Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added missing permissions to Contributor & Editor (#19881)
ref ENG-728 ref https://linear.app/tryghost/issue/ENG-728 This is NOT a functionality change. The Post#permissible method unit tests have been updated to pass `true` as `hasUserPermission` and we can see that the permission functionality remains the same. The permissible method of the post model is responsible for removing permission based on the data that is being modified, but the permissions module is setup to allow the permissible method to grant permission - this means that we call permissible, even if the current actor doesn't have permission, this results in code that is hard to understand and manage. We are going to be instead returning early if an actor does not have permission, this will allow permissible method signatures to be greatly simplified (removing the need for hasUserPermission, hasApiKeyPermission & hasMemberPermission arguments).
- Loading branch information
Showing
6 changed files
with
52 additions
and
36 deletions.
There are no files selected for viewing
20 changes: 20 additions & 0 deletions
20
...ore/server/data/migrations/versions/5.81/2024-03-18-16-20-add-missing-post-permissions.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
const {combineTransactionalMigrations, addPermissionToRole} = require('../../utils'); | ||
|
||
module.exports = combineTransactionalMigrations( | ||
addPermissionToRole({ | ||
permission: 'Edit posts', | ||
role: 'Author' | ||
}), | ||
addPermissionToRole({ | ||
permission: 'Edit posts', | ||
role: 'Contributor' | ||
}), | ||
addPermissionToRole({ | ||
permission: 'Delete posts', | ||
role: 'Author' | ||
}), | ||
addPermissionToRole({ | ||
permission: 'Delete posts', | ||
role: 'Contributor' | ||
}) | ||
); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters