Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Closes #3196 * adds `/roles/` endpoint * is given the current user as context * wraps everything in a canthis.browse.role * gets all the available roles (should "Owner" be filtered out?) * optional parameter: `permission=assign`. Gets all roles authenticated user could assign * if we're not signed in, gives a "please sign in" (standard) error * if we're signed in, but user is not in the context, gives a "there was no user in the context" error * if the user is an "Author", gives a "there are no available roles to assign" error * implemented hacky filter because when.js produces heisenbugs past 3.2.3 (when.filter not available) * added extra fixtures to `permissions.json`. Might need a migration. Caveats: * there are no tests * for some reason the setup functional test was failing for me locally
- Loading branch information
Showing
5 changed files
with
128 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
// # Posts API | ||
// RESTful API for the Post resource | ||
var when = require('when'), | ||
_ = require('lodash'), | ||
canThis = require('../permissions').canThis, | ||
dataProvider = require('../models'), | ||
errors = require('../errors'), | ||
|
||
roles; | ||
|
||
/** | ||
* ## Roles API Methods | ||
* | ||
* **See:** [API Methods](index.js.html#api%20methods) | ||
*/ | ||
roles = { | ||
/** | ||
* ### Browse | ||
* Find all roles | ||
* | ||
* Will return all roles that the current user is able to assign | ||
* | ||
* | ||
* @public | ||
* @param {{context, page, limit, status, staticPages, tag}} options (optional) | ||
* @returns {Promise(Roles)} Roles Collection | ||
*/ | ||
browse: function browse(options) { | ||
var permissionMap = []; | ||
options = options || {}; | ||
|
||
return canThis(options.context).browse.role().then(function () { | ||
return dataProvider.Role.findAll(options).then(function (foundRoles) { | ||
if (options.permissions === 'assign') { | ||
// Hacky implementation of filtering because when.filter is only available in when 3.4.0, | ||
// but that's buggy and kills other tests and introduces Heisenbugs. Until we turn everything | ||
// to Bluebird, this works. Sorry. | ||
// TODO: replace with better filter when bluebird lands | ||
_.each(foundRoles.toJSON(), function (role) { | ||
permissionMap.push(canThis(options.context).assign.role(role).then(function () { | ||
return role; | ||
}, function () { | ||
return null; | ||
})); | ||
}); | ||
|
||
return when.all(permissionMap).then(function (resolved) { | ||
return { roles: _.filter(resolved, function (role) { | ||
return role !== null; | ||
}) }; | ||
}).catch(errors.logAndThrowError); | ||
} | ||
return { roles: foundRoles.toJSON() }; | ||
}); | ||
}) | ||
.catch(errors.logAndThrowError); | ||
} | ||
}; | ||
|
||
module.exports = roles; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters