Noded/backend
3
0
Fork 0
Code Issues 19 Pull Requests Releases Wiki Activity

Fix user permission grant issue
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone Build is passing
Details

Browse Source
This commit is contained in:
Garrett Mills 2021-03-16 16:50:01 -05:00
parent ffb5e35205
commit 572edda4ae
Signed by: garrettmills
GPG Key ID: D2BF5FBA8298F246
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/api/v1/Page.controller.js
View File

@ -65,7 +65,7 @@ class Page extends Controller {
const user = req.user const user = req.user
let { page } = req.form let { page } = req.form
const level = await page.access_level_for(req.user) const level = await page.access_level_for(user)
const version_num = req.body.version || req.query.version const version_num = req.body.version || req.query.version
if ( version_num ) { if ( version_num ) {
@ -252,8 +252,6 @@ class Page extends Controller {
} }
} }
// console.log('updated nodes', updated_nodes)
let delete_nodes = nodes let delete_nodes = nodes
for ( const node of updated_nodes ) { for ( const node of updated_nodes ) {
await node.version_save(`Contents saved in page "${page.Name}"`, req.user.id) await node.version_save(`Contents saved in page "${page.Name}"`, req.user.id)

6
app/models/auth/User.model.js
View File

@ -83,6 +83,12 @@ class User extends AuthUser {
const PublicUserPermission = this.models.get('auth:PublicUserPermission') const PublicUserPermission = this.models.get('auth:PublicUserPermission')
return await PublicUserPermission.can(permission) return await PublicUserPermission.can(permission)
} }
allow(permission, force = false){
// Need to check super.can, since this.can is async.
// This will exclude public user permissions, which is the behavior we want anyway.
if ( !super.can(permission) || (force && !this.permissions.includes(permission)) ) this.permissions.push(permission)
}
} }