yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-08-13 11:17:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update settings api to add the permissions check

Browse Source 
Signed-off-by: soupette <cyril.lpz@gmail.com>
This commit is contained in:
soupette 2020-06-09 12:58:06 +02:00 committed by Alexandre Bodin
parent 00e6b008e7
commit acb43e5aa9
7 changed files with 116 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
packages/strapi-admin/admin/src/containers/LeftMenu/index.js
View File

@ -37,8 +37,6 @@ const LeftMenu = ({ version, plugins }) => {
[pluginsSectionLinks] [pluginsSectionLinks]
); );
console.log(pluginsSectionLinks);
useEffect(() => { useEffect(() => {
const getLinksPermissions = async () => { const getLinksPermissions = async () => {
const checkPermissions = async (index, permissionsToCheck) => { const checkPermissions = async (index, permissionsToCheck) => {

30
packages/strapi-admin/admin/src/containers/LeftMenu/init.js
View File

@ -1,8 +1,27 @@
import { get, omit, set, sortBy } from 'lodash'; import { get, omit, set, sortBy } from 'lodash';
import { SETTINGS_BASE_URL } from '../../config';
const getPluginsSettingsPermissions = plugins =>
Object.values(plugins).reduce((acc, current) => {
const pluginSettings = get(current, 'settings.global', []);
pluginSettings.forEach(setting => {
const permissions = get(setting, 'permissions', []);
permissions.forEach(permission => {
acc.push(permission);
});
});
return acc;
}, []);
const sortLinks = links => sortBy(links, object => object.name); const sortLinks = links => sortBy(links, object => object.name);
const init = (initialState, plugins = {}) => { const init = (initialState, plugins = {}) => {
// For each plugin retrieve the permissions associated to each injected link
const settingsPermissions = getPluginsSettingsPermissions(plugins);
const pluginsLinks = Object.values(plugins).reduce((acc, current) => { const pluginsLinks = Object.values(plugins).reduce((acc, current) => {
const pluginsSectionLinks = get(current, 'menu.pluginsSectionLinks', []); const pluginsSectionLinks = get(current, 'menu.pluginsSectionLinks', []);
@ -12,6 +31,17 @@ const init = (initialState, plugins = {}) => {
return { ...omit(link, 'name'), isDisplayed: false }; return { ...omit(link, 'name'), isDisplayed: false };
}); });
const settingsLinkIndex = initialState.generalSectionLinks.findIndex(
obj => obj.destination === SETTINGS_BASE_URL
);
if (settingsPermissions.length && settingsLinkIndex !== -1) {
const permissionsPath = ['generalSectionLinks', settingsLinkIndex, 'permissions'];
const alreadyCreatedPermissions = get(initialState, permissionsPath, []);
set(initialState, permissionsPath, [...alreadyCreatedPermissions, ...settingsPermissions]);
}
if (sortedLinks.length) { if (sortedLinks.length) {
set(initialState, 'pluginsSectionLinks', sortedLinks); set(initialState, 'pluginsSectionLinks', sortedLinks);
} }

5
packages/strapi-admin/admin/src/containers/LeftMenu/reducer.js
View File

@ -46,10 +46,7 @@ const initialState = {
{ action: 'admin::roles.update', subject: null }, { action: 'admin::roles.update', subject: null },
{ action: 'admin::roles.read', subject: null }, { action: 'admin::roles.read', subject: null },
{ action: 'admin::roles.delete', subject: null }, { action: 'admin::roles.delete', subject: null },
// Here are added the plugins settings permissions during the init phase
// TODO this should be set by the plugin directly
// media library
{ action: 'plugins::upload.settings.read', subject: null },
], ],
}, },
], ],

3
packages/strapi-admin/admin/src/containers/LeftMenu/tests/init.test.js
View File

@ -5,9 +5,10 @@ describe('ADMIN | LeftMenu | init', () => {
it('should return the initialState if the plugins are empty', () => { it('should return the initialState if the plugins are empty', () => {
const initialState = { const initialState = {
ok: true, ok: true,
generalSectionLinks: [],
}; };
expect(init(initialState)).toEqual({ ok: true }); expect(init(initialState)).toEqual({ ok: true, generalSectionLinks: [] });
}); });
it('should create the pluginsSectionLinks correctly', () => { it('should create the pluginsSectionLinks correctly', () => {

2
packages/strapi-admin/admin/src/plugins.js
View File

@ -32,6 +32,6 @@ module.exports = {
.default, .default,
'strapi-plugin-email': require('../../../strapi-plugin-email/admin/src').default, 'strapi-plugin-email': require('../../../strapi-plugin-email/admin/src').default,
// 'strapi-plugin-upload': require('../../../strapi-plugin-upload/admin/src').default, 'strapi-plugin-upload': require('../../../strapi-plugin-upload/admin/src').default,
'strapi-plugin-graphql': require('../../../strapi-plugin-graphql/admin/src').default, 'strapi-plugin-graphql': require('../../../strapi-plugin-graphql/admin/src').default,
}; };

160
packages/strapi-admin/admin/src/utils/fakePermissionsData.js
View File

@ -234,12 +234,12 @@ const data = {
// fields: null, // fields: null,
// conditions: [], // conditions: [],
// }, // },
{ // {
action: 'admin::marketplace.plugins.install', // action: 'admin::marketplace.plugins.install',
subject: null, // subject: null,
fields: null, // fields: null,
conditions: ['some condition'], // conditions: ['some condition'],
}, // },
// { // {
// action: 'admin::marketplace.plugins.uninstall', // action: 'admin::marketplace.plugins.uninstall',
// subject: null, // subject: null,
@ -248,82 +248,82 @@ const data = {
// }, // },
// Admin webhooks // Admin webhooks
{ // {
action: 'admin::webhooks.create', // action: 'admin::webhooks.create',
subject: null, // subject: null,
fields: null, // fields: null,
conditions: [], // conditions: [],
}, // },
{ // {
action: 'admin::webhooks.read', // action: 'admin::webhooks.read',
subject: null, // subject: null,
fields: null, // fields: null,
conditions: [], // conditions: [],
}, // },
{ // {
action: 'admin::webhooks.update', // action: 'admin::webhooks.update',
subject: null, // subject: null,
fields: null, // fields: null,
conditions: [], // conditions: [],
}, // },
{ // {
action: 'admin::webhooks.delete', // action: 'admin::webhooks.delete',
subject: null, // subject: null,
fields: null, // fields: null,
conditions: [], // conditions: [],
}, // },
// Admin users // // Admin users
{ // {
action: 'admin::users.create', // action: 'admin::users.create',
subject: null, // subject: null,
fields: null, // fields: null,
conditions: [], // conditions: [],
}, // },
{ // {
action: 'admin::users.read', // action: 'admin::users.read',
subject: null, // subject: null,
fields: null, // fields: null,
conditions: [], // conditions: [],
}, // },
{ // {
action: 'admin::users.update', // action: 'admin::users.update',
subject: null, // subject: null,
fields: null, // fields: null,
conditions: [], // conditions: [],
}, // },
{ // {
action: 'admin::users.delete', // action: 'admin::users.delete',
subject: null, // subject: null,
fields: null, // fields: null,
conditions: [], // conditions: [],
}, // },
// Admin roles // // Admin roles
{ // {
action: 'admin::roles.create', // action: 'admin::roles.create',
subject: null, // subject: null,
fields: null, // fields: null,
conditions: [], // conditions: [],
}, // },
{ // {
action: 'admin::roles.read', // action: 'admin::roles.read',
subject: null, // subject: null,
fields: null, // fields: null,
conditions: [], // conditions: [],
}, // },
{ // {
action: 'admin::roles.update', // action: 'admin::roles.update',
subject: null, // subject: null,
fields: null, // fields: null,
conditions: [], // conditions: [],
}, // },
{ // {
action: 'admin::roles.delete', // action: 'admin::roles.delete',
subject: null, // subject: null,
fields: null, // fields: null,
conditions: [], // conditions: [],
}, // },
// Content type builder // Content type builder
{ {

2
packages/strapi-plugin-upload/admin/src/index.js
View File

@ -50,6 +50,8 @@ export default strapi => {
name: 'media-library', name: 'media-library',
to: `${strapi.settingsBaseURL}/media-library`, to: `${strapi.settingsBaseURL}/media-library`,
Component: SettingsPage, Component: SettingsPage,
// TODO write documentation
permissions: [{ action: 'plugins::upload.settings.read', subject: null }],
}, },
], ],
}, },