mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-18 07:51:55 +03:00
506a0c3e9e
no issue * Comment current state of toJSON for user model - currently the user model does not return the email if the context is app/external/public OR if there is no context object at all - i am not 100% sure why if there is no context we should not return the email address - i think no context means internal access - maybe change this condition cc @ErisDS * Extend our access rules plugin - we already have a instance method to determine which context is used - this relies on passing options into `.forge` - but we almost never pass the context into the forge call - added @TODO - provide another static method to determine the context based on the options object passed from outside * Use the new static function for existing code * Add comment where the external context is used * Remove certain fields from a public request (User model only) * Tests: support `checkResponse` for a public request - start with an optional option pattern - i would love to get rid of checkResponse('user', null, null, null) - still support old style for now - a resoure can define the default response fields and public response fields * Tests: adapt public api test * Tests: adapt api user test - use new option pattern for `checkResponse` - eww null, null, null, null.... * Revert the usage of the access rules plugin
41 lines
1.1 KiB
JavaScript
41 lines
1.1 KiB
JavaScript
/**
|
|
* Parse Context
|
|
*
|
|
* Utility function, to expand strings out into objects.
|
|
* @param {Object|String} context
|
|
* @return {{internal: boolean, external: boolean, user: integer|null, app: integer|null, public: boolean}}
|
|
*/
|
|
module.exports = function parseContext(context) {
|
|
// Parse what's passed to canThis.beginCheck for standard user and app scopes
|
|
var parsed = {
|
|
internal: false,
|
|
external: false,
|
|
user: null,
|
|
app: null,
|
|
public: true
|
|
};
|
|
|
|
// NOTE: We use the `external` context for subscribers only at the moment.
|
|
if (context && (context === 'external' || context.external)) {
|
|
parsed.external = true;
|
|
parsed.public = false;
|
|
}
|
|
|
|
if (context && (context === 'internal' || context.internal)) {
|
|
parsed.internal = true;
|
|
parsed.public = false;
|
|
}
|
|
|
|
if (context && context.user) {
|
|
parsed.user = context.user;
|
|
parsed.public = false;
|
|
}
|
|
|
|
if (context && context.app) {
|
|
parsed.app = context.app;
|
|
parsed.public = false;
|
|
}
|
|
|
|
return parsed;
|
|
};
|