Plugin Permissions based on user roles

polonel · polonel · commit aa89ca53254f · 2017-02-04T04:20:42.000-05:00
diff --git a/plugins/ipam/controllers/index.js b/plugins/ipam/controllers/index.js
@@ -1,9 +1,15 @@
 var path = require('path');
-var ipobj = require('../models/ipobj');
+var pluginHelpers = require('../../../src/helpers/plugins');
+var ipObj = require('../models/ipobj');
+var pluginJson = require('../plugin.json');
 
 var controller = {};
 
 controller.get = function(req, res) {
+    //Check plugin Permissions
+    if (!pluginHelpers.checkPermissions(req.user.role, pluginJson.permissions))
+        return res.redirect('/plugins');
+
     var self = this;
     self.content = {};
     self.content.title = "IPAM";
@@ -19,7 +25,7 @@ controller.get = function(req, res) {
     //     ipaddress: '192.168.1.1'
     // });
 
-    ipobj.getAll(function(err, ipos) {
+    ipObj.getAll(function(err, ipos) {
         if (err) return res.render('error', err);
 
         self.content.data.ipobjs = ipos;
@@ -29,4 +35,6 @@ controller.get = function(req, res) {
 };
 
 
+
+
 module.exports = controller;
diff --git a/plugins/ipam/plugin.json b/plugins/ipam/plugin.json
@@ -7,5 +7,7 @@
       "class": "material-icons",
       "icon": "desktop_windows"
     }
-  }
+  },
+
+  "permissions": "admin mod support"
 }
diff --git a/src/helpers/hbs/helpers.js b/src/helpers/hbs/helpers.js
@@ -568,6 +568,22 @@ var helpers = {
         }
     },
 
+    checkPlugin: function(user, permissions, options) {
+        if (user === undefined || permissions === undefined)
+            return options.inverse(this);
+        var pluginPermissions = permissions.split(' ');
+        var result = false;
+        for (var i = 0; i < pluginPermissions.length; i++) {
+            if (pluginPermissions[i] == user.role)
+                result = true;
+        }
+
+        if (result)
+            return options.fn(this);
+        else
+            return options.inverse(this);
+    },
+
     checkEditSelf: function(user, owner, perm, options) {
         var P = require('../../permissions');
         if (P.canThis(user.role, perm + ':editSelf')) {
@@ -663,6 +679,7 @@ helpers.foreach    = helpers.forEach;
 helpers.canUser    = helpers.checkPerm;
 helpers.canUserRole = helpers.checkRole;
 helpers.canEditSelf = helpers.checkEditSelf;
+helpers.hasPluginPerm = helpers.checkPlugin;
 helpers.inArray    = helpers.hasGroup;
 
 
diff --git a/src/helpers/plugins/index.js b/src/helpers/plugins/index.js
@@ -0,0 +1,32 @@
+/*
+      .                              .o8                     oooo
+   .o8                             "888                     `888
+ .o888oo oooo d8b oooo  oooo   .oooo888   .ooooo.   .oooo.o  888  oooo
+   888   `888""8P `888  `888  d88' `888  d88' `88b d88(  "8  888 .8P'
+   888    888      888   888  888   888  888ooo888 `"Y88b.   888888.
+   888 .  888      888   888  888   888  888    .o o.  )88b  888 `88b.
+   "888" d888b     `V88V"V8P' `Y8bod88P" `Y8bod8P' 8""888P' o888o o888o
+ ========================================================================
+ Created:    02/03/2017
+ Author:     Chris Brame
+
+ **/
+
+var pluginHelpers = {};
+
+pluginHelpers.checkPermissions = function(userRole, permissions) {
+    if (userRole === undefined || permissions === undefined)
+        return false;
+
+    var permissionArray = permissions.split(' ');
+    var result = false;
+    for (var i = 0; i < permissionArray.length; i++) {
+        if (userRole.toString().toLowerCase() == permissionArray[i].toString().toLowerCase())
+            result = true;
+    }
+
+    return result;
+};
+
+
+module.exports = pluginHelpers;
diff --git a/src/helpers/viewdata/index.js b/src/helpers/viewdata/index.js
@@ -327,7 +327,6 @@ viewController.getPluginsInfo = function(request, callback) {
         var pluginPackage = require(path.join(dir, '/plugin.json'));
         plugins.push(pluginPackage);
     }, function() {
-        console.log(plugins);
         return callback(null, _.sortBy(plugins, 'name'));
     });
 
diff --git a/src/middleware/index.js b/src/middleware/index.js
@@ -104,7 +104,6 @@ module.exports = function(app, db, callback) {
                if (err) throw err;
                var plugin = require(path.join(dir, 'plugin.json'));
                var pluginPublic = path.join(dir, '/public');
-               console.log(plugin.name);
                app.use('/plugins/' + plugin.name, express.static(pluginPublic));
             }, function() {
                next(null, store);
diff --git a/src/views/partials/nav.hbs b/src/views/partials/nav.hbs
@@ -67,7 +67,9 @@
             </a>
             <ul id="side-nav-sub-plugins" class="side-nav-sub {{#is nav 'plugins'}} subMenuOpen {{/is}}">
                 {{#each data.common.plugins}}
-                    <li {{#is ../subnav name}} class='active' {{/is}}><a href="{{menu.main.link}}"><i class="fa-sub-icon {{menu.main.class}}">{{menu.main.icon}}</i>{{menu.main.name}}</a></li>
+                    {{#hasPluginPerm ../data.user permissions}}
+                        <li {{#is ../subnav name}} class='active' {{/is}}><a href="{{menu.main.link}}"><i class="fa-sub-icon {{menu.main.class}}">{{menu.main.icon}}</i>{{menu.main.name}}</a></li>
+                    {{/hasPluginPerm}}
                 {{/each}}
             </ul>
         </li>

Original file line number	Diff line number	Diff line change
`@@ -7,5 +7,7 @@`
`7`	`7`	`"class": "material-icons",`
`8`	`8`	`"icon": "desktop_windows"`
`9`	`9`	`}`
`10`		`- }`
	`10`	`+ },`
	`11`	`+`
	`12`	`+ "permissions": "admin mod support"`
`11`	`13`	`}`