mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-11-28 22:43:30 +03:00
506a0c3e9e
no issue
* Comment current state of toJSON for user model
- currently the user model does not return the email if the context is app/external/public OR if there is no context object at all
- i am not 100% sure why if there is no context we should not return the email address
- i think no context means internal access
- maybe change this condition cc @ErisDS
* Extend our access rules plugin
- we already have a instance method to determine which context is used
- this relies on passing options into `.forge` - but we almost never pass the context into the forge call
- added @TODO
- provide another static method to determine the context based on the options object passed from outside
* Use the new static function for existing code
* Add comment where the external context is used
* Remove certain fields from a public request (User model only)
* Tests: support `checkResponse` for a public request
- start with an optional option pattern
- i would love to get rid of checkResponse('user', null, null, null)
- still support old style for now
- a resoure can define the default response fields and public response fields
* Tests: adapt public api test
* Tests: adapt api user test
- use new option pattern for `checkResponse`
- eww null, null, null, null....
* Revert the usage of the access rules plugin
41 lines
1.1 KiB
JavaScript
41 lines
1.1 KiB
JavaScript
/**
|
|
* Parse Context
|
|
*
|
|
* Utility function, to expand strings out into objects.
|
|
* @param {Object|String} context
|
|
* @return {{internal: boolean, external: boolean, user: integer|null, app: integer|null, public: boolean}}
|
|
*/
|
|
module.exports = function parseContext(context) {
|
|
// Parse what's passed to canThis.beginCheck for standard user and app scopes
|
|
var parsed = {
|
|
internal: false,
|
|
external: false,
|
|
user: null,
|
|
app: null,
|
|
public: true
|
|
};
|
|
|
|
// NOTE: We use the `external` context for subscribers only at the moment.
|
|
if (context && (context === 'external' || context.external)) {
|
|
parsed.external = true;
|
|
parsed.public = false;
|
|
}
|
|
|
|
if (context && (context === 'internal' || context.internal)) {
|
|
parsed.internal = true;
|
|
parsed.public = false;
|
|
}
|
|
|
|
if (context && context.user) {
|
|
parsed.user = context.user;
|
|
parsed.public = false;
|
|
}
|
|
|
|
if (context && context.app) {
|
|
parsed.app = context.app;
|
|
parsed.public = false;
|
|
}
|
|
|
|
return parsed;
|
|
};
|