yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-08-11 02:07:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update settings api to add the permissions check

Browse Source 
Signed-off-by: soupette <cyril.lpz@gmail.com>
This commit is contained in:
soupette 2020-06-09 12:58:06 +02:00 committed by Alexandre Bodin
parent 00e6b008e7
commit acb43e5aa9
7 changed files with 116 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
packages/strapi-admin/admin/src/containers/LeftMenu/index.js
View File

@ -37,8 +37,6 @@ const LeftMenu = ({ version, plugins }) => {
[pluginsSectionLinks]
);
console.log(pluginsSectionLinks);
useEffect(() => {
const getLinksPermissions = async () => {
const checkPermissions = async (index, permissionsToCheck) => {

30
packages/strapi-admin/admin/src/containers/LeftMenu/init.js
View File

@ -1,8 +1,27 @@
import { get, omit, set, sortBy } from 'lodash';
import { SETTINGS_BASE_URL } from '../../config';
const getPluginsSettingsPermissions = plugins =>
Object.values(plugins).reduce((acc, current) => {
const pluginSettings = get(current, 'settings.global', []);
pluginSettings.forEach(setting => {
const permissions = get(setting, 'permissions', []);
permissions.forEach(permission => {
acc.push(permission);
});
});
return acc;
}, []);
const sortLinks = links => sortBy(links, object => object.name);
const init = (initialState, plugins = {}) => {
// For each plugin retrieve the permissions associated to each injected link
const settingsPermissions = getPluginsSettingsPermissions(plugins);
const pluginsLinks = Object.values(plugins).reduce((acc, current) => {
const pluginsSectionLinks = get(current, 'menu.pluginsSectionLinks', []);
@ -12,6 +31,17 @@ const init = (initialState, plugins = {}) => {
return { ...omit(link, 'name'), isDisplayed: false };
});
const settingsLinkIndex = initialState.generalSectionLinks.findIndex(
obj => obj.destination === SETTINGS_BASE_URL
);
if (settingsPermissions.length && settingsLinkIndex !== -1) {
const permissionsPath = ['generalSectionLinks', settingsLinkIndex, 'permissions'];
const alreadyCreatedPermissions = get(initialState, permissionsPath, []);
set(initialState, permissionsPath, [...alreadyCreatedPermissions, ...settingsPermissions]);
}
if (sortedLinks.length) {
set(initialState, 'pluginsSectionLinks', sortedLinks);
}

5
packages/strapi-admin/admin/src/containers/LeftMenu/reducer.js
View File

@ -46,10 +46,7 @@ const initialState = {
{ action: 'admin::roles.update', subject: null },
{ action: 'admin::roles.read', subject: null },
{ action: 'admin::roles.delete', subject: null },
// TODO this should be set by the plugin directly
// media library
{ action: 'plugins::upload.settings.read', subject: null },
// Here are added the plugins settings permissions during the init phase
],
},
],

3
packages/strapi-admin/admin/src/containers/LeftMenu/tests/init.test.js
View File

@ -5,9 +5,10 @@ describe('ADMIN | LeftMenu | init', () => {
it('should return the initialState if the plugins are empty', () => {
const initialState = {
ok: true,
generalSectionLinks: [],
};
expect(init(initialState)).toEqual({ ok: true });
expect(init(initialState)).toEqual({ ok: true, generalSectionLinks: [] });
});
it('should create the pluginsSectionLinks correctly', () => {

2
packages/strapi-admin/admin/src/plugins.js
View File

@ -32,6 +32,6 @@ module.exports = {
.default,
'strapi-plugin-email': require('../../../strapi-plugin-email/admin/src').default,
// 'strapi-plugin-upload': require('../../../strapi-plugin-upload/admin/src').default,
'strapi-plugin-upload': require('../../../strapi-plugin-upload/admin/src').default,
'strapi-plugin-graphql': require('../../../strapi-plugin-graphql/admin/src').default,
};

160
packages/strapi-admin/admin/src/utils/fakePermissionsData.js
View File

@ -234,12 +234,12 @@ const data = {
// fields: null,
// conditions: [],
// },
{
action: 'admin::marketplace.plugins.install',
subject: null,
fields: null,
conditions: ['some condition'],
},
// {
// action: 'admin::marketplace.plugins.install',
// subject: null,
// fields: null,
// conditions: ['some condition'],
// },
// {
// action: 'admin::marketplace.plugins.uninstall',
// subject: null,
@ -248,82 +248,82 @@ const data = {
// },
// Admin webhooks
{
action: 'admin::webhooks.create',
subject: null,
fields: null,
conditions: [],
},
{
action: 'admin::webhooks.read',
subject: null,
fields: null,
conditions: [],
},
{
action: 'admin::webhooks.update',
subject: null,
fields: null,
conditions: [],
},
{
action: 'admin::webhooks.delete',
subject: null,
fields: null,
conditions: [],
},
// {
// action: 'admin::webhooks.create',
// subject: null,
// fields: null,
// conditions: [],
// },
// {
// action: 'admin::webhooks.read',
// subject: null,
// fields: null,
// conditions: [],
// },
// {
// action: 'admin::webhooks.update',
// subject: null,
// fields: null,
// conditions: [],
// },
// {
// action: 'admin::webhooks.delete',
// subject: null,
// fields: null,
// conditions: [],
// },
// Admin users
{
action: 'admin::users.create',
subject: null,
fields: null,
conditions: [],
},
{
action: 'admin::users.read',
subject: null,
fields: null,
conditions: [],
},
{
action: 'admin::users.update',
subject: null,
fields: null,
conditions: [],
},
{
action: 'admin::users.delete',
subject: null,
fields: null,
conditions: [],
},
// // Admin users
// {
// action: 'admin::users.create',
// subject: null,
// fields: null,
// conditions: [],
// },
// {
// action: 'admin::users.read',
// subject: null,
// fields: null,
// conditions: [],
// },
// {
// action: 'admin::users.update',
// subject: null,
// fields: null,
// conditions: [],
// },
// {
// action: 'admin::users.delete',
// subject: null,
// fields: null,
// conditions: [],
// },
// Admin roles
{
action: 'admin::roles.create',
subject: null,
fields: null,
conditions: [],
},
{
action: 'admin::roles.read',
subject: null,
fields: null,
conditions: [],
},
{
action: 'admin::roles.update',
subject: null,
fields: null,
conditions: [],
},
{
action: 'admin::roles.delete',
subject: null,
fields: null,
conditions: [],
},
// // Admin roles
// {
// action: 'admin::roles.create',
// subject: null,
// fields: null,
// conditions: [],
// },
// {
// action: 'admin::roles.read',
// subject: null,
// fields: null,
// conditions: [],
// },
// {
// action: 'admin::roles.update',
// subject: null,
// fields: null,
// conditions: [],
// },
// {
// action: 'admin::roles.delete',
// subject: null,
// fields: null,
// conditions: [],
// },
// Content type builder
{

2
packages/strapi-plugin-upload/admin/src/index.js
View File

@ -50,6 +50,8 @@ export default strapi => {
name: 'media-library',
to: `${strapi.settingsBaseURL}/media-library`,
Component: SettingsPage,
// TODO write documentation
permissions: [{ action: 'plugins::upload.settings.read', subject: null }],
},
],
},