Fixed the permission system.

Added more debug logging. Renamed the label in the Forum Manager and Editor from Hidden to Active. Fixed a bug in compileTemplates() where it only loads visible forums from the forum store possibly causing trouble. Fixed a bug in the /topics/ route where super admin status wasn't being taken into consideration. Dropped down a hotfix for the /topics/ route.
2017-09-24 01:49:41 +01:00 · 2017-09-24 01:49:41 +01:00 · b955f677a7
parent 2ef7726080
commit b955f677a7
8 changed files with 91 additions and 38 deletions
--- a/member_routes.go
+++ b/member_routes.go
@ -78,14 +78,16 @@ func routeTopicCreate(w http.ResponseWriter, r *http.Request, user User, sfid st

 		// Do a bulk forum fetch, just in case it's the SqlForumStore?
 		forum := fstore.DirtyGet(ffid)
-		fcopy := *forum
-		if hooks["topic_create_frow_assign"] != nil {
-			// TODO: Add the skip feature to all the other row based hooks?
-			if runHook("topic_create_frow_assign", &fcopy).(bool) {
-				continue
+		if forum.Name != "" && forum.Active {
+			fcopy := *forum
+			if hooks["topic_create_frow_assign"] != nil {
+				// TODO: Add the skip feature to all the other row based hooks?
+				if runHook("topic_create_frow_assign", &fcopy).(bool) {
+					continue
+				}
 			}
+			forumList = append(forumList, fcopy)
 		}
-		forumList = append(forumList, fcopy)
 	}

 	ctpage := CreateTopicPage{"Create Topic", user, headerVars, forumList, fid}
--- a/mysql.sql
+++ b/mysql.sql
@ -234,12 +234,21 @@ INSERT INTO users_groups(`name`,`permissions`,`plugin_perms`,`tag`) VALUES ('Not

 INSERT INTO forums(`name`,`active`) VALUES ('Reports',0);
 INSERT INTO forums(`name`,`lastTopicTime`,`lastTopicID`,`lastReplyer`,`lastReplyerID`,`lastTopic`) VALUES ('General',UTC_TIMESTAMP(),1,"Admin",1,'Test Topic');
+
 INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (1,1,'{"ViewTopic":true,"CreateReply":true,"CreateTopic":true,"PinTopic":true,"CloseTopic":true}');
 INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (2,1,'{"ViewTopic":true,"CreateReply":true,"CloseTopic":true}');
 INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (3,1,'{}');
 INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (4,1,'{}');
 INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (5,1,'{}');
 INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (6,1,'{}');
+
+INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (1,2,'{"ViewTopic":true,"CreateReply":true,"CreateTopic":true,"LikeItem":true,"EditTopic":true,"DeleteTopic":true,"EditReply":true,"DeleteReply":true,"PinTopic":true,"CloseTopic":true}');
+INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (2,2,'{"ViewTopic":true,"CreateReply":true,"CreateTopic":true,"LikeItem":true,"EditTopic":true,"DeleteTopic":true,"EditReply":true,"DeleteReply":true,"PinTopic":true,"CloseTopic":true}');
+INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (3,2,'{"ViewTopic":true,"CreateReply":true,"CreateTopic":true,"LikeItem":true}');
+INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (4,2,'{"ViewTopic":true}');
+INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (5,2,'{"ViewTopic":true}');
+INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (6,2,'{"ViewTopic":true}');
+
 INSERT INTO topics(`title`,`content`,`createdAt`,`lastReplyAt`,`lastReplyBy`,`createdBy`,`parentID`)
 VALUES ('Test Topic','A topic automatically generated by the software.',UTC_TIMESTAMP(),UTC_TIMESTAMP(),1,1,2);

--- a/permissions.go
+++ b/permissions.go
@ -303,7 +303,7 @@ func rebuildForumPermissions(fid int) error {
 	if dev.DebugMode {
 		log.Print("Loading the forum permissions")
 	}
-	forums, err := fstore.GetAll()
+	fids, err := fstore.GetAllIDs()
 	if err != nil {
 		return err
 	}
@ -350,28 +350,29 @@ func rebuildForumPermissions(fid int) error {
 		group.Forums = []ForumPerms{BlankForumPerms}
 		group.CanSee = []int{}

-		for ffid := range forums {
+		for _, ffid := range fids {
 			forumPerm, ok := forumPerms[group.ID][ffid]
 			if ok {
 				//log.Print("Overriding permissions for forum #" + strconv.Itoa(fid))
 				group.Forums = append(group.Forums, forumPerm)
-				if forumPerm.Overrides {
-					if forumPerm.ViewTopic {
-						group.CanSee = append(group.CanSee, ffid)
-					}
-				} else if group.Perms.ViewTopic {
-					group.CanSee = append(group.CanSee, ffid)
-				}
 			} else {
 				//log.Print("Inheriting from default for forum #" + strconv.Itoa(fid))
 				forumPerm = BlankForumPerms
 				group.Forums = append(group.Forums, forumPerm)
 			}
+			if forumPerm.Overrides {
+				if forumPerm.ViewTopic {
+					group.CanSee = append(group.CanSee, ffid)
+				}
+			} else if group.Perms.ViewTopic {
+				group.CanSee = append(group.CanSee, ffid)
+			}
 		}
 		if dev.SuperDebug {
 			log.Printf("group.CanSee %+v\n", group.CanSee)
 			log.Printf("group.Forums %+v\n", group.Forums)
-			log.Print("len(group.Forums)", len(group.Forums))
+			log.Print("len(group.CanSee)", len(group.CanSee))
+			log.Print("len(group.Forums)", len(group.Forums)) // This counts blank aka 0
 		}
 	}
 	return nil
@ -379,10 +380,13 @@ func rebuildForumPermissions(fid int) error {

 // ? - We could have buildForumPermissions and rebuildForumPermissions call a third function containing common logic?
 func buildForumPermissions() error {
-	forums, err := fstore.GetAll()
+	fids, err := fstore.GetAllIDs()
 	if err != nil {
 		return err
 	}
+	if dev.SuperDebug {
+		log.Print("fids: ", fids)
+	}

 	rows, err := getForumsPermissionsStmt.Query()
 	if err != nil {
@ -392,6 +396,9 @@ func buildForumPermissions() error {

 	if dev.DebugMode {
 		log.Print("Adding the forum permissions")
+		if dev.SuperDebug {
+			log.Print("forumPerms[gid][fid]")
+		}
 	}
 	// Temporarily store the forum perms in a map before transferring it to a much faster and thread-safe slice
 	forumPerms = make(map[int]map[int]ForumPerms)
@ -403,6 +410,10 @@ func buildForumPermissions() error {
 		if err != nil {
 			return err
 		}
+
+		if dev.SuperDebug {
+			log.Print("perms: ", string(perms))
+		}
 		err = json.Unmarshal(perms, &pperms)
 		if err != nil {
 			return err
@ -413,11 +424,14 @@ func buildForumPermissions() error {
 		if !ok {
 			forumPerms[gid] = make(map[int]ForumPerms)
 		}
+
+		if dev.SuperDebug {
+			log.Print("gid: ", gid)
+			log.Print("fid: ", fid)
+			log.Printf("perms: %+v;", pperms)
+		}
 		forumPerms[gid][fid] = pperms
 	}
-	if dev.SuperDebug {
-		log.Print("forumPerms ", forumPerms)
-	}

 	groups, err := gstore.GetAll()
 	if err != nil {
@ -430,32 +444,40 @@ func buildForumPermissions() error {
 		}
 		group.Forums = []ForumPerms{BlankForumPerms}
 		group.CanSee = []int{}
-		for fid := range forums {
+		for _, fid := range fids {
+			if dev.SuperDebug {
+				log.Printf("Forum #%+v\n", fid)
+			}
 			forumPerm, ok := forumPerms[group.ID][fid]
 			if ok {
 				// Override group perms
 				//log.Print("Overriding permissions for forum #" + strconv.Itoa(fid))
 				group.Forums = append(group.Forums, forumPerm)
-				if forumPerm.Overrides {
-					if forumPerm.ViewTopic {
-						group.CanSee = append(group.CanSee, fid)
-					}
-				} else if group.Perms.ViewTopic {
-					group.CanSee = append(group.CanSee, fid)
-				}
 			} else {
 				// Inherit from Group
-				// ? - Is this really inheriting from the Group? At-least for CanSee?
 				//log.Print("Inheriting from default for forum #" + strconv.Itoa(fid))
 				forumPerm = BlankForumPerms
 				group.Forums = append(group.Forums, forumPerm)
 			}
+			if forumPerm.Overrides {
+				if forumPerm.ViewTopic {
+					group.CanSee = append(group.CanSee, fid)
+				}
+			} else if group.Perms.ViewTopic {
+				group.CanSee = append(group.CanSee, fid)
+			}
+
+			if dev.SuperDebug {
+				log.Print("group.ID: ", group.ID)
+				log.Printf("forumPerm: %+v\n", forumPerm)
+				log.Print("group.CanSee: ", group.CanSee)
+			}
 		}
 		if dev.SuperDebug {
 			log.Printf("group.CanSee %+v\n", group.CanSee)
 			log.Printf("group.Forums %+v\n", group.Forums)
 			log.Print("len(group.CanSee)", len(group.CanSee))
-			log.Print("len(group.Forums)", len(group.Forums))
+			log.Print("len(group.Forums)", len(group.Forums)) // This counts blank aka 0
 		}
 	}
 	return nil
--- a/routes.go
+++ b/routes.go
@ -149,6 +149,7 @@ func routeTopics(w http.ResponseWriter, r *http.Request, user User) {
 	}
 	BuildWidgets("topics", nil, headerVars, r)

+	// TODO: Add a function for the qlist stuff
 	var qlist string
 	var fidList []interface{}
 	group, err := gstore.Get(user.Group)
@ -158,12 +159,30 @@ func routeTopics(w http.ResponseWriter, r *http.Request, user User) {
 		return
 	}

-	for _, fid := range group.CanSee {
-		if fstore.DirtyGet(fid).Name != "" {
+	var canSee []int
+	if user.IsSuperAdmin {
+		canSee, err = fstore.GetAllVisibleIDs()
+		if err != nil {
+			InternalError(err, w)
+			return
+		}
+	} else {
+		canSee = group.CanSee
+	}
+
+	for _, fid := range canSee {
+		forum := fstore.DirtyGet(fid)
+		if forum.Name != "" && forum.Active {
 			fidList = append(fidList, strconv.Itoa(fid))
 			qlist += "?,"
 		}
 	}
+
+	// ! Need an inline error not a page level error
+	if qlist == "" {
+		NotFound(w, r)
+		return
+	}
 	qlist = qlist[0 : len(qlist)-1]

 	var topicList []*TopicsRow
@ -400,7 +419,7 @@ func routeForums(w http.ResponseWriter, r *http.Request, user User) {
 	for _, fid := range canSee {
 		//log.Print(forums[fid])
 		var forum = *fstore.DirtyGet(fid)
-		if forum.ParentID == 0 {
+		if forum.ParentID == 0 && forum.Name != "" && forum.Active {
 			if forum.LastTopicID != 0 {
 				forum.LastTopicTime, err = relativeTime(forum.LastTopicTime)
 				if err != nil {
--- a/template_init.go
+++ b/template_init.go
@ -129,7 +129,7 @@ func compileTemplates() error {
 	}

 	var forumList []Forum
-	forums, err := fstore.GetAllVisible()
+	forums, err := fstore.GetAll()
 	if err != nil {
 		return err
 	}
--- a/templates/panel-forum-edit.html
+++ b/templates/panel-forum-edit.html
@ -19,7 +19,7 @@ var form_vars = {'perm_preset': ['can_moderate','can_post','read_only','no_acces
 			<div class="formitem"><input name="forum_desc" type="text" value="{{.Desc}}" placeholder="Where the general stuff happens" /></div>
 		</div>
 		<div class="formrow">
-			<div class="formitem formlabel"><a>Hidden?</a></div>
+			<div class="formitem formlabel"><a>Active</a></div>
 			<div class="formitem"><select name="forum_active">
 				<option{{if not .Active}} selected{{end}} value="1">Yes</option>
 				<option{{if .Active}} selected{{end}} value="0">No</option>
--- a/templates/panel-forums.html
+++ b/templates/panel-forums.html
@ -47,10 +47,10 @@
 				<div class="formitem"><input name="forum-desc" type="text" placeholder="Where all the super secret stuff happens" /></div>
 			</div>
 			<div class="formrow">
-				<div class="formitem formlabel"><a>Hidden?</a></div>
+				<div class="formitem formlabel"><a>Active</a></div>
 				<div class="formitem"><select name="forum-active">
-					<option value="0">Yes</option>
-					<option value="1">No</option>
+					<option value="1">Yes</option>
+					<option value="0">No</option>
 				</select></div>
 			</div>
 			<div class="formrow">
--- a/user_store.go
+++ b/user_store.go
@ -176,6 +176,7 @@ func (mus *MemoryUserStore) BulkGetMap(ids []int) (list map[int]*User, err error
 		return list, nil
 	}

+	// TODO: Add a function for the qlist stuff
 	var qlist string
 	var uidList []interface{}
 	for _, id := range ids {