMOUSLY = 'uploadPostsAnonymously';
 	const DELETE_POSTS = 'deletePosts';