mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-14 18:52:05 +03:00
80f9023020
Closes #3196 * adds `/roles/` endpoint * is given the current user as context * wraps everything in a canthis.browse.role * gets all the available roles (should "Owner" be filtered out?) * optional parameter: `permission=assign`. Gets all roles authenticated user could assign * if we're not signed in, gives a "please sign in" (standard) error * if we're signed in, but user is not in the context, gives a "there was no user in the context" error * if the user is an "Author", gives a "there are no available roles to assign" error * implemented hacky filter because when.js produces heisenbugs past 3.2.3 (when.filter not available) * added extra fixtures to `permissions.json`. Might need a migration. Caveats: * there are no tests * for some reason the setup functional test was failing for me locally
176 lines
4.4 KiB
JSON
176 lines
4.4 KiB
JSON
{
|
|
"permissions": {
|
|
"db": [
|
|
{
|
|
"name": "Export database",
|
|
"action_type": "exportContent"
|
|
},
|
|
{
|
|
"name": "Import database",
|
|
"action_type": "importContent"
|
|
},
|
|
{
|
|
"name": "Delete all content",
|
|
"action_type": "deleteAllContent"
|
|
}
|
|
],
|
|
"mail": [
|
|
{
|
|
"name": "Send mail",
|
|
"action_type": "send"
|
|
}
|
|
],
|
|
"notification": [
|
|
{
|
|
"name": "Browse notifications",
|
|
"action_type": "browse"
|
|
},
|
|
{
|
|
"name": "Add notifications",
|
|
"action_type": "add"
|
|
},
|
|
{
|
|
"name": "Delete notifications",
|
|
"action_type": "destroy"
|
|
}
|
|
],
|
|
"post": [
|
|
{
|
|
"name": "Browse posts",
|
|
"action_type": "browse"
|
|
},
|
|
{
|
|
"name": "Read posts",
|
|
"action_type": "read"
|
|
},
|
|
{
|
|
"name": "Edit posts",
|
|
"action_type": "edit"
|
|
},
|
|
{
|
|
"name": "Add posts",
|
|
"action_type": "add"
|
|
},
|
|
{
|
|
"name": "Delete posts",
|
|
"action_type": "destroy"
|
|
}
|
|
],
|
|
"setting": [
|
|
{
|
|
"name": "Browse settings",
|
|
"action_type": "browse"
|
|
},
|
|
{
|
|
"name": "Read settings",
|
|
"action_type": "read"
|
|
},
|
|
{
|
|
"name": "Edit settings",
|
|
"action_type": "edit"
|
|
}
|
|
],
|
|
"slug": [
|
|
{
|
|
"name": "Generate slugs",
|
|
"action_type": "generate"
|
|
}
|
|
],
|
|
"tag": [
|
|
{
|
|
"name": "Browse tags",
|
|
"action_type": "browse"
|
|
},
|
|
{
|
|
"name": "Read tags",
|
|
"action_type": "read"
|
|
},
|
|
{
|
|
"name": "Edit tags",
|
|
"action_type": "edit"
|
|
},
|
|
{
|
|
"name": "Add tags",
|
|
"action_type": "add"
|
|
},
|
|
{
|
|
"name": "Delete tags",
|
|
"action_type": "destroy"
|
|
}
|
|
],
|
|
"theme": [
|
|
{
|
|
"name": "Browse themes",
|
|
"action_type": "browse"
|
|
},
|
|
{
|
|
"name": "Edit themes",
|
|
"action_type": "edit"
|
|
}
|
|
],
|
|
"user": [
|
|
{
|
|
"name": "Browse users",
|
|
"action_type": "browse"
|
|
},
|
|
{
|
|
"name": "Read users",
|
|
"action_type": "read"
|
|
},
|
|
{
|
|
"name": "Edit users",
|
|
"action_type": "edit"
|
|
},
|
|
{
|
|
"name": "Add users",
|
|
"action_type": "add"
|
|
},
|
|
{
|
|
"name": "Delete users",
|
|
"action_type": "destroy"
|
|
}
|
|
],
|
|
"role": [
|
|
{
|
|
"name": "Assign a role",
|
|
"action_type": "assign"
|
|
},
|
|
{
|
|
"name": "Browse roles",
|
|
"action_type": "browse"
|
|
}
|
|
]
|
|
},
|
|
"permissions_roles": {
|
|
"Administrator": {
|
|
"db": "all",
|
|
"mail": "all",
|
|
"notification": "all",
|
|
"post": "all",
|
|
"setting": "all",
|
|
"slug": "all",
|
|
"tag": "all",
|
|
"theme": "all",
|
|
"user": "all",
|
|
"role": "all"
|
|
},
|
|
"Editor": {
|
|
"post": "all",
|
|
"setting": ["browse", "read"],
|
|
"slug": "all",
|
|
"tag": "all",
|
|
"user": "all",
|
|
"setting": ["browse", "read"],
|
|
"role": "all"
|
|
},
|
|
"Author": {
|
|
"post": ["browse", "read", "add"],
|
|
"setting": ["browse", "read"],
|
|
"slug": "all",
|
|
"tag": ["browse", "read", "add"],
|
|
"user": ["browse", "read"],
|
|
"setting": ["browse", "read"],
|
|
"role": ["browse"]
|
|
}
|
|
}
|
|
} |