* User.isGroupMember() can now take a string or array of strings to check
* Add WELCOME2.ANS * Disallow "all" as a username * Check group membership when switching areas
This commit is contained in:
Bryan Ashby
parent
d2866df97f
commit
5bd95255a3
|
|
@ -83,7 +83,7 @@ function getDefaultConfig() {
|
||||||
newUserNames : [ 'new', 'apply' ], // Names reserved for applying
|
newUserNames : [ 'new', 'apply' ], // Names reserved for applying
|
||||||
|
|
||||||
// :TODO: Mystic uses TRASHCAN.DAT for this -- is there a reason to support something like that?
|
// :TODO: Mystic uses TRASHCAN.DAT for this -- is there a reason to support something like that?
|
||||||
badUserNames : [ 'sysop', 'admin', 'administrator', 'root' ],
|
badUserNames : [ 'sysop', 'admin', 'administrator', 'root', 'all' ],
|
||||||
},
|
},
|
||||||
|
|
||||||
// :TODO: better name for "defaults"... which is redundant here!
|
// :TODO: better name for "defaults"... which is redundant here!
|
||||||
|
|
|
||||||
|
|
@ -78,8 +78,13 @@ function changeMessageArea(client, areaName, cb) {
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
function validateAccess(area, callback) {
|
function validateAccess(area, callback) {
|
||||||
// :TODO: validate user has access to |area| -- must belong to group(s) specified
|
if(_.isArray(area.groups) && !
|
||||||
callback(null, area);
|
client.user.isGroupMember(area.groups))
|
||||||
|
{
|
||||||
|
callback(new Error('User does not have access to this area'));
|
||||||
|
} else {
|
||||||
|
callback(null, area);
|
||||||
|
}
|
||||||
},
|
},
|
||||||
function changeArea(area, callback) {
|
function changeArea(area, callback) {
|
||||||
client.user.persistProperty('message_area_name', area.name, function persisted(err) {
|
client.user.persistProperty('message_area_name', area.name, function persisted(err) {
|
||||||
|
|
|
||||||
14
core/user.js
14
core/user.js
|
|
@ -48,8 +48,18 @@ function User() {
|
||||||
|
|
||||||
this.isSysOp = this.isRoot; // alias
|
this.isSysOp = this.isRoot; // alias
|
||||||
|
|
||||||
this.isGroupMember = function(groupName) {
|
this.isGroupMember = function(groupNames) {
|
||||||
return self.groups.indexOf(groupName) > -1;
|
if(_.isString(groupNames)) {
|
||||||
|
groupNames = [ groupNames ];
|
||||||
|
}
|
||||||
|
|
||||||
|
groupNames.forEach(function groupEntry(groupName) {
|
||||||
|
if(-1 === self.groups.indexOf(groupName)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
return true;
|
||||||
};
|
};
|
||||||
|
|
||||||
this.getLegacySecurityLevel = function() {
|
this.getLegacySecurityLevel = function() {
|
||||||
|
|
|
||||||
Binary file not shown.
|
|
@ -1066,7 +1066,7 @@
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
value: { 1: 1 }
|
value: { 1: 1 }
|
||||||
action: @menu:messageArea
|
action: @systemMethod:prevMenu
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
value: { 1: 2 }
|
value: { 1: 2 }
|
||||||
|
|
|
||||||
|
|
@ -144,7 +144,7 @@ MessageListModule.prototype.mciReady = function(mciData, cb) {
|
||||||
to : mle.toUserName,
|
to : mle.toUserName,
|
||||||
ts : moment(mle.modTimestamp).format(dateTimeFormat),
|
ts : moment(mle.modTimestamp).format(dateTimeFormat),
|
||||||
newIndicator : mle.messageId > self.lastReadId ? newIndicator : '',
|
newIndicator : mle.messageId > self.lastReadId ? newIndicator : '',
|
||||||
}
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
msgListView.setItems(_.map(self.messageList, function formatMsgListEntry(mle) {
|
msgListView.setItems(_.map(self.messageList, function formatMsgListEntry(mle) {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue