Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

User Permissions: Edit, Add, Destroy & Role management #3395

Merged
merged 4 commits into from
Jul 28, 2014
Merged

User Permissions: Edit, Add, Destroy & Role management #3395

merged 4 commits into from
Jul 28, 2014

Conversation

ErisDS
Copy link
Member

@ErisDS ErisDS commented Jul 25, 2014

refs #3083, closes #3096

Changes to permissions

In order to implement advanced permissions based on roles for specific actions, we need to know what role the current context user has and also what action we are granting permissions for:

  • Permissible gets passed the action type
  • Effective permissions keeps the user role and eventually passes it to permissible

User Edit

  • permissions are now properly restricted by role

User Add

  • in progress

Role API

  • Added some tests
  • Fixed the issue with browse, which was much easier as a result of my changes to the effective permissions

@ErisDS ErisDS mentioned this pull request Jul 25, 2014
Closed
@ErisDS
Permissions Improvements
4e3b21b 
refs TryGhost#3083, TryGhost#3096

In order to implement advanced permissions based on roles for specific
actions, we need to know
what role the current context user has and also what action we are
granting permissions for:
- Permissible gets passed the action type
- Effective permissions keeps the user role and eventually passes it to
  permissible
- Fixed spelling
- Still needs tests
@ErisDS
Improving error handling
e7dc51d
@ErisDS
Adding role API tests & fixing browse
7714dc6 
refs TryGhost#3083, refs TryGhost#3196
@ErisDS
User edit, add & destroy perms restricted by role
987e927 
closes TryGhost#3096, closes TryGhost#3378, refs TryGhost#3100

- user.permissible updated to reflect proper permissions
- small amount of API refactoring to handle extra cases
- extensive integration testing
@ErisDS ErisDS changed the title [WIP] User Permissions User Permissions: Edit, Add, Destroy & Role management Jul 28, 2014
sebgie added a commit that referenced this pull request Jul 28, 2014
@sebgie
Merge pull request #3395 from ErisDS/issue-3096
cc471ae 
User Permissions: Edit, Add, Destroy & Role management
@sebgie sebgie merged commit cc471ae into TryGhost:master Jul 28, 2014
@ErisDS ErisDS mentioned this pull request Jul 28, 2014
Merged
@ErisDS ErisDS deleted the issue-3096 branch July 30, 2014 12:51
@snyk-bot snyk-bot mentioned this pull request Jan 13, 2022
Open
@amgir amgir mentioned this pull request Sep 24, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

User API Permissions: Restrict based on role
2 participants
@ErisDS @sebgie