From 954605a804da399317ca62afa2fb9244afa11ebf Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Fri, 27 Oct 2017 16:55:03 +0200 Subject: Support roles with rights and add moderator role --- server/controllers/api/pods.ts | 9 +++++---- server/controllers/api/request-schedulers.ts | 6 +++--- server/controllers/api/users.ts | 20 +++++++++++--------- server/controllers/api/videos/abuse.ts | 6 +++--- server/controllers/api/videos/blacklist.ts | 10 +++++----- 5 files changed, 27 insertions(+), 24 deletions(-) (limited to 'server/controllers/api') diff --git a/server/controllers/api/pods.ts b/server/controllers/api/pods.ts index bf1b744e5..b44cd6b83 100644 --- a/server/controllers/api/pods.ts +++ b/server/controllers/api/pods.ts @@ -9,7 +9,7 @@ import { } from '../../lib' import { authenticate, - ensureIsAdmin, + ensureUserHasRight, makeFriendsValidator, setBodyHostsPort, podRemoveValidator, @@ -20,6 +20,7 @@ import { asyncMiddleware } from '../../middlewares' import { PodInstance } from '../../models' +import { UserRight } from '../../../shared' const podsRouter = express.Router() @@ -32,19 +33,19 @@ podsRouter.get('/', ) podsRouter.post('/make-friends', authenticate, - ensureIsAdmin, + ensureUserHasRight(UserRight.MANAGE_PODS), makeFriendsValidator, setBodyHostsPort, asyncMiddleware(makeFriendsController) ) podsRouter.get('/quit-friends', authenticate, - ensureIsAdmin, + ensureUserHasRight(UserRight.MANAGE_PODS), asyncMiddleware(quitFriendsController) ) podsRouter.delete('/:id', authenticate, - ensureIsAdmin, + ensureUserHasRight(UserRight.MANAGE_PODS), podRemoveValidator, asyncMiddleware(removeFriendController) ) diff --git a/server/controllers/api/request-schedulers.ts b/server/controllers/api/request-schedulers.ts index 28f46f3ee..4c8fbe18b 100644 --- a/server/controllers/api/request-schedulers.ts +++ b/server/controllers/api/request-schedulers.ts @@ -7,14 +7,14 @@ import { getRequestVideoQaduScheduler, getRequestVideoEventScheduler } from '../../lib' -import { authenticate, ensureIsAdmin, asyncMiddleware } from '../../middlewares' -import { RequestSchedulerStatsAttributes } from '../../../shared' +import { authenticate, ensureUserHasRight, asyncMiddleware } from '../../middlewares' +import { RequestSchedulerStatsAttributes, UserRight } from '../../../shared' const requestSchedulerRouter = express.Router() requestSchedulerRouter.get('/stats', authenticate, - ensureIsAdmin, + ensureUserHasRight(UserRight.MANAGE_REQUEST_SCHEDULERS), asyncMiddleware(getRequestSchedulersStats) ) diff --git a/server/controllers/api/users.ts b/server/controllers/api/users.ts index 18a094f03..fdc9b0c87 100644 --- a/server/controllers/api/users.ts +++ b/server/controllers/api/users.ts @@ -1,11 +1,10 @@ import * as express from 'express' -import { database as db } from '../../initializers/database' -import { USER_ROLES, CONFIG } from '../../initializers' +import { database as db, CONFIG } from '../../initializers' import { logger, getFormattedObjects, retryTransactionWrapper } from '../../helpers' import { authenticate, - ensureIsAdmin, + ensureUserHasRight, ensureUserRegistrationAllowed, usersAddValidator, usersRegisterValidator, @@ -25,7 +24,9 @@ import { UserVideoRate as FormattedUserVideoRate, UserCreate, UserUpdate, - UserUpdateMe + UserUpdateMe, + UserRole, + UserRight } from '../../../shared' import { createUserAuthorAndChannel } from '../../lib' import { UserInstance } from '../../models' @@ -58,7 +59,7 @@ usersRouter.get('/:id', usersRouter.post('/', authenticate, - ensureIsAdmin, + ensureUserHasRight(UserRight.MANAGE_USERS), usersAddValidator, createUserRetryWrapper ) @@ -77,14 +78,14 @@ usersRouter.put('/me', usersRouter.put('/:id', authenticate, - ensureIsAdmin, + ensureUserHasRight(UserRight.MANAGE_USERS), usersUpdateValidator, asyncMiddleware(updateUser) ) usersRouter.delete('/:id', authenticate, - ensureIsAdmin, + ensureUserHasRight(UserRight.MANAGE_USERS), usersRemoveValidator, asyncMiddleware(removeUser) ) @@ -119,7 +120,7 @@ async function createUser (req: express.Request, res: express.Response, next: ex password: body.password, email: body.email, displayNSFW: false, - role: USER_ROLES.USER, + role: body.role, videoQuota: body.videoQuota }) @@ -136,7 +137,7 @@ async function registerUser (req: express.Request, res: express.Response, next: password: body.password, email: body.email, displayNSFW: false, - role: USER_ROLES.USER, + role: UserRole.USER, videoQuota: CONFIG.USER.VIDEO_QUOTA }) @@ -203,6 +204,7 @@ async function updateUser (req: express.Request, res: express.Response, next: ex if (body.email !== undefined) user.email = body.email if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota + if (body.role !== undefined) user.role = body.role await user.save() diff --git a/server/controllers/api/videos/abuse.ts b/server/controllers/api/videos/abuse.ts index 4c7abf395..04349042b 100644 --- a/server/controllers/api/videos/abuse.ts +++ b/server/controllers/api/videos/abuse.ts @@ -9,7 +9,7 @@ import { } from '../../../helpers' import { authenticate, - ensureIsAdmin, + ensureUserHasRight, paginationValidator, videoAbuseReportValidator, videoAbusesSortValidator, @@ -18,13 +18,13 @@ import { asyncMiddleware } from '../../../middlewares' import { VideoInstance } from '../../../models' -import { VideoAbuseCreate } from '../../../../shared' +import { VideoAbuseCreate, UserRight } from '../../../../shared' const abuseVideoRouter = express.Router() abuseVideoRouter.get('/abuse', authenticate, - ensureIsAdmin, + ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES), paginationValidator, videoAbusesSortValidator, setVideoAbusesSort, diff --git a/server/controllers/api/videos/blacklist.ts b/server/controllers/api/videos/blacklist.ts index 5a2c3fd80..be7cf6ea4 100644 --- a/server/controllers/api/videos/blacklist.ts +++ b/server/controllers/api/videos/blacklist.ts @@ -4,7 +4,7 @@ import { database as db } from '../../../initializers' import { logger, getFormattedObjects } from '../../../helpers' import { authenticate, - ensureIsAdmin, + ensureUserHasRight, videosBlacklistAddValidator, videosBlacklistRemoveValidator, paginationValidator, @@ -14,20 +14,20 @@ import { asyncMiddleware } from '../../../middlewares' import { BlacklistedVideoInstance } from '../../../models' -import { BlacklistedVideo } from '../../../../shared' +import { BlacklistedVideo, UserRight } from '../../../../shared' const blacklistRouter = express.Router() blacklistRouter.post('/:videoId/blacklist', authenticate, - ensureIsAdmin, + ensureUserHasRight(UserRight.MANAGE_VIDEO_BLACKLIST), videosBlacklistAddValidator, asyncMiddleware(addVideoToBlacklist) ) blacklistRouter.get('/blacklist', authenticate, - ensureIsAdmin, + ensureUserHasRight(UserRight.MANAGE_VIDEO_BLACKLIST), paginationValidator, blacklistSortValidator, setBlacklistSort, @@ -37,7 +37,7 @@ blacklistRouter.get('/blacklist', blacklistRouter.delete('/:videoId/blacklist', authenticate, - ensureIsAdmin, + ensureUserHasRight(UserRight.MANAGE_VIDEO_BLACKLIST), videosBlacklistRemoveValidator, asyncMiddleware(removeVideoFromBlacklistController) ) -- cgit v1.2.3