3
0
mirror of https://github.com/reality/dbot.git synced 2024-12-25 04:02:39 +01:00

fix web perms

This commit is contained in:
reality 2014-06-06 01:16:30 +00:00
parent 51426264d6
commit f1442edf34
2 changed files with 20 additions and 20 deletions

View File

@ -6,7 +6,7 @@
"requireWebLogin": true, "requireWebLogin": true,
"webAccess": "regular", "webAccess": "regular",
"pageAccess": { "pageAccess": {
"/report/:server/:channel": "power_users" "/report/:server/:channel": "power_user"
}, },
"colours": { "colours": {
"wherever": { "wherever": {

View File

@ -22,25 +22,28 @@ var api = function(dbot) {
'hasAccess': function(req, res, next) { 'hasAccess': function(req, res, next) {
var path = req.route.path, var path = req.route.path,
module = dbot.pages[path].module, module = dbot.pages[path].module,
mConfig = dbot.config.modules[module]; mConfig = dbot.config.modules[module],
accessNeeded,
allowedNicks;
if(mConfig.requireWebLogin == true) { if(mConfig.requireWebLogin == true) {
if(req.isAuthenticated()) { if(req.isAuthenticated()) {
var accessNeeded = 'regular'; if(_.has(mConfig.pageAccess, path)) {
if(_.has(mConfig, 'pageAccess') && _.has(mConfig.pageAccess, path)) {
accessNeeded = mConfig.pageAccess[path]; accessNeeded = mConfig.pageAccess[path];
} else if(!_.isUndefined(mConfig.webAccess)) { } else if(!_.isUndefined(mConfig.webAccess)) {
accessNeeded = mConfig.webAccess; accessNeeded = mConfig.webAccess;
} }
if(accessNeeded != 'regular') { if(!_.isUndefined(accessNeeded) || accessNeeded == null) {
var allowedUsers = dbot.config.admins; return next();
if(mConfig.webAccess == 'moderators') { }
allowedUsers = _.union(allowedUsers, dbot.config.moderators);
if(!_.isFunction(accessNeeded)) {
if(_.has(dbot.access, accessNeeded)) {
accessNeeded = dbot.access[accessNeeded];
} else {
return next();
} }
if(mConfig.webAccess == 'power_users') {
allowedUsers = _.union(allowedUsers, dbot.config.moderators);
allowedUsers = _.union(allowedUsers, dbot.config.power_users);
} }
if(_.include(allowedUsers, req.user.primaryNick)) { if(_.include(allowedUsers, req.user.primaryNick)) {
@ -48,9 +51,6 @@ var api = function(dbot) {
} else { } else {
res.redirect('/'); res.redirect('/');
} }
} else {
return next();
}
} else { } else {
res.render('login', { res.render('login', {
'message': 'You need to log in to access this module.', 'message': 'You need to log in to access this module.',