github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2025-03-22 02:04:31 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request from overleaf/sk-fix-restricted-users-none

Browse source 
Restricted users: fix case when privilege level is false

GitOrigin-RevId: efc2f80ab326ab07abef303e1db98e3586d3759b
This commit is contained in:
Shane Kilkelly 2019-11-07 10:28:09 +00:00 committed by sharelatex
parent 2c0c21554a
commit 2da14bcc77
2 changed files with 10 additions and 3 deletions
services/web
app/src/Features/Authorization
AuthorizationManager.js
test/unit/src/Authorization
AuthorizationManagerTests.js

7
services/web/app/src/Features/Authorization/AuthorizationManager.js
View file

@ -11,16 +11,19 @@ const TokenAccessHandler = require('../TokenAccess/TokenAccessHandler')
module.exports = AuthorizationManager = {
isRestrictedUser(userId, privilegeLevel, isTokenMember) {
if (privilegeLevel === PrivilegeLevels.NONE) {
return true
}
return (
privilegeLevel === PrivilegeLevels.READ_ONLY && (isTokenMember || !userId)
)
},
isRestrictedUserForProject(userId, projectId, callback) {
isRestrictedUserForProject(userId, projectId, token, callback) {
this.getPrivilegeLevelForProject(
userId,
projectId,
null,
token,
(err, privilegeLevel) => {
if (err) {
return callback(err)

6
services/web/test/unit/src/Authorization/AuthorizationManagerTests.js
View file

@ -55,7 +55,11 @@ describe('AuthorizationManager', function() {
]
const restrictedScenarios = [
[null, 'readOnly', false],
['id', 'readOnly', true]
['id', 'readOnly', true],
[null, false, true],
[null, false, false],
['id', false, true],
['id', false, false]
]
for (var notRestrictedArgs of notRestrictedScenarios) {
expect(