fix: root admin access deny bug + patreon link

72253f9c · Nicolas Giard · Nick · 8f573ffd · 72253f9c · 72253f9c
Commit 72253f9c authored Jan 25, 2019 by Nicolas Giard Committed by Nick Feb 02, 2019
8 changed files
--- a/.editorconfig
+++ b/.editorconfig
@@ -5,6 +5,7 @@ indent_style = space
 indent_size = 2
 charset = utf-8
 trim_trailing_whitespace = true
+end_of_line = lf
 insert_final_newline = true

 [*.{jade,pug,md}]

--- a/client/components/admin/admin-contribute.vue
+++ b/client/components/admin/admin-contribute.vue
@@ -7,10 +7,6 @@
          .admin-header-title
            .headline.primary--text {{ $t('admin:contribute.title') }}
            .subheading.grey--text {{ $t('admin:contribute.subtitle') }}
-          v-spacer
-          v-btn(depressed, color='primary', href='https://opencollective.com/wikijs', large)
-            v-icon(left) local_atm
-            span {{ $t('admin:contribute.makeADonation') }}
        v-card.mt-3
          v-card-text
            i18next.body-1.pl-3(path='admin:contribute.openSource', tag='div')
@@ -20,7 +16,11 @@
            .body-1.pt-3.pl-3 {{ $t('admin:contribute.needYourHelp') }}
            v-divider.mt-3
            v-subheader {{ $t('admin:contribute.fundOurWork') }}
-            .body-1.pl-3 {{ $t('admin:contribute.openCollective') }}
+            .body-1.pl-3 {{ $t('admin:contribute.patreon') }}
+            v-card-actions.ml-2
+              a(href='https://www.patreon.com/bePatron?u=16744039', :title='$t(`admin:contribute.becomeAPatron`)')
+                img(src='/img/become_a_patron_button.png', :alt='$t(`admin:contribute.becomeAPatron`)' style='width:200px;')
+            .body-1.mt-3.pl-3 {{ $t('admin:contribute.openCollective') }}
            v-card-actions.ml-2
              v-btn(outline, :color='darkMode ? `blue lighten-1` : `primary`', href='https://opencollective.com/wikijs')
                v-icon(left) local_atm

--- a/client/components/editor.vue
+++ b/client/components/editor.vue
@@ -26,7 +26,7 @@
          @click.native.stop='exit'
          )
          v-icon(color='red', :left='$vuetify.breakpoint.lgAndUp') close
-          span.white--text(v-if='$vuetify.breakpoint.lgAndUp') {{ $t('common:actions.discard') }}
+          span.white--text(v-if='$vuetify.breakpoint.lgAndUp') {{ $t('editor:close') }}
    v-content
      component(:is='currentEditor')
      editor-modal-properties(v-model='dialogProps')

--- a/client/static/img/become_a_patron_button.png
+++ b/client/static/img/become_a_patron_button.png
--- a/dev/docker/Dockerfile
+++ b/dev/docker/Dockerfile
 # -- DEV DOCKERFILE --
 # -- DO NOT USE IN PRODUCTION! --

-FROM node:10.14-alpine
+FROM node:10-alpine
 LABEL maintainer "requarks.io"

 RUN apk update && \
    apk add bash curl git python make g++ --no-cache && \
-    mkdir -p /var/wiki
+    mkdir -p /wiki

-WORKDIR /var/wiki
+WORKDIR /wiki
 COPY package.json .
 RUN yarn --silent
 COPY ./dev/docker/init.sh ./init.sh

--- a/dev/docker/docker-compose.yml
+++ b/dev/docker/docker-compose.yml
@@ -49,8 +49,8 @@ services:
    ports:
      - "3000:3000"
    volumes:
-      - .:/var/wiki
-      - /var/wiki/node_modules
+      - .:/wiki
+      - /wiki/node_modules
    command: ["sh", "./dev/docker/init.sh"]

 networks:

--- a/server/controllers/common.js
+++ b/server/controllers/common.js
@@ -30,6 +30,7 @@ router.get(['/e', '/e/*'], async (req, res, next) => {
  })
  if (page) {
    if (!WIKI.auth.checkAccess(req.user, ['manage:pages'], pageArgs)) {
+      _.set(res.locals, 'pageMeta.title', 'Unauthorized')
      return res.render('unauthorized', { action: 'edit'})
    }

@@ -40,6 +41,7 @@ router.get(['/e', '/e/*'], async (req, res, next) => {
    page.content = Buffer.from(page.content).toString('base64')
  } else {
    if (!WIKI.auth.checkAccess(req.user, ['write:pages'], pageArgs)) {
+      _.set(res.locals, 'pageMeta.title', 'Unauthorized')
      return res.render('unauthorized', { action: 'create'})
    }

@@ -78,6 +80,7 @@ router.get(['/h', '/h/*'], async (req, res, next) => {
  const pageArgs = pageHelper.parsePath(req.path)

  if (!WIKI.auth.checkAccess(req.user, ['read:pages'], pageArgs)) {
+    _.set(res.locals, 'pageMeta.title', 'Unauthorized')
    return res.render('unauthorized', { action: 'history'})
  }


--- a/server/core/auth.js
+++ b/server/core/auth.js
@@ -114,6 +114,7 @@ module.exports = {
        try {
          const newToken = await WIKI.models.users.refreshToken(jwtPayload.id)
          user = newToken.user
+          req.user = user

          // Try headers, otherwise cookies for response
          if (req.get('content-type') === 'application/json') {
@@ -153,20 +154,18 @@ module.exports = {
   * @param {String|Boolean} path
   */
  checkAccess(user, permissions = [], page = false) {
+    const userPermissions = user.permissions ? user.permissions : user.getGlobalPermissions()
+
    // System Admin
-    if (_.includes(user.permissions, 'manage:system')) {
+    if (_.includes(userPermissions, 'manage:system')) {
      return true
    }

-    const userPermissions = user.permissions ? user.permissions : user.getGlobalPermissions()
-
    // Check Global Permissions
    if (_.intersection(userPermissions, permissions).length < 1) {
      return false
    }

-    console.info('---------------------')
-
    // Check Page Rules
    if (path && user.groups) {
      let checkState = {
@@ -204,9 +203,6 @@ module.exports = {
        })
      })

-      console.info('DAKSJDHKASJD')
-      console.info(checkState)
-
      return (checkState.match && !checkState.deny)
    }