From 954605a804da399317ca62afa2fb9244afa11ebf Mon Sep 17 00:00:00 2001
From: Chocobozzz <florian.bigard@gmail.com>
Date: Fri, 27 Oct 2017 16:55:03 +0200
Subject: Support roles with rights and add moderator role

---
 server/models/user/user-interface.ts |  9 +++++----
 server/models/user/user.ts           | 29 ++++++++++++++++++-----------
 2 files changed, 23 insertions(+), 15 deletions(-)

(limited to 'server/models')

diff --git a/server/models/user/user-interface.ts b/server/models/user/user-interface.ts
index 1b5233eaf..49c75aa3b 100644
--- a/server/models/user/user-interface.ts
+++ b/server/models/user/user-interface.ts
@@ -3,15 +3,16 @@ import * as Promise from 'bluebird'
 
 // Don't use barrel, import just what we need
 import { User as FormattedUser } from '../../../shared/models/users/user.model'
-import { UserRole } from '../../../shared/models/users/user-role.type'
 import { ResultList } from '../../../shared/models/result-list.model'
 import { AuthorInstance } from '../video/author-interface'
+import { UserRight } from '../../../shared/models/users/user-right.enum'
+import { UserRole } from '../../../shared/models/users/user-role'
 
 export namespace UserMethods {
+  export type HasRight = (this: UserInstance, right: UserRight) => boolean
   export type IsPasswordMatch = (this: UserInstance, password: string) => Promise<boolean>
 
   export type ToFormattedJSON = (this: UserInstance) => FormattedUser
-  export type IsAdmin = (this: UserInstance) => boolean
   export type IsAbleToUploadVideo = (this: UserInstance, videoFile: Express.Multer.File) => Promise<boolean>
 
   export type CountTotal = () => Promise<number>
@@ -31,7 +32,7 @@ export namespace UserMethods {
 export interface UserClass {
   isPasswordMatch: UserMethods.IsPasswordMatch,
   toFormattedJSON: UserMethods.ToFormattedJSON,
-  isAdmin: UserMethods.IsAdmin,
+  hasRight: UserMethods.HasRight,
   isAbleToUploadVideo: UserMethods.IsAbleToUploadVideo,
 
   countTotal: UserMethods.CountTotal,
@@ -62,7 +63,7 @@ export interface UserInstance extends UserClass, UserAttributes, Sequelize.Insta
 
   isPasswordMatch: UserMethods.IsPasswordMatch
   toFormattedJSON: UserMethods.ToFormattedJSON
-  isAdmin: UserMethods.IsAdmin
+  hasRight: UserMethods.HasRight
 }
 
 export interface UserModel extends UserClass, Sequelize.Model<UserInstance, UserAttributes> {}
diff --git a/server/models/user/user.ts b/server/models/user/user.ts
index 074c9c121..3c625e450 100644
--- a/server/models/user/user.ts
+++ b/server/models/user/user.ts
@@ -1,17 +1,17 @@
-import { values } from 'lodash'
 import * as Sequelize from 'sequelize'
 import * as Promise from 'bluebird'
 
 import { getSort } from '../utils'
-import { USER_ROLES } from '../../initializers'
 import {
   cryptPassword,
   comparePassword,
   isUserPasswordValid,
   isUserUsernameValid,
   isUserDisplayNSFWValid,
-  isUserVideoQuotaValid
+  isUserVideoQuotaValid,
+  isUserRoleValid
 } from '../../helpers'
+import { UserRight, USER_ROLE_LABELS, hasUserRight } from '../../../shared'
 
 import { addMethodsToModel } from '../utils'
 import {
@@ -23,8 +23,8 @@ import {
 
 let User: Sequelize.Model<UserInstance, UserAttributes>
 let isPasswordMatch: UserMethods.IsPasswordMatch
+let hasRight: UserMethods.HasRight
 let toFormattedJSON: UserMethods.ToFormattedJSON
-let isAdmin: UserMethods.IsAdmin
 let countTotal: UserMethods.CountTotal
 let getByUsername: UserMethods.GetByUsername
 let listForApi: UserMethods.ListForApi
@@ -76,8 +76,14 @@ export default function (sequelize: Sequelize.Sequelize, DataTypes: Sequelize.Da
         }
       },
       role: {
-        type: DataTypes.ENUM(values(USER_ROLES)),
-        allowNull: false
+        type: DataTypes.INTEGER,
+        allowNull: false,
+        validate: {
+          roleValid: value => {
+            const res = isUserRoleValid(value)
+            if (res === false) throw new Error('Role is not valid.')
+          }
+        }
       },
       videoQuota: {
         type: DataTypes.BIGINT,
@@ -120,9 +126,9 @@ export default function (sequelize: Sequelize.Sequelize, DataTypes: Sequelize.Da
     loadByUsernameOrEmail
   ]
   const instanceMethods = [
+    hasRight,
     isPasswordMatch,
     toFormattedJSON,
-    isAdmin,
     isAbleToUploadVideo
   ]
   addMethodsToModel(User, classMethods, instanceMethods)
@@ -139,6 +145,10 @@ function beforeCreateOrUpdate (user: UserInstance) {
 
 // ------------------------------ METHODS ------------------------------
 
+hasRight = function (this: UserInstance, right: UserRight) {
+  return hasUserRight(this.role, right)
+}
+
 isPasswordMatch = function (this: UserInstance, password: string) {
   return comparePassword(password, this.password)
 }
@@ -150,6 +160,7 @@ toFormattedJSON = function (this: UserInstance) {
     email: this.email,
     displayNSFW: this.displayNSFW,
     role: this.role,
+    roleLabel: USER_ROLE_LABELS[this.role],
     videoQuota: this.videoQuota,
     createdAt: this.createdAt,
     author: {
@@ -174,10 +185,6 @@ toFormattedJSON = function (this: UserInstance) {
   return json
 }
 
-isAdmin = function (this: UserInstance) {
-  return this.role === USER_ROLES.ADMIN
-}
-
 isAbleToUploadVideo = function (this: UserInstance, videoFile: Express.Multer.File) {
   if (this.videoQuota === -1) return Promise.resolve(true)
 
-- 
cgit v1.2.3