mirror of
https://github.com/overleaf/overleaf.git
synced 2024-09-16 02:52:31 -04:00
Merge pull request #1825 from overleaf/ta-institutions-staff-hub
Create Institutions Staff Hub GitOrigin-RevId: 6926406951796d2e7dd0903c3d3c4dae87545390
This commit is contained in:
Timothée Alby
sharelatex
parent
14cbeef31d
commit
a8edafe104
2 changed files with 43 additions and 2 deletions
|
|
@ -88,6 +88,18 @@ module.exports = UserMembershipAuthorization = {
|
||||||
)
|
)
|
||||||
},
|
},
|
||||||
|
|
||||||
|
requireInstitutionManagementStaffAccess(req, res, next) {
|
||||||
|
return requireAccessToEntity(
|
||||||
|
'institution',
|
||||||
|
req.params.id,
|
||||||
|
req,
|
||||||
|
res,
|
||||||
|
next,
|
||||||
|
'institutionManagement',
|
||||||
|
true
|
||||||
|
)
|
||||||
|
},
|
||||||
|
|
||||||
requirePublisherMetricsAccess(req, res, next) {
|
requirePublisherMetricsAccess(req, res, next) {
|
||||||
return requireAccessToEntity(
|
return requireAccessToEntity(
|
||||||
'publisher',
|
'publisher',
|
||||||
|
|
@ -215,13 +227,28 @@ var requireAccessToEntity = function(
|
||||||
req,
|
req,
|
||||||
res,
|
res,
|
||||||
next,
|
next,
|
||||||
requiredStaffAccess = null
|
requiredStaffAccess = null,
|
||||||
|
asStaff
|
||||||
) {
|
) {
|
||||||
|
if (asStaff == null) {
|
||||||
|
asStaff = false
|
||||||
|
}
|
||||||
const loggedInUser = AuthenticationController.getSessionUser(req)
|
const loggedInUser = AuthenticationController.getSessionUser(req)
|
||||||
if (!loggedInUser) {
|
if (!loggedInUser) {
|
||||||
return AuthorizationMiddleware.redirectToRestricted(req, res, next)
|
return AuthorizationMiddleware.redirectToRestricted(req, res, next)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (asStaff) {
|
||||||
|
if (
|
||||||
|
!loggedInUser.isAdmin &&
|
||||||
|
!(loggedInUser.staffAccess != null
|
||||||
|
? loggedInUser.staffAccess[requiredStaffAccess]
|
||||||
|
: undefined)
|
||||||
|
) {
|
||||||
|
return AuthorizationMiddleware.redirectToRestricted(req, res, next)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return getEntity(
|
return getEntity(
|
||||||
entityName,
|
entityName,
|
||||||
entityId,
|
entityId,
|
||||||
|
|
|
||||||
|
|
@ -171,7 +171,7 @@ describe('UserMembershipAuthorization', function() {
|
||||||
)
|
)
|
||||||
})
|
})
|
||||||
|
|
||||||
return it('handle anonymous user', function(done) {
|
it('handle anonymous user', function(done) {
|
||||||
this.AuthenticationController.getSessionUser.returns(null)
|
this.AuthenticationController.getSessionUser.returns(null)
|
||||||
return this.UserMembershipAuthorization.requireGroupMetricsAccess(
|
return this.UserMembershipAuthorization.requireGroupMetricsAccess(
|
||||||
this.req,
|
this.req,
|
||||||
|
|
@ -185,6 +185,20 @@ describe('UserMembershipAuthorization', function() {
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
})
|
})
|
||||||
|
|
||||||
|
return it('checks user is staff if required', function(done) {
|
||||||
|
return this.UserMembershipAuthorization.requireInstitutionManagementStaffAccess(
|
||||||
|
this.req,
|
||||||
|
null,
|
||||||
|
error => {
|
||||||
|
expect(error).to.not.exist
|
||||||
|
sinon.assert.called(this.AuthorizationMiddleware.redirectToRestricted)
|
||||||
|
sinon.assert.notCalled(this.UserMembershipHandler.getEntity)
|
||||||
|
expect(this.req.entity).to.not.exist
|
||||||
|
return done()
|
||||||
|
}
|
||||||
|
)
|
||||||
|
})
|
||||||
})
|
})
|
||||||
|
|
||||||
return describe('requireEntityAccess', function() {
|
return describe('requireEntityAccess', function() {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue