fix: bug printInput isAuthorized

AdFabConnect · Nov 25, 2016 · cf43231 · cf43231
1 parent 2d89cf9
commit cf43231
Show file tree

Hide file tree

Showing 4 changed files with 29 additions and 21 deletions.
diff --git a/src/cli/cms/editor/handlebars/printBlock.js b/src/cli/cms/editor/handlebars/printBlock.js
@@ -74,7 +74,7 @@ export default function printBlock (ctx, root) {
     res += printInput(ctx[0], root)
   }
 
-  var template = cmsTemplates.Handlebars.compile(res)
-  return new cmsTemplates.Handlebars.SafeString(template(ctx, {data: {intl: config.intlData}}))
-  // return res
+  // var template = cmsTemplates.Handlebars.compile(res)
+  // return new cmsTemplates.Handlebars.SafeString(template(ctx, {data: {intl: config.intlData}}))
+  return res
 }
diff --git a/src/cli/cms/editor/handlebars/printInput.js b/src/cli/cms/editor/handlebars/printInput.js
@@ -2,6 +2,7 @@ import sourceAutocomplete   from './sourceAutocomplete'
 import sourceOption   from './sourceOption'
 import {
   abeExtend
+  ,User
 } from '../../../'
 
 /**
@@ -37,7 +38,10 @@ export default function printInput (params, root) {
     userWorkflow = root.user.role.workflow
   }
 
-  var disabled = `{{#isAuthorized '/abe/save/${params.status}/edit' "${userWorkflow}"}}{{else}}disabled="disabled"{{/isAuthorized}}"`
+  var disabled = ''
+  if (!User.utils.isUserAllowedOnRoute(userWorkflow, `/abe/save/${params.status}/edit`)) {
+    disabled = 'disabled="disabled"'
+  }
   if (params.tab == 'slug') {
     disabled = ''
   }

diff --git a/src/cli/users/utils.js b/src/cli/users/utils.js
@@ -204,26 +204,30 @@ export function isAbeRestrictedUrl(currentRoute) {
 }
 
 export function isUserAllowedOnRoute(workflow, currentRoute) {
-  if( currentRoute.indexOf('/abe/users/forgot') > -1 || currentRoute.indexOf('/abe/users/login') > -1 || !/^\/abe/.test(currentRoute)) {
-    return true
-  }
-
   var isAllowed = false
 
-  if (currentRoute.indexOf('abe/') === -1) {
-    isAllowed = true
-  }
+  if (config.users.enable) {
+    if( currentRoute.indexOf('/abe/users/forgot') > -1 || currentRoute.indexOf('/abe/users/login') > -1 || !/^\/abe/.test(currentRoute)) {
+      return true
+    }
 
-  if (workflow != null) {
-    var routes = config.users.routes
-    if(typeof routes[workflow] !== 'undefined' && routes[workflow] !== null) {
-      Array.prototype.forEach.call(routes[workflow], (route) => {
-        var reg = new RegExp(route)
-        if(reg.test(currentRoute)) {
-          isAllowed = true
-        }
-      })
+    if (currentRoute.indexOf('abe/') === -1) {
+      isAllowed = true
     }
+
+    if (workflow != null) {
+      var routes = config.users.routes
+      if(typeof routes[workflow] !== 'undefined' && routes[workflow] !== null) {
+        Array.prototype.forEach.call(routes[workflow], (route) => {
+          var reg = new RegExp(route)
+          if(reg.test(currentRoute)) {
+            isAllowed = true
+          }
+        })
+      }
+    }
+  }else {
+    isAllowed = true
   }
 
   return isAllowed

diff --git a/src/server/views/partials/menu-left.html b/src/server/views/partials/menu-left.html
@@ -24,7 +24,7 @@ <h1><small>{{@root.text.site}}</small></h1>
   {{/if}}
   {{#isAuthorized '/abe/list-url' @root.user.role.workflow}}
     <li class="list-group-item pointer">
-      <a href="/abe/list-url">Admin url list</a> 
+      <a href="/abe/list-url">User roles</a> 
     </li>
   {{/isAuthorized}}
   {{abeImport 'menu-left-addons' manager.config this}}