From c04079b4765728b426edc6ef09aa515dbb59ed29 Mon Sep 17 00:00:00 2001 From: bakape Date: Sat, 5 Dec 2015 17:28:18 +0200 Subject: [PATCH] Change: Remove DJ ability to moderate --- client/mod/toolbox.js | 4 ++-- common/util.js | 2 +- db.js | 9 ++++----- server/persona.js | 4 ++-- server/render.js | 2 +- server/web/admin.js | 2 +- 6 files changed, 11 insertions(+), 12 deletions(-) diff --git a/client/mod/toolbox.js b/client/mod/toolbox.js index fe612ec0a..47d5d63c7 100644 --- a/client/mod/toolbox.js +++ b/client/mod/toolbox.js @@ -24,7 +24,7 @@ const ToolboxView = Backbone.View.extend({ this.render(); }, render() { - const specs = this.specs = [ + let specs = this.specs = [ 'clearSelection', 'spoilerImages', 'deleteImages', @@ -34,7 +34,7 @@ const ToolboxView = Backbone.View.extend({ // Add aditional panel buttons by priveledge level if (main.ident.auth === 'dj') - specs.push('djPanel') + specs = this.specs = ['djPanel'] const accessLevels = [ ['dj', ['toggleMnemonics']], ['moderator', ['lockThreads', 'ban']], diff --git a/common/util.js b/common/util.js index 84f0313f1..d1e6b92f2 100644 --- a/common/util.js +++ b/common/util.js @@ -458,7 +458,7 @@ exports.commaList = commaList; // Acertains client has the proper authorisation level or higher function checkAuth(type, ident) { - const levels = ['janitor', 'dj', 'moderator', 'admin']; + const levels = ['dj', 'janitor', 'moderator', 'admin']; return levels.indexOf(type) <= levels.indexOf(ident.auth); } exports.checkAuth = checkAuth; diff --git a/db.js b/db.js index c6d1a4d14..6ea66030e 100644 --- a/db.js +++ b/db.js @@ -1181,11 +1181,10 @@ exports.Yakusoku = Yakusoku; class Reader extends events.EventEmitter { constructor(ident) { // Call the EventEmitter's constructor - super(); - if (common.checkAuth('janitor', ident)) { - this.canSeeModeration = true; - this.canSeeMnemonics = common.checkAuth('dj', ident); - } + super() + this.canSeeMnemonics = ident.auth === 'dj' + || common.checkAuth('moderator', ident) + this.canSeeModeration = common.checkAuth('janitor', ident) } get_thread(num, opts) { const key = 'thread:' + num; diff --git a/server/persona.js b/server/persona.js index f93a75139..5051dd9fc 100644 --- a/server/persona.js +++ b/server/persona.js @@ -69,8 +69,8 @@ function verify_auth(resp, packet) { if (packet.expires && packet.expires < Date.now()) return respond_error(resp, 'Login attempt expired.'); - const email = packet.email; - const auth = _.find(['admin', 'moderator', 'dj', 'janitor'], type => + const {email} = packet + const auth = _.find(['admin', 'moderator', 'janitor', 'dj'], type => config.staff[type] && email in config.staff[type]) if (!auth) { winston.error("Login attempt by " + email); diff --git a/server/render.js b/server/render.js index c97b0693f..556f370dc 100755 --- a/server/render.js +++ b/server/render.js @@ -153,7 +153,7 @@ class RenderBase { // Make script loader load moderation bundle const {ident} = this.req; - if (common.checkAuth('janitor', ident)) { + if (common.checkAuth('dj', ident)) { const keys = JSON.stringify(_.pick(ident, 'auth', 'csrf', 'email')); html += `var IDENT = ${keys};`; } diff --git a/server/web/admin.js b/server/web/admin.js index 7777b21c7..0954296f4 100644 --- a/server/web/admin.js +++ b/server/web/admin.js @@ -13,7 +13,7 @@ const router = module.exports = express.Router(); router.get('/mod.js', function (req, res) { // Admin/Moderator privelege is injected on page render and verified // serverside. Thus, we can serve the same bundle for both admins and mods. - if (!common.checkAuth('janitor', req.ident)) + if (!common.checkAuth('dj', req.ident)) return res.sendStatus(404); const modJS = resources.modJs;