Refactored privilege system

2025-07-17 08:26:24 +00:00 · 2014-09-06 10:00:26 +02:00
parent c70554330c
commit 8e8e983f28
15 changed files with 247 additions and 66 deletions
--- a/public_html/js/Auth.js
+++ b/public_html/js/Auth.js
@ -2,6 +2,13 @@ var App = App || {};

 App.Auth = function(jQuery, util, api, appState, promise) {

+	var privileges = {
+		register: 'register',
+		listUsers: 'listUsers',
+		deleteOwnAccount: 'deleteOwnAccount',
+		deleteAllAccounts: 'deleteAllAccounts',
+	};
+
 	function loginFromCredentials(userName, password, remember) {
 		return promise.make(function(resolve, reject) {
 			promise.wait(api.post('/login', {userName: userName, password: password}))
@ -79,8 +86,14 @@ App.Auth = function(jQuery, util, api, appState, promise) {
 		appState.set('loggedIn', response.json.user && !!response.json.user.id);
 	}

-	function isLoggedIn() {
-		return appState.get('loggedIn');
+	function isLoggedIn(userName) {
+		if (!appState.get('loggedIn'))
+			return false;
+		if (typeof(userName) != 'undefined') {
+			if (getCurrentUser().name != userName)
+				return false;
+		}
+		return true;
 	}

 	function getCurrentUser() {
@ -105,11 +118,14 @@ App.Auth = function(jQuery, util, api, appState, promise) {
 		loginAnonymous: loginAnonymous,
 		tryLoginFromCookie: tryLoginFromCookie,
 		logout: logout,
+
+		startObservingLoginChanges: startObservingLoginChanges,
 		isLoggedIn: isLoggedIn,
 		getCurrentUser: getCurrentUser,
 		getCurrentPrivileges: getCurrentPrivileges,
 		hasPrivilege: hasPrivilege,
-		startObservingLoginChanges: startObservingLoginChanges,
+
+		privileges: privileges,
 	};

 };
--- a/public_html/js/Presenters/TopNavigationPresenter.js
+++ b/public_html/js/Presenters/TopNavigationPresenter.js
@ -33,7 +33,7 @@ App.Presenters.TopNavigationPresenter = function(
 		$el.html(template({
 			loggedIn: auth.isLoggedIn(),
 			user: auth.getCurrentUser(),
-			canListUsers: auth.hasPrivilege('listUsers')
+			canListUsers: auth.hasPrivilege(auth.privileges.listUsers)
 		}));
 		$el.find('li.' + selectedElement).addClass('active');
 	};
--- a/public_html/js/Presenters/UserListPresenter.js
+++ b/public_html/js/Presenters/UserListPresenter.js
@ -5,6 +5,7 @@ App.Presenters.UserListPresenter = function(
 	jQuery,
 	util,
 	promise,
+	auth,
 	router,
 	pagedCollectionPresenter,
 	topNavigationPresenter,
--- a/public_html/js/Presenters/UserPresenter.js
+++ b/public_html/js/Presenters/UserPresenter.js
@ -21,7 +21,7 @@ App.Presenters.UserPresenter = function(

 	function init(args) {
 		userName = args.userName;
-		topNavigationPresenter.select(auth.isLoggedIn() && auth.getCurrentUser().name == userName ? 'my-account' : 'users');
+		topNavigationPresenter.select(auth.isLoggedIn(userName) ? 'my-account' : 'users');

 		promise.waitAll(
 			util.promiseTemplate('user'),
@ -51,8 +51,8 @@ App.Presenters.UserPresenter = function(
 	function render() {
 		var context = {
 			user: user,
-			canDeleteAccount: auth.hasPrivilege('deleteAccounts') ||
-				(auth.hasPrivilege('deleteOwnAccount') && auth.getCurrentUser().name == userName),
+			canDeleteAccount: auth.hasPrivilege(auth.privileges.deleteAllAccounts) ||
+				(auth.isLoggedIn(userName) && auth.hasPrivilege(auth.privileges.deleteOwnAccount)),
 		};
 		$el.html(template(context));
 		$el.find('.browsing-settings').html(browsingSettingsTemplate(context));