TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-11-27 10:42:45 +03:00
Code Issues Projects Releases Wiki Activity

Added comment CRUD+Moderate permissions

Browse Source 
refs: https://github.com/TryGhost/Team/issues/1664

- added permissions for comments, including updating test fixtures

Co-authored-by: Simon Backx <simon@ghost.org>
This commit is contained in:
Kevin Ansfield 2022-07-05 15:18:56 +02:00 committed by Hannah Wolfe
parent b88212b603
commit fc381b7626
6 changed files with 175 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
core/server/data/migrations/versions/5.3/2022-07-05-12-55-add-comments-crud-permissions.js Normal file
View File

@ -0,0 +1,68 @@
const {combineTransactionalMigrations, addPermissionWithRoles} = require('../../utils');
module.exports = combineTransactionalMigrations(
addPermissionWithRoles({
name: 'Browse comments',
action: 'browse',
object: 'comment'
}, [
'Administrator',
'Admin Integration'
]),
addPermissionWithRoles({
name: 'Read comments',
action: 'read',
object: 'comment'
}, [
'Administrator',
'Admin Integration'
]),
addPermissionWithRoles({
name: 'Edit comments',
action: 'edit',
object: 'comment'
}, [
'Administrator',
'Admin Integration'
]),
addPermissionWithRoles({
name: 'Add comments',
action: 'add',
object: 'comment'
}, [
'Administrator',
'Admin Integration'
]),
addPermissionWithRoles({
name: 'Delete comments',
action: 'destroy',
object: 'comment'
}, [
'Administrator',
'Admin Integration'
]),
addPermissionWithRoles({
name: 'Moderate comments',
action: 'moderate',
object: 'comment'
}, [
'Administrator',
'Admin Integration'
]),
addPermissionWithRoles({
name: 'Like comments',
action: 'like',
object: 'comment'
}, [
'Administrator',
'Admin Integration'
]),
addPermissionWithRoles({
name: 'Unlike comments',
action: 'unlike',
object: 'comment'
}, [
'Administrator',
'Admin Integration'
])
);

46
core/server/data/schema/fixtures/fixtures.json
View File

@ -570,6 +570,46 @@
"name": "Edit newsletters",
"action_type": "edit",
"object_type": "newsletter"
},
{
"name": "Browse comments",
"action_type": "browse",
"object_type": "comment"
},
{
"name": "Read comments",
"action_type": "read",
"object_type": "comment"
},
{
"name": "Edit comments",
"action_type": "edit",
"object_type": "comment"
},
{
"name": "Add comments",
"action_type": "add",
"object_type": "comment"
},
{
"name": "Delete comments",
"action_type": "destroy",
"object_type": "comment"
},
{
"name": "Moderate comments",
"action_type": "moderate",
"object_type": "comment"
},
{
"name": "Like comments",
"action_type": "like",
"object_type": "comment"
},
{
"name": "Unlike comments",
"action_type": "unlike",
"object_type": "comment"
}
]
},
@ -695,7 +735,8 @@
"authentication": "resetAllPasswords",
"members_stripe_connect": "auth",
"newsletter": "all",
"explore": "read"
"explore": "read",
"comment": "all"
},
"DB Backup Integration": {
"db": "all"
@ -728,7 +769,8 @@
"product": ["browse", "read", "add", "edit"],
"offer": ["browse", "read", "add", "edit"],
"newsletter": ["browse", "read", "add", "edit"],
"explore": "read"
"explore": "read",
"comment": "all"
},
"Editor": {
"notification": "all",

13
test/integration/migrations/migration.test.js
View File

@ -45,7 +45,7 @@ describe('Database Migration (special functions)', function () {
const permissions = this.obj;
// If you have to change this number, please add the relevant `havePermission` checks below
permissions.length.should.eql(97);
permissions.length.should.eql(105);
permissions.should.havePermission('Export database', ['Administrator', 'DB Backup Integration']);
permissions.should.havePermission('Import database', ['Administrator', 'DB Backup Integration']);
@ -169,6 +169,15 @@ describe('Database Migration (special functions)', function () {
permissions.should.havePermission('Add newsletters', ['Administrator', 'Admin Integration']);
permissions.should.havePermission('Read explore data', ['Administrator', 'Admin Integration', 'Ghost Explore Integration']);
permissions.should.havePermission('Browse comments', ['Administrator', 'Admin Integration']);
permissions.should.havePermission('Read comments', ['Administrator', 'Admin Integration']);
permissions.should.havePermission('Edit comments', ['Administrator', 'Admin Integration']);
permissions.should.havePermission('Add comments', ['Administrator', 'Admin Integration']);
permissions.should.havePermission('Delete comments', ['Administrator', 'Admin Integration']);
permissions.should.havePermission('Moderate comments', ['Administrator', 'Admin Integration']);
permissions.should.havePermission('Like comments', ['Administrator', 'Admin Integration']);
permissions.should.havePermission('Unlike comments', ['Administrator', 'Admin Integration']);
});
describe('Populate', function () {
@ -227,7 +236,7 @@ describe('Database Migration (special functions)', function () {
result.roles.at(8).get('name').should.eql('Scheduler Integration');
// Permissions
result.permissions.length.should.eql(97);
result.permissions.length.should.eql(105);
result.permissions.toJSON().should.be.CompletePermissions();
});
});

13
test/unit/server/data/schema/fixtures/fixture-manager.test.js
View File

@ -199,20 +199,21 @@ describe('Migration Fixture Utils', function () {
const rolesAllStub = sinon.stub(models.Role, 'findAll').returns(Promise.resolve(dataMethodStub));
fixtureManager.addFixturesForRelation(fixtures.relations[0]).then(function (result) {
const FIXTURE_COUNT = 94;
should.exist(result);
result.should.be.an.Object();
result.should.have.property('expected', 92);
result.should.have.property('done', 92);
result.should.have.property('expected', FIXTURE_COUNT);
result.should.have.property('done', FIXTURE_COUNT);
// Permissions & Roles
permsAllStub.calledOnce.should.be.true();
rolesAllStub.calledOnce.should.be.true();
dataMethodStub.filter.callCount.should.eql(92);
dataMethodStub.filter.callCount.should.eql(FIXTURE_COUNT);
dataMethodStub.find.callCount.should.eql(8);
baseUtilAttachStub.callCount.should.eql(92);
baseUtilAttachStub.callCount.should.eql(FIXTURE_COUNT);
fromItem.related.callCount.should.eql(92);
fromItem.find.callCount.should.eql(92);
fromItem.related.callCount.should.eql(FIXTURE_COUNT);
fromItem.find.callCount.should.eql(FIXTURE_COUNT);
done();
}).catch(done);

2
test/unit/server/data/schema/integrity.test.js
View File

@ -36,7 +36,7 @@ const validateRouteSettings = require('../../../../../core/server/services/route
describe('DB version integrity', function () {
// Only these variables should need updating
const currentSchemaHash = 'c85378b0bbd7d5eeb1fff39796c30886';
const currentFixturesHash = '1d6562a1963a9b9d10d06070d537f11f';
const currentFixturesHash = 'ec7487f1ffbe64ede499cc053b915bac';
const currentSettingsHash = 'd54210758b7054e2174fd34aa2320ad7';
const currentRoutesHash = '3d180d52c663d173a6be791ef411ed01';

46
test/utils/fixtures/fixtures.json
View File

@ -570,6 +570,46 @@
"name": "Edit newsletters",
"action_type": "edit",
"object_type": "newsletter"
},
{
"name": "Browse comments",
"action_type": "browse",
"object_type": "comment"
},
{
"name": "Read comments",
"action_type": "read",
"object_type": "comment"
},
{
"name": "Edit comments",
"action_type": "edit",
"object_type": "comment"
},
{
"name": "Add comments",
"action_type": "add",
"object_type": "comment"
},
{
"name": "Delete comments",
"action_type": "destroy",
"object_type": "comment"
},
{
"name": "Moderate comments",
"action_type": "moderate",
"object_type": "comment"
},
{
"name": "Like comments",
"action_type": "like",
"object_type": "comment"
},
{
"name": "Unlike comments",
"action_type": "unlike",
"object_type": "comment"
}
]
},
@ -868,7 +908,8 @@
"authentication": "resetAllPasswords",
"members_stripe_connect": "auth",
"newsletter": "all",
"explore": "read"
"explore": "read",
"comment": "all"
},
"DB Backup Integration": {
"db": "all"
@ -901,7 +942,8 @@
"product": ["browse", "read", "add", "edit"],
"offer": ["browse", "read", "add", "edit"],
"newsletter": ["browse", "read", "add", "edit"],
"explore": "read"
"explore": "read",
"comment": "all"
},
"Editor": {
"notification": "all",