From d6308e53d57fecb956ed513ab2f0e015c8e72996 Mon Sep 17 00:00:00 2001 From: joker-x Date: Tue, 1 Sep 2020 18:53:28 +0200 Subject: [PATCH] Complete client side --- client/src/account/API.js | 5 +++++ client/src/blacklist/List.js | 7 ++++++- client/src/campaigns/CUD.js | 5 +++++ client/src/campaigns/List.js | 8 ++++++++ client/src/lists/fields/CUD.js | 5 +++++ client/src/lists/fields/List.js | 7 ++++++- client/src/lists/imports/CUD.js | 7 ++++++- client/src/lists/imports/List.js | 7 ++++++- client/src/lists/segments/CUD.js | 7 ++++++- client/src/lists/segments/List.js | 7 ++++++- client/src/send-configurations/CUD.js | 4 ++++ client/src/send-configurations/List.js | 10 +++++++++- client/src/settings/Update.js | 7 ++++++- server/models/send-configurations.js | 3 +++ 14 files changed, 81 insertions(+), 8 deletions(-) diff --git a/client/src/account/API.js b/client/src/account/API.js index 42636879..bd97455c 100644 --- a/client/src/account/API.js +++ b/client/src/account/API.js @@ -10,6 +10,7 @@ import {Button} from '../lib/bootstrap-components'; import {getUrl} from "../lib/urls"; import {withComponentMixins} from "../lib/decorator-helpers"; import styles from "./styles.scss" +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ withTranslation, @@ -35,6 +36,10 @@ export default class API extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.globalPermissions.manageApi) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageApi'); + } // noinspection JSIgnoredPromiseFromCall this.loadAccessToken(); } diff --git a/client/src/blacklist/List.js b/client/src/blacklist/List.js index 9429b446..24df22c2 100644 --- a/client/src/blacklist/List.js +++ b/client/src/blacklist/List.js @@ -10,6 +10,7 @@ import {Button} from "../lib/bootstrap-components"; import {HTTPMethod} from "../lib/axios"; import {tableAddRestActionButton, tableRestActionDialogInit, tableRestActionDialogRender} from "../lib/modals"; import {withComponentMixins} from "../lib/decorator-helpers"; +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ withTranslation, @@ -87,6 +88,10 @@ export default class List extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.globalPermissions.manageBlacklist) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageBlacklist'); + } this.clearFields(); } @@ -139,4 +144,4 @@ export default class List extends Component { ); } -} \ No newline at end of file +} diff --git a/client/src/campaigns/CUD.js b/client/src/campaigns/CUD.js index 6afaf2ca..e39c11c0 100644 --- a/client/src/campaigns/CUD.js +++ b/client/src/campaigns/CUD.js @@ -37,6 +37,7 @@ import {getCampaignLabels, ListsSelectorHelper} from "./helpers"; import {withComponentMixins} from "../lib/decorator-helpers"; import interoperableErrors from "../../../shared/interoperable-errors"; import {Trans} from "react-i18next"; +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ withTranslation, @@ -254,6 +255,10 @@ export default class CUD extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.globalPermissions.manageCampaigns) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageCampaigns'); + } if (this.props.entity) { this.getFormValuesFromEntity(this.props.entity); diff --git a/client/src/campaigns/List.js b/client/src/campaigns/List.js index e8db5b36..b98dea0f 100644 --- a/client/src/campaigns/List.js +++ b/client/src/campaigns/List.js @@ -13,6 +13,7 @@ import {tableAddDeleteButton, tableRestActionDialogInit, tableRestActionDialogRe import {withComponentMixins} from "../lib/decorator-helpers"; import styles from "./styles.scss"; import PropTypes from 'prop-types'; +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ withTranslation, @@ -34,6 +35,13 @@ export default class List extends Component { tableRestActionDialogInit(this); } + componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.globalPermissions.manageCampaigns) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageCampaigns'); + } + } + static propTypes = { permissions: PropTypes.object, channel: PropTypes.object diff --git a/client/src/lists/fields/CUD.js b/client/src/lists/fields/CUD.js index 45864ee7..131aff9d 100644 --- a/client/src/lists/fields/CUD.js +++ b/client/src/lists/fields/CUD.js @@ -32,6 +32,7 @@ import styles from "../../lib/styles.scss"; import 'ace-builds/src-noconflict/mode-json'; import 'ace-builds/src-noconflict/mode-handlebars'; import {withComponentMixins} from "../../lib/decorator-helpers"; +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ withTranslation, @@ -178,6 +179,10 @@ export default class CUD extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.globalPermissions.manageLists) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageLists'); + } if (this.props.entity) { this.getFormValuesFromEntity(this.props.entity); diff --git a/client/src/lists/fields/List.js b/client/src/lists/fields/List.js index 33461a41..0431b669 100644 --- a/client/src/lists/fields/List.js +++ b/client/src/lists/fields/List.js @@ -10,6 +10,7 @@ import {getFieldTypes} from './helpers'; import {Icon} from "../../lib/bootstrap-components"; import {tableAddDeleteButton, tableRestActionDialogInit, tableRestActionDialogRender} from "../../lib/modals"; import {withComponentMixins} from "../../lib/decorator-helpers"; +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ withTranslation, @@ -32,6 +33,10 @@ export default class List extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.globalPermissions.manageLists) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageLists'); + } } render() { @@ -77,4 +82,4 @@ export default class List extends Component { ); } -} \ No newline at end of file +} diff --git a/client/src/lists/imports/CUD.js b/client/src/lists/imports/CUD.js index 887df141..96cf548e 100644 --- a/client/src/lists/imports/CUD.js +++ b/client/src/lists/imports/CUD.js @@ -30,6 +30,7 @@ import listStyles from "../styles.scss"; import styles from "../../lib/styles.scss"; import interoperableErrors from "../../../../shared/interoperable-errors"; import {withComponentMixins} from "../../lib/decorator-helpers"; +import mailtrainConfig from 'mailtrainConfig'; function truncate(str, len, ending = '...') { @@ -209,6 +210,10 @@ export default class CUD extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.globalPermissions.manageLists) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageLists'); + } if (this.props.entity) { this.initFromEntity(this.props.entity); } else { @@ -469,4 +474,4 @@ export default class CUD extends Component { ); } -} \ No newline at end of file +} diff --git a/client/src/lists/imports/List.js b/client/src/lists/imports/List.js index 7e077748..defac298 100644 --- a/client/src/lists/imports/List.js +++ b/client/src/lists/imports/List.js @@ -13,6 +13,7 @@ import moment from "moment"; import {inProgress} from '../../../../shared/imports'; import {tableAddDeleteButton, tableRestActionDialogInit, tableRestActionDialogRender} from "../../lib/modals"; import {withComponentMixins} from "../../lib/decorator-helpers"; +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ withTranslation, @@ -37,6 +38,10 @@ export default class List extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.globalPermissions.manageLists) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageLists'); + } } render() { @@ -95,4 +100,4 @@ export default class List extends Component { ); } -} \ No newline at end of file +} diff --git a/client/src/lists/segments/CUD.js b/client/src/lists/segments/CUD.js index af737d10..18e578f9 100644 --- a/client/src/lists/segments/CUD.js +++ b/client/src/lists/segments/CUD.js @@ -28,6 +28,7 @@ import {getRuleHelpers} from "./helpers"; import RuleSettingsPane from "./RuleSettingsPane"; import {withComponentMixins} from "../../lib/decorator-helpers"; import clone from "clone"; +import mailtrainConfig from 'mailtrainConfig'; // https://stackoverflow.com/a/4819886/1601953 const isTouchDevice = !!('ontouchstart' in window || navigator.maxTouchPoints); @@ -123,6 +124,10 @@ export default class CUD extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.globalPermissions.manageLists) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageLists'); + } if (this.props.entity) { this.getFormValuesFromEntity(this.props.entity); @@ -401,4 +406,4 @@ export default class CUD extends Component { ); } -} \ No newline at end of file +} diff --git a/client/src/lists/segments/List.js b/client/src/lists/segments/List.js index b95c134c..e71d7139 100644 --- a/client/src/lists/segments/List.js +++ b/client/src/lists/segments/List.js @@ -9,6 +9,7 @@ import {Table} from '../../lib/table'; import {Icon} from "../../lib/bootstrap-components"; import {tableAddDeleteButton, tableRestActionDialogInit, tableRestActionDialogRender} from "../../lib/modals"; import {withComponentMixins} from "../../lib/decorator-helpers"; +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ withTranslation, @@ -29,6 +30,10 @@ export default class List extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.globalPermissions.manageLists) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageLists'); + } } render() { @@ -69,4 +74,4 @@ export default class List extends Component { ); } -} \ No newline at end of file +} diff --git a/client/src/send-configurations/CUD.js b/client/src/send-configurations/CUD.js index 4d972a28..3b72843e 100644 --- a/client/src/send-configurations/CUD.js +++ b/client/src/send-configurations/CUD.js @@ -91,6 +91,10 @@ export default class CUD extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.globalPermissions.manageSendConfigurations) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageSendConfigurations'); + } if (this.props.entity) { this.getFormValuesFromEntity(this.props.entity); } else { diff --git a/client/src/send-configurations/List.js b/client/src/send-configurations/List.js index 0238265d..5bd71398 100644 --- a/client/src/send-configurations/List.js +++ b/client/src/send-configurations/List.js @@ -11,6 +11,7 @@ import {getMailerTypes} from './helpers'; import {tableAddDeleteButton, tableRestActionDialogInit, tableRestActionDialogRender} from "../lib/modals"; import {withComponentMixins} from "../lib/decorator-helpers"; import PropTypes from 'prop-types'; +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ @@ -33,6 +34,13 @@ export default class List extends Component { permissions: PropTypes.object } + componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.globalPermissions.manageSendConfigurations) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageSendConfigurations'); + } + } + render() { const t = this.props.t; @@ -87,4 +95,4 @@ export default class List extends Component { ); } -} \ No newline at end of file +} diff --git a/client/src/settings/Update.js b/client/src/settings/Update.js index 27a26bd0..16dfbe54 100644 --- a/client/src/settings/Update.js +++ b/client/src/settings/Update.js @@ -19,6 +19,7 @@ import { } from '../lib/form'; import {withErrorHandling} from '../lib/error-handling'; import {withComponentMixins} from "../lib/decorator-helpers"; +import mailtrainConfig from 'mailtrainConfig'; @withComponentMixins([ withTranslation, @@ -45,6 +46,10 @@ export default class Update extends Component { } componentDidMount() { + const t = this.props.t; + if (!mailtrainConfig.globalPermissions.manageSettings) { + this.navigateToWithFlashMessage('/', 'danger', t('permissionDenied')+': manageSettings'); + } this.getFormValuesFromEntity(this.props.entity); } @@ -102,4 +107,4 @@ export default class Update extends Component { ); } -} \ No newline at end of file +} diff --git a/server/models/send-configurations.js b/server/models/send-configurations.js index 890c0d38..631d605b 100644 --- a/server/models/send-configurations.js +++ b/server/models/send-configurations.js @@ -120,6 +120,7 @@ async function _validateAndPreprocess(tx, entity, isCreate) { async function create(context, entity) { + shares.enforceGlobalPermission(context, 'manageSendConfigurations'); return await knex.transaction(async tx => { await shares.enforceEntityPermissionTx(tx, context, 'namespace', entity.namespace, 'createSendConfiguration'); @@ -138,6 +139,7 @@ async function create(context, entity) { } async function updateWithConsistencyCheck(context, entity) { + shares.enforceGlobalPermission(context, 'manageSendConfigurations'); await knex.transaction(async tx => { await shares.enforceEntityPermissionTx(tx, context, 'sendConfiguration', entity.id, 'edit'); @@ -167,6 +169,7 @@ async function updateWithConsistencyCheck(context, entity) { } async function remove(context, id) { + shares.enforceGlobalPermission(context, 'manageSendConfigurations'); if (id === getSystemSendConfigurationId()) { shares.throwPermissionDenied(); }