Permission fixes for contents or schemas.

7 years ago · d7a34a95c4
9 changed files with 49 additions and 36 deletions
--- a/src/Squidex.Shared/Permissions.cs
+++ b/src/Squidex.Shared/Permissions.cs
@ -53,7 +53,6 @@ namespace Squidex.Shared
        public const string AppContributorsRevoke = "squidex.apps.{app}.contributors.revoke";

        public const string AppLanguages = "squidex.apps.{app}.languages";
-        public const string AppLanguagesRead = "squidex.apps.{app}.languages.read";
        public const string AppLanguagesCreate = "squidex.apps.{app}.languages.create";
        public const string AppLanguagesUpdate = "squidex.apps.{app}.languages.update";
        public const string AppLanguagesDelete = "squidex.apps.{app}.languages.delete";
--- a/src/Squidex/Areas/Api/Controllers/Apps/AppLanguagesController.cs
+++ b/src/Squidex/Areas/Api/Controllers/Apps/AppLanguagesController.cs
@ -39,7 +39,7 @@ namespace Squidex.Areas.Api.Controllers.Apps
        [HttpGet]
        [Route("apps/{app}/languages/")]
        [ProducesResponseType(typeof(AppLanguageDto[]), 200)]
-        [ApiPermission(Permissions.AppLanguagesRead)]
+        [ApiPermission(Permissions.AppCommon)]
        [ApiCosts(0)]
        public IActionResult GetLanguages(string app)
        {
--- a/src/Squidex/Pipeline/AppResolver.cs
+++ b/src/Squidex/Pipeline/AppResolver.cs
@ -58,7 +58,7 @@ namespace Squidex.Pipeline
                    FindByOpenIdSubject(app, user) ??
                    FindByOpenIdClient(app, user);

-                if (permissions.Count == 0)
+                if (permissions == null || permissions.Count == 0)
                {
                    var set = user.Permissions();

@ -69,12 +69,15 @@ namespace Squidex.Pipeline
                    }
                }

+                if (permissions != null)
+                {
                    var identity = user.Identities.First();

                    foreach (var permission in permissions)
                    {
                        identity.AddClaim(new Claim(SquidexClaimTypes.Permissions, permission.Id));
                    }
+                }

                context.HttpContext.Features.Set<IAppFeature>(new AppFeature(app));
            }
@ -91,7 +94,7 @@ namespace Squidex.Pipeline
                return role.Permissions;
            }

-            return PermissionSet.Empty;
+            return null;
        }

        private static PermissionSet FindByOpenIdSubject(IAppEntity app, ClaimsPrincipal user)
@ -103,7 +106,7 @@ namespace Squidex.Pipeline
                return role.Permissions;
            }

-            return PermissionSet.Empty;
+            return null;
        }
    }
 }
--- a/src/Squidex/app-config/webpack.config.js
+++ b/src/Squidex/app-config/webpack.config.js
@ -48,7 +48,11 @@ module.exports = {
            test: /\.mjs$/,
            type: "javascript/auto",
            include: [/node_modules/],
-          },{
+          }, {
+            test: /[\/\\]@angular[\/\\]core[\/\\].+\.js$/, // Remove warning from angular6
+            parser: { system: true },
+            include: [/node_modules/],
+          }, {
            test: /\.ts$/,
            use: [{
                loader: 'awesome-typescript-loader', options: { useCache: true, useBabel: true }
@ -140,6 +144,7 @@ module.exports = {
        }),
        
        new webpack.ContextReplacementPlugin(/moment[\/\\]locale$/, /en/),
+        new webpack.ContextReplacementPlugin(/\@angular(\\|\/)core(\\|\/)fesm5/, helpers.root('app')), // Remove warning from angular6

        /**
         * Shim additional libraries
--- a/src/Squidex/app-config/webpack.test.coverage.js
+++ b/src/Squidex/app-config/webpack.test.coverage.js
@ -24,7 +24,7 @@ module.exports = webpackMerge(testConfig, {
            test: /\.ts$/,
            use: [{
                loader: 'istanbul-instrumenter-loader'
-            },{
+            }, {
                loader: 'awesome-typescript-loader'
            }, {
                loader: 'angular-router-loader'
--- a/src/Squidex/app/shared/components/schema-category.component.html
+++ b/src/Squidex/app/shared/components/schema-category.component.html
@ -15,7 +15,9 @@
    </div>

    <ul class="nav nav-panel nav-dark nav-dark-bordered flex-column" *ngIf="isOpen" @fade>
-        <li class="nav-item" *ngFor="let schema of schemasFiltered; trackBy: trackBySchema" dnd-draggable [dragEnabled]="!isReadonly" [dragData]="schema">
+        <ng-container *ngFor="let schema of schemasFiltered; trackBy: trackBySchema">
+            <ng-container *sqxPermission="schemaPermission(schema)">
+                <li class="nav-item" dnd-draggable [dragEnabled]="!isReadonly" [dragData]="schema">
                    <a class="nav-link" [routerLink]="schemaRoute(schema)" routerLinkActive="active">
                        <div class="row" *ngIf="!isReadonly">
                            <div class="col col-4">
@ -36,5 +38,7 @@
                        <span class="schema-name" *ngIf="isReadonly">{{schema.displayName}}</span>
                    </a>
                </li>
+            </ng-container>
+        </ng-container>
    </ul>
 </div>
--- a/src/Squidex/app/shared/components/schema-category.component.ts
+++ b/src/Squidex/app/shared/components/schema-category.component.ts
@ -104,6 +104,10 @@ export class SchemaCategoryComponent implements OnInit, OnChanges {
        this.schemasState.changeCategory(schema, this.name).pipe(onErrorResumeNext()).subscribe();
    }

+    public schemaPermission(schema: SchemaDto) {
+        return `?squidex.apps.{app}.schemas.${schema.name}.*;squidex.apps.{app}.contents.${schema.name}.*`;
+    }
+
    public schemaRoute(schema: SchemaDto) {
        return schema.isSingleton && this.routeSingletonToContent ? [schema.name, schema.id] : [schema.name];
    }
--- a/src/Squidex/app/shell/pages/app/left-menu.component.html
+++ b/src/Squidex/app/shell/pages/app/left-menu.component.html
@ -1,10 +1,10 @@
 <ul class="nav flex-column">
-    <li class="nav-item" *sqxPermission="'squidex.apps.{app}.schemas.?.read'">
+    <li class="nav-item" *sqxPermission="'squidex.apps.{app}.schemas.*.read'">
        <a class="nav-link" routerLink="schemas" routerLinkActive="active">
            <i class="nav-icon icon-schemas"></i> <div class="nav-text">Schemas</div>
        </a>
    </li>
-    <li class="nav-item" *sqxPermission="'squidex.apps.{app}.contents.?.read'">
+    <li class="nav-item" *sqxPermission="'?squidex.apps.{app}.contents.*.read'">
        <a class="nav-link" routerLink="content" routerLinkActive="active">
            <i class="nav-icon icon-contents"></i> <div class="nav-text">Content</div>
        </a>
--- a/src/Squidex/tslint.json
+++ b/src/Squidex/tslint.json
@ -98,8 +98,6 @@
    ],
    "radix": true,
    "rxjs-collapse-imports": true,
-    "rxjs-pipeable-operators-only": true,
-    "rxjs-no-static-observable-methods": true,
    "rxjs-proper-imports": true,
    "semicolon": [
      true,