fine tuned web permissions [close #553]

2013-08-18 17:32:57 +00:00 · 2013-08-18 17:32:57 +00:00 · e5c51682fb
commit e5c51682fb
parent 45eb778560
4 changed files with 24 additions and 7 deletions
--- a/modules/report/config.json
+++ b/modules/report/config.json
@ -4,5 +4,8 @@
    "dependencies": [ "users" ],
    "dbType": "redis",
    "requireWebLogin": true,
-    "webAccess": "power_users"
+    "webAccess": "regular",
+    "pageAccess": {
+        "/report/:server/:channel": "power_users"
+    }
 }
--- a/modules/report/pages.js
+++ b/modules/report/pages.js
@ -1,7 +1,7 @@
 var _ = require('underscore')._;

 var pages = function(dbot) {
-    return {
+    var pages = {
        '/report': function(req, res) {
            res.render('servers', {  
                'name': dbot.config.name,
@ -54,6 +54,8 @@ var pages = function(dbot) {
            });
        }
    };
+
+    return pages;
 };

 exports.fetch = function(dbot) {
--- a/modules/web/web.js
+++ b/modules/web/web.js
@ -63,8 +63,9 @@ var webInterface = function(dbot) {
        var pages = dbot.pages;
        for(var p in pages) {
            if(_.has(pages, p)) {
-                var func = pages[p];
-                var mod = func.module;
+                var func = pages[p],
+                    mod = func.module;
+
                this.app.get(p, this.api.hasAccess, (function(req, resp) {
                    // Crazy shim to seperate module views.
                    var shim = Object.create(resp);
@ -149,12 +150,21 @@ var webInterface = function(dbot) {
        },

        'hasAccess': function(req, res, next) {
-            var module = req.route.path.split('/')[1];
+            var path = req.route.path,
+                module = path.split('/')[1],
+                mConfig = dbot.config.modules[module];
            module = dbot.modules[module];

-            if(module.config.requireWebLogin == true) {
+            if(mConfig.requireWebLogin == true) {
                if(req.isAuthenticated()) {
-                    if(!_.isUndefined(module.config.webAccess)) {
+                    var accessNeeded = 'regular';
+                    if(_.has(mConfig, 'pageAccess') && _.has(mConfig.pageAccess, path)) {
+                        accessNeeded = mConfig.pageAccess[path];
+                    } else if(!_.isUndefined(mConfig.webAccess)) {
+                        accessNeeded = mConfig.webAccess; 
+                    }
+
+                    if(accessNeeded != 'regular') {
                        var allowedUsers = dbot.config.admins;
                        if(module.config.webAccess == 'moderators') {
                            allowedUsers = _.union(allowedUsers, dbot.config.moderators);
--- a/views/index.jade
+++ b/views/index.jade
@ -1,6 +1,8 @@
 extends layout

 block content
+  if message
+    p #{message}
  #modulelinks
    - for(var i=0;i<routes.length;i++)
        a.module(href='/'+routes[i]) #{routes[i]}