Merge pull request #5445 from cobbspur/canHelper

Hide Nav Settings based on permissions
This commit is contained in:
Jason Williams 2015-06-17 14:47:15 -05:00
commit e7398b0694
3 changed files with 125 additions and 9 deletions

View File

@ -0,0 +1,17 @@
import Ember from 'ember';
// Handlebars Helper {{gh-user-can}}
// Usage: call helper as with first parameter of session.user and second parameter the minimum role
// e.g - {{#if (gh-user-can session.user 'admin')}} 'block content' {{/if}}
// @param1 session.user
// @param2 'admin' or 'editor'
export function ghUserCan(params) {
if (params[1] === 'admin') {
return !!(params[0].get('isOwner') || params[0].get('isAdmin'));
} else if (params[1] === 'editor') {
return !!(params[0].get('isOwner') || params[0].get('isAdmin') || params[0].get('isEditor'));
}
return false;
}
export default Ember.HTMLBars.makeBoundHelper(ghUserCan);

View File

@ -27,6 +27,7 @@
<li>{{#link-to "settings.users" classNames="gh-nav-main-users"}}<i class="icon-team"></i>Team{{/link-to}}</li>
{{!<li><a href="#"><i class="icon-idea"></i>Ideas</a></li>}}
</ul>
{{#if (gh-user-can session.user 'admin')}}
<ul class="gh-nav-list gh-nav-settings">
<li class="gh-nav-list-h">Settings</li>
<li>{{#link-to "settings.general" classNames="gh-nav-settings-general"}}<i class="icon-settings"></i>General{{/link-to}}</li>
@ -36,6 +37,7 @@
<li>{{#link-to "settings.code-injection" classNames="gh-nav-settings-code-injection"}}<i class="icon-code"></i>Code Injection{{/link-to}}</li>
<li>{{#link-to "settings.labs" classNames="gh-nav-settings-labs"}}<i class="icon-apps"></i>Labs{{/link-to}}</li>
</ul>
{{/if}}
</section>
<footer class="gh-nav-footer">
{{gh-menu-toggle desktopAction="toggleAutoNav" mobileAction="closeMobileMenu"}}

View File

@ -0,0 +1,97 @@
import {
describeModule,
it
} from 'ember-mocha';
import {
ghUserCan
} from 'ghost/helpers/gh-user-can';
describe ('GhUserCanHelper', function () {
// Mock up roles and test for truthy
describe ('Owner role', function () {
var user = {get: function (role) {
if (role === 'isOwner') {
return true;
} else if (role === 'isAdmin') {
return false;
} else if (role === 'isEditor') {
return false;
}
}
};
it(' - can be Admin', function () {
var result = ghUserCan([user, 'admin']);
expect(result).to.equal(true);
});
it(' - can be Editor', function () {
var result = ghUserCan([user, 'editor']);
expect(result).to.equal(true);
});
});
describe ('Administrator role', function () {
var user = {
get: function (role) {
if (role === 'isOwner') {
return false;
} else if (role === 'isAdmin') {
return true;
} else if (role === 'isEditor') {
return false;
}
}
};
it(' - can be Admin', function () {
var result = ghUserCan([user, 'admin']);
expect(result).to.equal(true);
});
it(' - can be Editor', function () {
var result = ghUserCan([user, 'editor']);
expect(result).to.equal(true);
});
});
describe ('Editor role', function () {
var user = {
get: function (role) {
if (role === 'isOwner') {
return false;
} else if (role === 'isAdmin') {
return false;
} else if (role === 'isEditor') {
return true;
}
}
};
it(' - cannot be Admin', function () {
var result = ghUserCan([user, 'admin']);
expect(result).to.equal(false);
});
it(' - can be Editor', function () {
var result = ghUserCan([user, 'editor']);
expect(result).to.equal(true);
});
});
describe ('Author role', function () {
var user = {
get: function (role) {
if (role === 'isOwner') {
return false;
} else if (role === 'isAdmin') {
return false;
} else if (role === 'isEditor') {
return false;
}
}
};
it(' - cannot be Admin', function () {
var result = ghUserCan([user, 'admin']);
expect(result).to.equal(false);
});
it(' - cannot be Editor', function () {
var result = ghUserCan([user, 'editor']);
expect(result).to.equal(false);
});
});
});