Skip to content

Commit

Permalink
Fix incorrect error
Browse files Browse the repository at this point in the history 
closes #3373
- added check if role is already assigned
- added check for unknown fields to fixDates/fixBools
- permissions are not implemented yet, so everyone is able to edit
owner ;-)
  • Loading branch information
@sebgie
sebgie committed Jul 24, 2014
1 parent 4968336 commit fa054a8
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 5 deletions.
7 changes: 5 additions & 2 deletions core/server/models/base.js
View file
Expand Up @@ -85,7 +85,9 @@ ghostBookshelf.Model = ghostBookshelf.Model.extend({
var self = this;

_.each(attrs, function (value, key) {
if (value !== null && schema.tables[self.tableName][key].type === 'dateTime') {
if (value !== null
&& schema.tables[self.tableName].hasOwnProperty(key)
&& schema.tables[self.tableName][key].type === 'dateTime') {
// convert dateTime value into a native javascript Date object
attrs[key] = moment(value).toDate();
}
Expand All @@ -98,7 +100,8 @@ ghostBookshelf.Model = ghostBookshelf.Model.extend({
fixBools: function (attrs) {
var self = this;
_.each(attrs, function (value, key) {
if (schema.tables[self.tableName][key].type === 'bool') {
if (schema.tables[self.tableName].hasOwnProperty(key)
&& schema.tables[self.tableName][key].type === 'bool') {
attrs[key] = value ? true : false;
}
});
Expand Down
15 changes: 12 additions & 3 deletions core/server/models/user.js
View file
Expand Up @@ -301,22 +301,31 @@ User = ghostBookshelf.Model.extend({
edit: function (data, options) {
var self = this,
adminRole,
ownerRole;
ownerRole,
roleId;

options = options || {};
options.withRelated = _.union([ 'roles' ], options.include);

return ghostBookshelf.Model.edit.call(this, data, options).then(function (user) {

if (data.roles) {
roleId = parseInt(data.roles[0].id || data.roles[0], 10);

if (user.id === options.context.user) {
return when.reject(new errors.ValidationError('You are not allowed to assign a new role to yourself'));
}
if (data.roles.length > 1) {
return when.reject(new errors.ValidationError('Only one role per user is supported at the moment.'));
}
return Role.findOne({id: data.roles[0].id || data.roles[0]}).then(function (role) {

return user.roles().fetch().then(function (roles) {
// return if the role is already assigned
if (roles.models[0].id === roleId) {
return user;
}
return Role.findOne({id: roleId});
}).then(function (role) {
if (role && role.get('name') === 'Owner') {
// Get admin and owner role
return Role.findOne({name: 'Administrator'}).then(function (result) {
Expand All @@ -339,7 +348,7 @@ User = ghostBookshelf.Model.extend({
});
} else {
// assign all other roles
return user.roles().updatePivot({role_id: data.roles[0].id || data.roles[0]});
return user.roles().updatePivot({role_id: roleId});
}
}).then(function () {
return self.findOne(user, options);
Expand Down

0 comments on commit fa054a8

Please sign in to comment.