Third party permissions working

This commit is contained in:
Henrique Dias 2017-07-14 08:25:37 +01:00
parent 3bcfdb6221
commit e78e106146
No known key found for this signature in database
GPG Key ID: 936F5EB68D786730
4 changed files with 53 additions and 19 deletions

View File

@ -17,6 +17,9 @@
<p><input type="checkbox" :disabled="admin" v-model="allowNew"> Create new files and directories</p> <p><input type="checkbox" :disabled="admin" v-model="allowNew"> Create new files and directories</p>
<p><input type="checkbox" :disabled="admin" v-model="allowEdit"> Edit, rename and delete files or directories.</p> <p><input type="checkbox" :disabled="admin" v-model="allowEdit"> Edit, rename and delete files or directories.</p>
<p><input type="checkbox" :disabled="admin" v-model="allowCommands"> Execute commands</p> <p><input type="checkbox" :disabled="admin" v-model="allowCommands"> Execute commands</p>
<p v-for="(value, key) in permissions" :key="key">
<input type="checkbox" :disabled="admin" v-model="permissions[key]"> {{ capitalize(key) }}
</p>
<h3>Commands</h3> <h3>Commands</h3>
@ -62,6 +65,7 @@ export default {
allowNew: false, allowNew: false,
allowEdit: false, allowEdit: false,
allowCommands: false, allowCommands: false,
permissions: {},
password: '', password: '',
username: '', username: '',
filesystem: '', filesystem: '',
@ -86,16 +90,20 @@ export default {
this.allowCommands = true this.allowCommands = true
this.allowEdit = true this.allowEdit = true
this.allowNew = true this.allowNew = true
for (let key in this.permissions) {
this.permissions[key] = true
}
} }
}, },
methods: { methods: {
fetchData () { fetchData () {
let user = this.$route.params[0]
if (this.$route.path === '/users/new') { if (this.$route.path === '/users/new') {
this.reset() user = 'base'
return
} }
api.getUser(this.$route.params[0]).then(user => { api.getUser(user).then(user => {
this.id = user.ID this.id = user.ID
this.admin = user.admin this.admin = user.admin
this.allowCommands = user.allowCommands this.allowCommands = user.allowCommands
@ -105,6 +113,7 @@ export default {
this.username = user.username this.username = user.username
this.commands = user.commands.join(' ') this.commands = user.commands.join(' ')
this.css = user.css this.css = user.css
this.permissions = user.permissions
for (let rule of user.rules) { for (let rule of user.rules) {
if (rule.allow) { if (rule.allow) {
@ -127,11 +136,22 @@ export default {
this.$router.push({ path: '/users/new' }) this.$router.push({ path: '/users/new' })
}) })
}, },
capitalize (name) {
let splitted = name.split(/(?=[A-Z])/)
name = ''
for (let i = 0; i < splitted.length; i++) {
name += splitted[i].charAt(0).toUpperCase() + splitted[i].slice(1) + ' '
}
return name.slice(0, -1)
},
reset () { reset () {
this.id = 0 this.id = 0
this.admin = false this.admin = false
this.allowNew = false this.allowNew = false
this.allowEdit = false this.allowEdit = false
this.permissins = {}
this.allowCommands = false this.allowCommands = false
this.password = '' this.password = ''
this.username = '' this.username = ''
@ -171,6 +191,7 @@ export default {
allowCommands: this.allowCommands, allowCommands: this.allowCommands,
allowNew: this.allowNew, allowNew: this.allowNew,
allowEdit: this.allowEdit, allowEdit: this.allowEdit,
permissions: this.permissions,
css: this.css, css: this.css,
commands: this.commands.split(' '), commands: this.commands.split(' '),
rules: [] rules: []

View File

@ -106,6 +106,7 @@ func parse(c *caddy.Controller) ([]*filemanager.FileManager, error) {
AllowCommands: true, AllowCommands: true,
AllowEdit: true, AllowEdit: true,
AllowNew: true, AllowNew: true,
Permissions: map[string]bool{},
Commands: []string{"git", "svn", "hg"}, Commands: []string{"git", "svn", "hg"},
Rules: []*filemanager.Rule{{ Rules: []*filemanager.Rule{{
Regex: true, Regex: true,
@ -148,6 +149,11 @@ func parse(c *caddy.Controller) ([]*filemanager.FileManager, error) {
return nil, err return nil, err
} }
err = m.RegisterPermission("allowPublish", true)
if err != nil {
return nil, err
}
m.SetBaseURL(admin) m.SetBaseURL(admin)
m.SetPrefixURL(strings.TrimSuffix(caddyConf.Addr.Path, "/")) m.SetPrefixURL(strings.TrimSuffix(caddyConf.Addr.Path, "/"))
configs = append(configs, m) configs = append(configs, m)

View File

@ -42,12 +42,12 @@ type FileManager struct {
// edited directly. Use SetBaseURL. // edited directly. Use SetBaseURL.
BaseURL string BaseURL string
// The Default User needed to build the New User page.
DefaultUser *User
// Users is a map with the different configurations for each user. // Users is a map with the different configurations for each user.
Users map[string]*User Users map[string]*User
// A map with the runtime added permissions for a user.
BasePermissions map[string]bool
// A map of events to a slice of commands. // A map of events to a slice of commands.
Commands map[string][]string Commands map[string][]string
@ -87,7 +87,7 @@ type User struct {
AllowNew bool `json:"allowNew"` // Create files and folders AllowNew bool `json:"allowNew"` // Create files and folders
AllowEdit bool `json:"allowEdit"` // Edit/rename files AllowEdit bool `json:"allowEdit"` // Edit/rename files
AllowCommands bool `json:"allowCommands"` // Execute commands AllowCommands bool `json:"allowCommands"` // Execute commands
Permissions map[string]bool `json:""` // Permissions added by plugins Permissions map[string]bool `json:"permissions"` // Permissions added by plugins
// Commands is the list of commands the user can execute. // Commands is the list of commands the user can execute.
Commands []string `json:"commands"` Commands []string `json:"commands"`
@ -132,6 +132,7 @@ var DefaultUser = User{
AllowCommands: true, AllowCommands: true,
AllowEdit: true, AllowEdit: true,
AllowNew: true, AllowNew: true,
Permissions: map[string]bool{},
Commands: []string{}, Commands: []string{},
Rules: []*Rule{}, Rules: []*Rule{},
CSS: "", CSS: "",
@ -187,17 +188,6 @@ func New(database string, base User) (*FileManager, error) {
return nil, err return nil, err
} }
// Tries to get the base permissions from the database.
err = db.Get("config", "permissions", &m.BasePermissions)
if err != nil && err == storm.ErrNotFound {
m.BasePermissions = map[string]bool{}
err = db.Set("config", "permissions", m.BasePermissions)
}
if err != nil {
return nil, err
}
// Tries to fetch the users from the database and if there are // Tries to fetch the users from the database and if there are
// any, add them to the current File Manager instance. // any, add them to the current File Manager instance.
var users []User var users []User
@ -233,6 +223,9 @@ func New(database string, base User) (*FileManager, error) {
// Attaches db to this File Manager instance. // Attaches db to this File Manager instance.
m.db = db m.db = db
base.Username = ""
base.Password = ""
m.DefaultUser = &base
return m, nil return m, nil
} }
@ -295,11 +288,17 @@ func (m *FileManager) RegisterEventType(name string) error {
// user with it default's 'value'. If the user is an admin, it will // user with it default's 'value'. If the user is an admin, it will
// be true. // be true.
func (m *FileManager) RegisterPermission(name string, value bool) error { func (m *FileManager) RegisterPermission(name string, value bool) error {
if _, ok := m.BasePermissions[name]; ok { if _, ok := m.DefaultUser.Permissions[name]; ok {
return nil return nil
} }
m.DefaultUser.Permissions[name] = value
for _, u := range m.Users { for _, u := range m.Users {
if u.Permissions == nil {
u.Permissions = map[string]bool{}
}
if u.Admin { if u.Admin {
u.Permissions[name] = true u.Permissions[name] = true
} else { } else {

View File

@ -52,6 +52,10 @@ func usersGetHandler(c *RequestContext, w http.ResponseWriter, r *http.Request)
return renderJSON(w, users) return renderJSON(w, users)
} }
if r.URL.Path == "/base" {
return renderJSON(w, c.FM.DefaultUser)
}
// Otherwise we just want one, specific, user. // Otherwise we just want one, specific, user.
sid := strings.TrimPrefix(r.URL.Path, "/") sid := strings.TrimPrefix(r.URL.Path, "/")
sid = strings.TrimSuffix(sid, "/") sid = strings.TrimSuffix(sid, "/")
@ -277,6 +281,10 @@ func usersPutHandler(c *RequestContext, w http.ResponseWriter, r *http.Request)
u.Password = pw u.Password = pw
} }
if u.Permissions == nil {
u.Permissions = c.FM.DefaultUser.Permissions
}
// Updates the whole User struct because we always are supposed // Updates the whole User struct because we always are supposed
// to send a new entire object. // to send a new entire object.
err = c.FM.db.Save(&u) err = c.FM.db.Save(&u)