TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-11-28 05:37:34 +03:00
Code Issues Projects Releases Wiki Activity
baa8118893
Ghost/core/server/services/permissions/providers.js
Hannah Wolfe baa8118893 Refactor common pattern in service files 
- Use array destructuring
- Use @tryghost/errors
- Part of the big move towards decoupling, this gives visibility on what's being used where
- Biting off manageable chunks / fixing bits of code I'm refactoring for other reasons
2020-04-30 20:48:42 +01:00

68 lines
2.5 KiB
JavaScript
Raw Blame History

const _ = require('lodash');
const Promise = require('bluebird');
const models = require('../../models');
const errors = require('@tryghost/errors');
const {i18n} = require('../../lib/common');
module.exports = {
user: function (id) {
return models.User.findOne({id: id, status: 'active'}, {withRelated: ['permissions', 'roles', 'roles.permissions']})
.then(function (foundUser) {
// CASE: {context: {user: id}} where the id is not in our database
if (!foundUser) {
return Promise.reject(new errors.NotFoundError({
message: i18n.t('errors.models.user.userNotFound')
}));
}
const seenPerms = {};
const rolePerms = _.map(foundUser.related('roles').models, function (role) {
return role.related('permissions').models;
});
const allPerms = [];
const user = foundUser.toJSON();
rolePerms.push(foundUser.related('permissions').models);
_.each(rolePerms, function (rolePermGroup) {
_.each(rolePermGroup, function (perm) {
const key = perm.get('action_type') + '-' + perm.get('object_type') + '-' + perm.get('object_id');
// Only add perms once
if (seenPerms[key]) {
return;
}
allPerms.push(perm);
seenPerms[key] = true;
});
});
// @TODO fix this!
// Permissions is an array of models
// Roles is a JSON array
return {permissions: allPerms, roles: user.roles};
});
},
apiKey(id) {
return models.ApiKey.findOne({id}, {withRelated: ['role', 'role.permissions']})
.then((foundApiKey) => {
if (!foundApiKey) {
throw new errors.NotFoundError({
message: i18n.t('errors.models.api_key.apiKeyNotFound')
});
}
// api keys have a belongs_to relationship to a role and no individual permissions
// so there's no need for permission deduplication
const permissions = foundApiKey.related('role').related('permissions').models;
const roles = [foundApiKey.toJSON().role];
return {permissions, roles};
});
}
};
Reference in New Issue View Git Blame Copy Permalink