mirror of
https://github.com/HabitRPG/habitica.git
synced 2025-12-18 07:07:35 +01:00
add new permission for managing blockers
This commit is contained in:
Phillip Thelen
@@ -2,11 +2,14 @@
|
||||
<div class="row">
|
||||
<secondary-menu class="col-12">
|
||||
<router-link
|
||||
v-if="user.permissions.fullAccess || user.permissions.userSupport"
|
||||
class="nav-link"
|
||||
:to="{name: 'adminPanel'}"
|
||||
>
|
||||
{{ $t('adminPanel') }}
|
||||
</router-link><router-link
|
||||
</router-link>
|
||||
<router-link
|
||||
v-if="user.permissions.fullAccess || user.permissions.accessControl"
|
||||
class="nav-link"
|
||||
:to="{name: 'blockers'}"
|
||||
>
|
||||
@@ -19,11 +22,15 @@
|
||||
</template>
|
||||
|
||||
<script>
|
||||
import { mapState } from '@/libs/store';
|
||||
import SecondaryMenu from '@/components/secondaryMenu';
|
||||
|
||||
export default {
|
||||
components: {
|
||||
SecondaryMenu,
|
||||
},
|
||||
computed: {
|
||||
...mapState({ user: 'user.data' }),
|
||||
},
|
||||
};
|
||||
</script>
|
||||
|
||||
@@ -329,8 +329,7 @@
|
||||
</div>
|
||||
</li>
|
||||
<li
|
||||
v-if="user.permissions.fullAccess ||
|
||||
user.permissions.userSupport"
|
||||
v-if="hasElevatedPrivileges"
|
||||
class="topbar-item droppable"
|
||||
:class="{
|
||||
'active': $route.path.startsWith('/admin')}"
|
||||
@@ -346,6 +345,7 @@
|
||||
></div>
|
||||
</div>
|
||||
<router-link
|
||||
v-if="user.permissions.fullAccess || user.permissions.userSupport"
|
||||
class="nav-link"
|
||||
:to="{name: 'adminPanel'}"
|
||||
>
|
||||
@@ -353,18 +353,21 @@
|
||||
</router-link>
|
||||
<div class="topbar-dropdown">
|
||||
<router-link
|
||||
v-if="user.permissions.fullAccess || user.permissions.userSupport"
|
||||
class="topbar-dropdown-item dropdown-item"
|
||||
:to="{name: 'adminPanel'}"
|
||||
>
|
||||
{{ $t("adminPanel") }}
|
||||
</router-link>
|
||||
<router-link
|
||||
v-if="user.permissions.fullAccess || user.permissions.accessControl"
|
||||
class="topbar-dropdown-item dropdown-item"
|
||||
:to="{name: 'blockers'}"
|
||||
>
|
||||
{{ $t("siteBlockers") }}
|
||||
</router-link>
|
||||
<a
|
||||
v-if="user.permissions.fullAccess || user.permissions.news"
|
||||
class="topbar-dropdown-item dropdown-item"
|
||||
target="_blank"
|
||||
href="https://panel.habitica.com"
|
||||
@@ -839,6 +842,12 @@ export default {
|
||||
params: { groupId: this.groupPlans[0]._id },
|
||||
};
|
||||
},
|
||||
hasElevatedPrivileges () {
|
||||
return this.user.permissions.fullAccess
|
||||
|| this.user.permissions.userSupport
|
||||
|| this.user.permissions.accessControl
|
||||
|| this.user.permissions.news;
|
||||
},
|
||||
},
|
||||
async mounted () {
|
||||
await this.getUserGroupPlans();
|
||||
|
||||
@@ -180,12 +180,13 @@ const router = new VueRouter({
|
||||
},
|
||||
|
||||
{
|
||||
name: 'adminPanel',
|
||||
name: 'adminSection',
|
||||
path: '/admin',
|
||||
component: AdminContainerPage,
|
||||
meta: {
|
||||
privilegeNeeded: [ // any one of these is enough to give access
|
||||
'userSupport',
|
||||
'accessControl',
|
||||
],
|
||||
},
|
||||
children: [
|
||||
@@ -227,7 +228,7 @@ const router = new VueRouter({
|
||||
component: BlockerPage,
|
||||
meta: {
|
||||
privilegeNeeded: [ // any one of these is enough to give access
|
||||
'userSupport',
|
||||
'accessControl',
|
||||
],
|
||||
},
|
||||
},
|
||||
|
||||
@@ -122,7 +122,7 @@ api.getUserHistory = {
|
||||
api.getBlockers = {
|
||||
method: 'GET',
|
||||
url: '/admin/blockers',
|
||||
middlewares: [authWithHeaders(), ensurePermission('userSupport')],
|
||||
middlewares: [authWithHeaders(), ensurePermission('accessControl')],
|
||||
async handler (req, res) {
|
||||
const blockers = await Blocker
|
||||
.find({ disabled: false })
|
||||
@@ -136,7 +136,7 @@ api.getBlockers = {
|
||||
api.createBlocker = {
|
||||
method: 'POST',
|
||||
url: '/admin/blockers',
|
||||
middlewares: [authWithHeaders(), ensurePermission('userSupport')],
|
||||
middlewares: [authWithHeaders(), ensurePermission('accessControl')],
|
||||
async handler (req, res) {
|
||||
const id = uuid();
|
||||
const blocker = await Blocker({
|
||||
@@ -151,7 +151,7 @@ api.createBlocker = {
|
||||
api.updateBlocker = {
|
||||
method: 'PUT',
|
||||
url: '/admin/blockers/:blockerId',
|
||||
middlewares: [authWithHeaders(), ensurePermission('userSupport')],
|
||||
middlewares: [authWithHeaders(), ensurePermission('accessControl')],
|
||||
async handler (req, res) {
|
||||
req.checkParams('blockerId', res.t('blockerIdRequired')).notEmpty().isUUID();
|
||||
|
||||
@@ -171,7 +171,7 @@ api.updateBlocker = {
|
||||
api.deleteBlocker = {
|
||||
method: 'DELETE',
|
||||
url: '/admin/blockers/:blockerId',
|
||||
middlewares: [authWithHeaders(), ensurePermission('userSupport')],
|
||||
middlewares: [authWithHeaders(), ensurePermission('accessControl')],
|
||||
async handler (req, res) {
|
||||
req.checkParams('blockerId', res.t('blockerIdRequired')).notEmpty().isUUID();
|
||||
|
||||
|
||||
@@ -224,6 +224,7 @@ export const UserSchema = new Schema({
|
||||
userSupport: Boolean, // access User Support feature in Admin Panel
|
||||
challengeAdmin: Boolean, // Can manage and administrate challenges
|
||||
moderator: Boolean, // Can ban, flag users and manage social spaces
|
||||
accessControl: Boolean, // Can manage IP and client blockers
|
||||
coupons: Boolean, // Can generate and request coupons
|
||||
},
|
||||
balance: { $type: Number, default: 0 },
|
||||
|
||||
Reference in New Issue
Block a user