WiP on permissions

Doesn't run. This commit is just to backup the changes.
2017-07-26 22:42:05 +03:00 · 2017-07-26 22:42:05 +03:00 · 89c9615592
commit 89c9615592
parent 5df444f641
37 changed files with 913 additions and 366 deletions
--- a/lib/passport.js
+++ b/lib/passport.js
@ -1,15 +1,15 @@
 'use strict';

-let config = require('config');
-let log = require('npmlog');
-let _ = require('./translate')._;
-let util = require('util');
+const config = require('config');
+const log = require('npmlog');
+const _ = require('./translate')._;
+const util = require('util');

-let passport = require('passport');
-let LocalStrategy = require('passport-local').Strategy;
+const passport = require('passport');
+const LocalStrategy = require('passport-local').Strategy;

-let csrf = require('csurf');
-let bodyParser = require('body-parser');
+const csrf = require('csurf');
+const bodyParser = require('body-parser');

 const users = require('../models/users');
 const { nodeifyFunction, nodeifyPromise } = require('./nodeify');
@ -104,20 +104,24 @@ if (config.ldap.enabled && LdapStrategy) {
                id: user.id,
                username: user.username,
                name: profile[config.ldap.nameTag],
-                email: profile.mail
+                email: profile.mail,
+                role: user.role
            };

        } catch (err) {
            if (err instanceof interoperableErrors.NotFoundError) {
-                const userId = await users.createExternal({
+                const userId = await users.create({
                    username: profile[config.ldap.uidTag],
+                    role: config.ldap.newUserRole,
+                    namespace: config.ldap.newUserNamespaceId
                });

                return {
                    id: userId,
                    username: profile[config.ldap.uidTag],
                    name: profile[config.ldap.nameTag],
-                    email: profile.mail
+                    email: profile.mail,
+                    role: config.ldap.newUserRole
                };
            } else {
                throw err;
@ -139,6 +143,6 @@ if (config.ldap.enabled && LdapStrategy) {
    })));

    passport.serializeUser((user, done) => done(null, user.id));
-    passport.deserializeUser((id, done) => nodeifyPromise(users.getById(id), done));
+    passport.deserializeUser((id, done) => nodeifyPromise(users.getByIdNoPerms(id), done));
 }