enhancement: invert user role

abecms · Nov 24, 2016 · fc65b3b · fc65b3b
1 parent 059ae3d
commit fc65b3b
Show file tree

Hide file tree

Showing 18 changed files with 39 additions and 49 deletions.
diff --git a/src/cli/cms/editor/handlebars/listPage.js b/src/cli/cms/editor/handlebars/listPage.js
@@ -14,7 +14,7 @@ export default function listPage(file, index, text) {
   res += '<tr>'
   res += `<td>${math(index, '+', 1)}</td>
         <td>
-          <a href="/abe${file.abe_meta.link}" class="file-path">
+          <a href="/abe/editor${file.abe_meta.link}" class="file-path">
             ${file.abe_meta.link}
           </a>
         </td>`
@@ -50,9 +50,9 @@ export default function listPage(file, index, text) {
     workflow += `<td align="center" class="${flow}">`
     if(file[flow]) {
       if (flow === 'publish') {
-        workflow += `<a href="/abe${file[flow].html}" class="checkmark label-published" title="${file[flow].cleanDate}">&#10004;</a>`
+        workflow += `<a href="/abe/editor${file[flow].html}" class="checkmark label-published" title="${file[flow].cleanDate}">&#10004;</a>`
       }else {
-        workflow += `<a href="/abe${file[flow].html}" class="${hidden} label label-default label-draft" title="${file[flow].cleanDate}">${flow}</a>`
+        workflow += `<a href="/abe/editor${file[flow].html}" class="${hidden} label label-default label-draft" title="${file[flow].cleanDate}">${flow}</a>`
       }
     }else {
 

diff --git a/src/cli/cms/templates/handlebars/isAuthorized.js b/src/cli/cms/templates/handlebars/isAuthorized.js
@@ -7,19 +7,7 @@ import {
  * Handlebars helper, to print className and escape it string
  */
 export default function isAuthorized(route, role, ctx) {
-  var isAuthorized = true
-
-  if (config.users.enable) {
-    var allowedRoutes = User.utils.getUserRoutes(role)
-    Array.prototype.forEach.call(allowedRoutes, (allowedRoute) => {
-      var reg = new RegExp(allowedRoute)
-      if (reg.test(route)) {
-        isAuthorized = false
-      }
-    })
-  }
-
-  if (isAuthorized) {
+  if (User.utils.isUserAllowedOnRoute(role, route)) {
     return ctx.fn(this)
   }else {
     return ctx.inverse(this)

diff --git a/src/cli/users/utils.js b/src/cli/users/utils.js
@@ -190,21 +190,23 @@ export function getTokenFromCookies(req, res) {
   return cookies.get('x-access-token')
 }
 
-export function isUserAllowedOnRoute(user, currentRoute) {
-  var isAllowed = true
+export function isUserAllowedOnRoute(workflow, currentRoute) {
+  var isAllowed = false
 
-  if (user != null) {
+  if (currentRoute.indexOf('abe/') === -1) {
+    isAllowed = true
+  }
+
+  if (workflow != null) {
     var routes = config.users.routes
-    if(typeof routes[user.role.workflow] !== 'undefined' && routes[user.role.workflow] !== null) {
-      Array.prototype.forEach.call(routes[user.role.workflow], (route) => {
+    if(typeof routes[workflow] !== 'undefined' && routes[workflow] !== null) {
+      Array.prototype.forEach.call(routes[workflow], (route) => {
         var reg = new RegExp(route)
         if(reg.test(currentRoute)) {
-          isAllowed = false
+          isAllowed = true
         }
       })
     }
-  }else {
-    isAllowed = false
   }
 
   return isAllowed

diff --git a/src/server/app.js b/src/server/app.js
@@ -42,7 +42,7 @@ import {
   middleWebsite,
   middleLogin,
   middleCheckCsrf,
-  middleIsAllowed
+  middleIsAuthorized
 } from './middlewares'
 
 var abePort = null
@@ -150,7 +150,7 @@ app.set('view engine', '.html')
 
 app.locals.layout = false
 
-app.use(middleIsAllowed)
+app.use(middleIsAuthorized)
 app.use(middleLogin)
 app.use(middleWebsite)
 app.use(middleCheckCsrf)

diff --git a/src/server/controllers/index.js b/src/server/controllers/index.js
@@ -9,9 +9,7 @@ import {
   ,getMain
   ,getPage
   ,postPage
-  // ,postPublish
   ,getGeneratePost
-  // ,postDraft
   ,operations
   ,getSaveConfig
   ,getUnpublish
@@ -61,6 +59,8 @@ router.get('/abe/delete*', getDelete)
 router.get('/abe/reference/*', getReference)
 router.post('/abe/upload/*', postUpload)
 router.post('/abe/reference/*', postReference)
+router.get('/abe/editor*', getMain)
+
 router.get('/abe/list-url*', function (req, res, next) {
   getListUrl(router, req, res, next) 
 })
@@ -110,7 +110,6 @@ Array.prototype.forEach.call(routes, (route) => {
     })
   }
 })
-router.get('/abe*', getMain)
 // router.get('/abe*', getMain)
 
 abeExtend.hooks.instance.trigger('afterAddRoute', router)

diff --git a/src/server/middlewares/index.js b/src/server/middlewares/index.js
@@ -1,11 +1,11 @@
 import middleWebsite from './website'
 import middleLogin from './login'
 import middleCheckCsrf from './checkCsrf'
-import middleIsAllowed from './isUserAllowed'
+import middleIsAuthorized from './isAuthorized'
 
 export {
 	middleWebsite,
 	middleLogin,
 	middleCheckCsrf,
-	middleIsAllowed
+	middleIsAuthorized
 }
diff --git a/src/server/middlewares/isUserAllowed.js → src/server/middlewares/isAuthorized.js b/src/server/middlewares/isUserAllowed.js → src/server/middlewares/isAuthorized.js
@@ -24,7 +24,7 @@ var middleware = function(req, res, next) {
   var decoded = User.utils.decodeUser(req, res)
   var user = User.utils.findSync(decoded.iss)
 
-  if (User.utils.isUserAllowedOnRoute(user, req.url)) {
+  if (user != null && User.utils.isUserAllowedOnRoute(user.role.workflow, req.url)) {
     res.user = user
     next()
   }else {

diff --git a/src/server/middlewares/website.js b/src/server/middlewares/website.js
@@ -8,7 +8,7 @@ import {
 } from '../../cli'
 
 var middleware = function(req, res, next) {
-  if (req.originalUrl.indexOf('/abe/') > -1 || req.originalUrl.indexOf('/plugin/') > -1) {
+  if (req.originalUrl.indexOf('/abe/') > -1) {
     return next()
   }
 
@@ -25,7 +25,7 @@ var middleware = function(req, res, next) {
     var files = coreUtils.file.getFilesSync(pathWebsite, false)
     var folders = coreUtils.file.getFoldersSync(pathWebsite, false)
     var html = '<ul>'
-    html += '<li><a href="/abe/">abe</abe></li>'
+    html += '<li><a href="/abe/editor">abe</abe></li>'
     html += '<br />'
     if (req.originalUrl !== '/' && req.originalUrl !== '') {
       var parent = req.originalUrl.replace(/\/$/, '').split('/')

diff --git a/src/server/public/scripts/modules/FormCreate.js b/src/server/public/scripts/modules/FormCreate.js
@@ -230,7 +230,7 @@ export default class FormCreate {
             this._isSaving = false
             var jsonRes = JSON.parse(responseText)
             if (jsonRes.success == 1 && jsonRes.json != null && jsonRes.json.abe_meta != null) {
-              window.location.href = window.location.origin + '/abe' + jsonRes.json.abe_meta.link
+              window.location.href = window.location.origin + '/abe/editor' + jsonRes.json.abe_meta.link
             }else {
               alert('error')
             }

diff --git a/src/server/routes/get-main.js b/src/server/routes/get-main.js
@@ -74,7 +74,7 @@ function renderAbeAdmin(EditorVariables, obj, filePath) {
 }
 
 var route = function(req, res, next) {
-  var filePath = req.originalUrl.replace('/abe', '')
+  var filePath = req.originalUrl.replace('/abe/editor', '')
   if (filePath === '' || filePath === '/') {
     filePath = null
   }
@@ -108,7 +108,7 @@ var route = function(req, res, next) {
     },
     filename: fileName,
     folderPath: folderPath,
-    abeUrl: '/abe/',
+    abeUrl: '/abe/editor/',
     isHome: isHome,
     config: config,
     Locales: coreUtils.locales.instance.i18n,
@@ -130,7 +130,7 @@ var route = function(req, res, next) {
       }
 
       if(jsonPath === null || !coreUtils.file.exist(jsonPath)) { 
-        res.redirect('/abe/') 
+        res.redirect('/abe/editor') 
         return 
       }
 

diff --git a/src/server/routes/users/post/login.js b/src/server/routes/users/post/login.js
@@ -63,7 +63,7 @@ var route = function(req, res, next) {
       })
       cookies.set( 'x-access-token', token )
 
-      res.redirect('/abe/')
+      res.redirect('/abe/editor/')
     })(req, res, next)
 }
 

diff --git a/src/server/views/list-hooks.html b/src/server/views/list-hooks.html
@@ -11,7 +11,7 @@
 
   <div class="user-list row col-xs-offset-1 col-xs-10">
     <ol class="breadcrumb">
-      <li><a href="/abe/">Home</a></li>
+      <li><a href="/abe/editor">Home</a></li>
       <li class="active">Hooks list</li>
     </ol>
 

diff --git a/src/server/views/list-url.html b/src/server/views/list-url.html
@@ -11,7 +11,7 @@
 
   <div class="user-list row col-xs-offset-1 col-xs-10">
     <ol class="breadcrumb">
-      <li><a href="/abe/">Home</a></li>
+      <li><a href="/abe/editor/">Home</a></li>
       <li class="active">Url list</li>
     </ol>
 

diff --git a/src/server/views/partials/right-revisions.html b/src/server/views/partials/right-revisions.html
@@ -17,7 +17,7 @@
   <ul class="list-group">
   {{#each manager.file.revision}}
     <li class="list-group-item">
-      <a href="/abe/{{this.template}}?filePath={{this.filePath}}" class="version">
+      <a href="/abe/editor/{{this.template}}?filePath={{this.filePath}}" class="version">
         {{@root.text.version}} {{this.version}}
         <span class="label label-default label-{{this.publishedDate}} pull-right">
           {{this.duration}}

diff --git a/src/server/views/users/users-list.html b/src/server/views/users/users-list.html
@@ -11,7 +11,7 @@
 
   <div class="user-list row col-xs-offset-1 col-xs-10">
     <ol class="breadcrumb">
-      <li><a href="/abe/">Home</a></li>
+      <li><a href="/abe/editor/">Home</a></li>
       <li class="active">User list</li>
     </ol>
 

diff --git a/test/fixtures/abe.json b/test/fixtures/abe.json
@@ -12,8 +12,11 @@
       "test"
     ],
     "routes": {
-      "review": [
+      "admin": [
         "/abe.*"
+      ],
+      "review": [
+        "/abe/test.*"
       ]
     }
   }

diff --git a/test/fixtures/templates/isAuthorized.html b/test/fixtures/templates/isAuthorized.html
@@ -1,3 +1,3 @@
-{{#isAuthorized '/abe' 'review'}}
+{{#isAuthorized '/abe/truc' 'review'}}
 test
 {{/isAuthorized}}
diff --git a/test/users.js b/test/users.js
@@ -402,12 +402,10 @@ describe('users', function() {
 
     // test
     var user = JSON.parse(JSON.stringify(this.fixture.users))[0]
-    var res = User.utils.isUserAllowedOnRoute(user, "/abe/test")
+    var res = User.utils.isUserAllowedOnRoute("admin", "/abe/test")
     chai.expect(res).to.be.equal(true)
 
-    user.role.workflow = "review"
-    user.role.name = "review"
-    var res = User.utils.isUserAllowedOnRoute(user, "/abe")
+    var res = User.utils.isUserAllowedOnRoute("review", "/abe/truc")
     chai.expect(res).to.be.equal(false)
 
     // unstub