Skip to content

Commit

Permalink
Merge pull request #40 from AdFabConnect/abe-users-core
Browse files Browse the repository at this point in the history 
Abe users core
  • Loading branch information
@gregorybesson
gregorybesson committed Nov 25, 2016
2 parents 78d2f90 + 2e18192 commit 949122f
Show file tree
Hide file tree
Showing 84 changed files with 3,331 additions and 211 deletions.
3 changes: 2 additions & 1 deletion .eslintignore
View file
@@ -1,3 +1,4 @@
src/server/public/libs
src/server/public/scripts/admin-compiled.js
src/server/public/scripts/template-engine-compiled.js
src/server/public/scripts/template-engine-compiled.js
src/server/public/scripts/user-login-compiled.js
37 changes: 37 additions & 0 deletions docs/handlebars-helpers/isAuthorized.md
View file
@@ -0,0 +1,37 @@
# Abe handlebars helpers

> Is user authorized for an action
### Example

if user authorized to call url `/abe/deleteAll` show button delete

{{#isAuthorized '/abe/deleteAll' @root.user.role.workflow}}
<div>
I can delete everything !
</div>
{{/isAuthorized}}

### Example of config into abe.json

```json
{
"users": {
"roles": [
{
"workflow":"CustomUser",
"name":"CustomUser"
}
{
"workflow":"admin",
"name":"Admin"
}
],
"routes": {
"admin": [],
"CustomUser": [
"\/abe\/deleteAll.*"
],
```

Because **CustomUser** has an entry with `\/abe\/deleteAll.*` he would not be allowed to call
1 change: 1 addition & 0 deletions dump.rdb
View file
@@ -0,0 +1 @@
REDIS0006�ܳC�Z��V
25 changes: 21 additions & 4 deletions package.json
View file
Expand Up @@ -15,20 +15,21 @@
"start": "node --debug --harmony ./dist/server/index.js",
"startpm2": "pm2 startOrRestart ./processes.json",
"babel": "babelify --presets [ es2015 ] src/server/public/scripts/template-engine.js -o src/server/public/scripts/template-engine-compiled.js",
"watch": "./node_modules/.bin/parallelshell './node_modules/.bin/watchify -v -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/template-engine.js -o src/server/public/scripts/template-engine-compiled.js' './node_modules/.bin/watchify -v -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/admin.js -o src/server/public/scripts/admin-compiled.js' 'npm run watch:sass'",
"watch": "./node_modules/.bin/parallelshell './node_modules/.bin/watchify -v -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/template-engine.js -o src/server/public/scripts/template-engine-compiled.js' './node_modules/.bin/watchify -v -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/admin.js -o src/server/public/scripts/admin-compiled.js' './node_modules/.bin/watchify -v -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/user-login.js -o src/server/public/scripts/user-login-compiled.js' 'npm run watch:sass'",
"watch:sass": "./node_modules/.bin/watch 'npm run sass' ./src/server/sass",
"babel-app": "node_modules/.bin/babel-node --presets es2015",
"build": "node_modules/.bin/babel-node --presets es2015 src/cli/build/template.js",
"mvasset": "mkdirp dist/server/public && cp -r src/server/locale dist/server && cp -r src/server/views dist/server && cp -r src/server/public/css dist/server/public && cp -r src/server/public/fonts dist/server/public && cp -r src/server/public/image dist/server/public",
"sass": "node ./src/tasks/sass.js",
"js:users": "browserify -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/user-login.js -o src/server/public/scripts/user-login-compiled.js",
"js:admin": "browserify -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/admin.js -o src/server/public/scripts/admin-compiled.js",
"js:engine": "browserify -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/template-engine.js -o src/server/public/scripts/template-engine-compiled.js",
"build:front": "npm run js:admin && npm run js:engine && npm run sass",
"build:front": "npm run js:admin && npm run js:users && npm run js:engine && npm run sass",
"build:scripts": "npm run build:front && ./node_modules/.bin/babel --presets es2015,stage-0 -d dist/server src/server/ && ./node_modules/.bin/babel --presets es2015,stage-0 -d dist/cli src/cli/ && npm run mvasset",
"compile": "./node_modules/.bin/babel --presets es2015,stage-0 -d dist/ src/ && cp -r src/cli/core/config/config.json dist/cli/core/config/config.json",
"watchdev": "npm run build:front && npm run compile && npm run mvasset && nodemon --debug --exec npm run compile && npm run mvasset --kill-others",
"startdev": "npm run build:front && npm run compile && npm run mvasset && node src/tasks/nodemon.js & npm run watch --kill-others",
"startdevOnly": "npm run js:admin && npm run js:engine && node src/tasks/nodemon.js & npm run watch --kill-others"
"startdevOnly": "npm run js:admin && npm run js:users && npm run js:engine && node src/tasks/nodemon.js & npm run watch --kill-others"
},
"author": "Adfab Connect",
"license": "ISC",
Expand Down Expand Up @@ -75,7 +76,23 @@
"uuid": "^3.0.0",
"watch": "^1.0.1",
"which": "^1.2.11",
"xss": "^0.2.10"
"xss": "^0.2.10",
"bcrypt-nodejs": "0.0.3",
"connect-flash": "^0.1.1",
"cookie-parser": "^1.4.1",
"cookies": "^0.6.1",
"csurf": "^1.8.3",
"jwt-simple": "^0.4.1",
"oauth2orize": "^1.2.2",
"owasp-password-strength-test": "^1.3.0",
"passport": "^0.3.2",
"passport-http": "^0.3.0",
"passport-http-bearer": "^1.0.1",
"passport-local": "^1.0.0",
"passport-oauth2-client-password": "^0.1.2",
"ratelimiter": "^2.1.3",
"redis": "^2.6.0-1",
"smtp-server": "^1.11.1"
},
"devDependencies": {
"babel": "^6.3.26",
Expand Down
37 changes: 19 additions & 18 deletions src/cli/cms/editor/handlebars/listPage.js
View file
Expand Up @@ -3,6 +3,7 @@ import moment from 'moment'
import {
math
,abeExtend
,config
} from '../../../'

export default function listPage(file, index, text) {
Expand All @@ -13,7 +14,7 @@ export default function listPage(file, index, text) {
res += '<tr>'
res += `<td>${math(index, '+', 1)}</td>
<td>
<a href="/abe${file.abe_meta.link}" class="file-path">
<a href="/abe/editor${file.abe_meta.link}" class="file-path">
${file.abe_meta.link}
</a>
</td>`
Expand All @@ -38,27 +39,27 @@ export default function listPage(file, index, text) {

var workflow = ''

workflow += '<td align="center" class="draft">'
if(file.draft != null) {
if((file.publish == null)
|| (file.publish && file.publish.date < file.draft.date)) {
workflow += `<a href="/abe${file.draft.html}" class="label label-default label-draft" title="${file.draft.cleanDate}">draft</a>`
}else {
workflow += `<a href="/abe${file.draft.html}" class="hidden label label-default label-draft" title="${file.draft.cleanDate}">draft</a>`
var status = file.abe_meta.status
var workflowUser = config.users.workflow
Array.prototype.forEach.call(workflowUser, (flow) => {
var hidden = ''
if(status !== flow) {
hidden = 'hidden'
}
}else {
workflow += `<a href="/abe${file.abe_meta.link}" class="hidden label label-default label-draft" title="${file.cleanDate}">draft</a>`
}

workflow += '</td>'
workflow += '<td align="center" class="publish">'
workflow += `<td align="center" class="${flow}">`
if(file[flow]) {
if (flow === 'publish') {
workflow += `<a href="/abe/editor${file[flow].html}" class="checkmark label-published" title="${file[flow].cleanDate}">&#10004;</a>`
}else {
workflow += `<a href="/abe/editor${file[flow].html}" class="${hidden} label label-default label-draft" title="${file[flow].cleanDate}">${flow}</a>`
}
}else {

if (file.publish){
workflow += `<a href="/abe${file.publish.html}" class="checkmark label-published" title="${file.publish.cleanDate}">&#10004;</a>`
}
workflow += '</td>'
}
workflow += '</td>'
})

workflow = abeExtend.hooks.instance.trigger('afterListPageDraft', workflow, file, index, text)
res += workflow

res += `<td align="center">
Expand Down
18 changes: 13 additions & 5 deletions src/cli/cms/editor/handlebars/printBlock.js
View file
@@ -1,10 +1,15 @@
import printInput from './printInput'
import abeEngine from './abeEngine'

export default function printBlock (ctx, obj) {
import {
config
,cmsTemplates
} from '../../../../cli'

export default function printBlock (ctx, root) {
var res = ''
var precontrib = false
if (obj.data.root.precontrib != null && obj.data.root.precontrib === 'true') {
if (root.precontrib != null && root.precontrib === 'true') {
precontrib = true
}

Expand All @@ -14,7 +19,7 @@ export default function printBlock (ctx, obj) {
<div class='single-block well well-sm'>`
Array.prototype.forEach.call(ctx, (item) => {
if (precontrib) item.value = ''
res += printInput(item)
res += printInput(item, root)
})
res += '</div></div>'
}else if(ctx[0].key.indexOf('[') > -1) {
Expand Down Expand Up @@ -56,7 +61,7 @@ export default function printBlock (ctx, obj) {
`
Array.prototype.forEach.call(arrItem[i], (item) => {
if (precontrib) item.value = ''
res += printInput(item)
res += printInput(item, root)
})
res += '</div></div>'
})
Expand All @@ -66,7 +71,10 @@ export default function printBlock (ctx, obj) {
</div>`
}else {
if (precontrib) ctx[0].value = ''
res += printInput(ctx[0])
res += printInput(ctx[0], root)
}

// var template = cmsTemplates.Handlebars.compile(res)
// return new cmsTemplates.Handlebars.SafeString(template(ctx, {data: {intl: config.intlData}}))
return res
}
26 changes: 21 additions & 5 deletions src/cli/cms/editor/handlebars/printInput.js
View file
Expand Up @@ -2,15 +2,16 @@ import sourceAutocomplete from './sourceAutocomplete'
import sourceOption from './sourceOption'
import {
abeExtend
,User
} from '../../../'

/**
* Print form input based on input data type {Textarea | text | meta | link | image | ...}
* && add appropriate attributs / data-attributs
* @return {String|html} input / input group ...
*/
export default function printInput () {
var params = arguments[0]
export default function printInput (params, root) {
// var params = arguments[0]
params = abeExtend.hooks.instance.trigger('beforeEditorInput', params)

var desc = params.desc + ((params.required) ? ' *' : '')
Expand All @@ -32,6 +33,18 @@ export default function printInput () {

if(typeof params.value === 'string') params.value = params.value.replace(/\"/g, '&quot;')

var userWorkflow = ""
if (root.user != null) {
userWorkflow = root.user.role.workflow
}

var disabled = ''
if (!User.utils.isUserAllowedOnRoute(userWorkflow, `/abe/save/${params.status}/edit`)) {
disabled = 'disabled="disabled"'
}
if (params.tab == 'slug') {
disabled = ''
}
var inputClass = 'form-control form-abe'
var commonParams = `id="${params.key}"
data-id="${params.key}"
Expand All @@ -43,7 +56,8 @@ export default function printInput () {
data-display="${params.display}"
data-visible="${params.visible}"
data-autocomplete="${params.autocomplete}"
placeholder="${params.placeholder}"`
placeholder="${params.placeholder}"
${disabled}`

if(params.source != null) {
commonParams = `id="${params.key}"
Expand All @@ -55,7 +69,8 @@ export default function printInput () {
data-display="${params.display}"
data-visible="${params.visible}"
data-autocomplete="${params.autocomplete}"
placeholder="${params.placeholder}"`
placeholder="${params.placeholder}"
${disabled}`

var multiple = ''
disabled = ''
Expand Down Expand Up @@ -123,7 +138,8 @@ export default function printInput () {
data-display="${params.display}"
data-visible="${params.visible}"
data-autocomplete="${params.autocomplete}"
placeholder="${params.placeholder}"`
placeholder="${params.placeholder}"
${disabled}`

res += `<div class="wysiwyg-container rich">
<div class="wysiwyg-toolbar wysiwyg-toolbar-top">
Expand Down
1 change: 0 additions & 1 deletion src/cli/cms/operations/create.js
View file
Expand Up @@ -3,7 +3,6 @@ import {
coreUtils,
cmsTemplates,
cmsOperations,
config,
abeExtend,
cmsData
} from '../../'
Expand Down
18 changes: 16 additions & 2 deletions src/cli/cms/operations/post.js
View file
Expand Up @@ -126,17 +126,31 @@ export function unpublish(filePath) {
return p
}

export function reject(filePath, json) {
export function reject(filePath, json, workflow) {
abeExtend.hooks.instance.trigger('beforeReject', filePath)

var rejectToWorkflow
var found = false
Array.prototype.forEach.call(config.users.workflow, (flow) => {
if (workflow === flow) {
found = true
}
if (!found) {
rejectToWorkflow = flow
}
})
if (!found) {
rejectToWorkflow = 'draft'
}

var p = new Promise((resolve) => {
if(json.abe_meta.publish != null) {
delete json.abe_meta.publish
}
var p2 = draft(
filePath,
json,
'draft'
rejectToWorkflow
)
p2.then((result) => {
abeExtend.hooks.instance.trigger('afterReject', result)
Expand Down
5 changes: 5 additions & 0 deletions src/cli/cms/templates/handlebars/concat.js
View file
@@ -0,0 +1,5 @@
export default function concat() {
var arg = Array.prototype.slice.call(arguments,0)
arg.pop()
return arg.join('')
}
26 changes: 26 additions & 0 deletions src/cli/cms/templates/handlebars/getCurrentuserRole.js
View file
@@ -0,0 +1,26 @@
import Cookies from 'cookies'
import jwt from 'jwt-simple'

import {
config,
User
} from '../../../'

/**
* Handlebars helper, to print className and escape it string
*/
export default function getCurrentuserRole(obj) {
if(typeof obj.express !== 'undefined' && obj.express !== null) {
var cookies = new Cookies(obj.express.req, obj.express.res, {
secure: config.cookie.secure
})
var token = cookies.get('x-access-token')
if(typeof token !== 'undefined' && token !== null && token !== '') {
var secret = config.users.secret
var decoded = jwt.decode(token, secret)
var user = User.utils.findSync(decoded.iss)
return user.role.workflow
}
}
return ''
}
15 changes: 15 additions & 0 deletions src/cli/cms/templates/handlebars/isAuthorized.js
View file
@@ -0,0 +1,15 @@
import {
config,
User
} from '../../../'

/**
* Handlebars helper, to print className and escape it string
*/
export default function isAuthorized(route, role, ctx) {
if (User.utils.isUserAllowedOnRoute(role, route)) {
return ctx.fn(this)
}else {
return ctx.inverse(this)
}
}

0 comments on commit 949122f

Please sign in to comment.