Ghost/ghost/core/test/unit
Fabien 'egg' O'Carroll 7cc65c18cc
Added missing permissions to Contributor & Editor (#19881)
ref ENG-728
ref https://linear.app/tryghost/issue/ENG-728

This is NOT a functionality change. The Post#permissible method unit
tests have been updated to pass `true` as `hasUserPermission` and we can
see that the permission functionality remains the same.

The permissible method of the post model is responsible for removing
permission based on the data that is being modified, but the permissions
module is setup to allow the permissible method to grant permission -
this means that we call permissible, even if the current actor doesn't
have permission, this results in code that is hard to understand and
manage.

We are going to be instead returning early if an actor does not have
permission, this will allow permissible method signatures to be greatly
simplified (removing the need for hasUserPermission, hasApiKeyPermission
& hasMemberPermission arguments).
2024-03-20 20:36:07 +07:00
..
api Fixed clearing invalid sender_email when changing newsletter sender_reply_to (#19555) 2024-01-23 16:10:11 +01:00
frontend 🐛 Fixed missing source + resized images producing rendered 404 (#19869) 2024-03-18 18:32:10 +01:00
server Added missing permissions to Contributor & Editor (#19881) 2024-03-20 20:36:07 +07:00
shared Added Sentry instrumentation for get helpers (#19576) 2024-01-24 18:50:48 -08:00