|
|
|
@ -14,7 +14,7 @@ var factory = function (Util, Hash, CPNetflux, Sortify, nThen, Crypto) {
|
|
|
|
user0CurveKey: {
|
|
|
|
user0CurveKey: {
|
|
|
|
notifications: "", // required
|
|
|
|
notifications: "", // required
|
|
|
|
displayName: "", // required
|
|
|
|
displayName: "", // required
|
|
|
|
role: "OWNER|ADMIN|MEMBER", // MEMBER if not specified
|
|
|
|
role: "OWNER|ADMIN|MEMBER|VIEWER", // VIEWER if not specified
|
|
|
|
profile: "",
|
|
|
|
profile: "",
|
|
|
|
title: ""
|
|
|
|
title: ""
|
|
|
|
},
|
|
|
|
},
|
|
|
|
@ -53,7 +53,7 @@ var factory = function (Util, Hash, CPNetflux, Sortify, nThen, Crypto) {
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
var isValidRole = function (role) {
|
|
|
|
var isValidRole = function (role) {
|
|
|
|
return ['OWNER', 'ADMIN', 'MEMBER'].indexOf(role) !== -1;
|
|
|
|
return ['OWNER', 'ADMIN', 'MEMBER', 'VIEWER'].indexOf(role) !== -1;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
var canAddRole = function (author, role, members) {
|
|
|
|
var canAddRole = function (author, role, members) {
|
|
|
|
@ -65,8 +65,8 @@ var factory = function (Util, Hash, CPNetflux, Sortify, nThen, Crypto) {
|
|
|
|
|
|
|
|
|
|
|
|
// owners can add any valid role they want
|
|
|
|
// owners can add any valid role they want
|
|
|
|
if (authorRole === 'OWNER') { return true; }
|
|
|
|
if (authorRole === 'OWNER') { return true; }
|
|
|
|
// admins can add other admins or members
|
|
|
|
// admins can add other admins or members or viewers
|
|
|
|
if (authorRole === "ADMIN") { return ['ADMIN', 'MEMBER'].indexOf(role) !== -1; }
|
|
|
|
if (authorRole === "ADMIN") { return ['ADMIN', 'MEMBER', 'VIEWER'].indexOf(role) !== -1; }
|
|
|
|
// (MEMBER, other) can't add anyone of any role
|
|
|
|
// (MEMBER, other) can't add anyone of any role
|
|
|
|
return false;
|
|
|
|
return false;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
@ -105,7 +105,7 @@ var factory = function (Util, Hash, CPNetflux, Sortify, nThen, Crypto) {
|
|
|
|
// owners can remove anyone they want
|
|
|
|
// owners can remove anyone they want
|
|
|
|
if (authorRole === 'OWNER') { return true; }
|
|
|
|
if (authorRole === 'OWNER') { return true; }
|
|
|
|
// admins can remove other admins or members
|
|
|
|
// admins can remove other admins or members
|
|
|
|
if (authorRole === "ADMIN") { return ["ADMIN", "MEMBER"].indexOf(role) !== -1; }
|
|
|
|
if (authorRole === "ADMIN") { return ["ADMIN", "MEMBER", "VIEWER"].indexOf(role) !== -1; }
|
|
|
|
// MEMBERS and non-members cannot remove anyone of any role
|
|
|
|
// MEMBERS and non-members cannot remove anyone of any role
|
|
|
|
return false;
|
|
|
|
return false;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
@ -168,8 +168,8 @@ var factory = function (Util, Hash, CPNetflux, Sortify, nThen, Crypto) {
|
|
|
|
if (members[curve]) { throw new Error("ALREADY_PRESENT"); }
|
|
|
|
if (members[curve]) { throw new Error("ALREADY_PRESENT"); }
|
|
|
|
|
|
|
|
|
|
|
|
var data = args[curve];
|
|
|
|
var data = args[curve];
|
|
|
|
// if no role was provided, assume MEMBER
|
|
|
|
// if no role was provided, assume VIEWER
|
|
|
|
if (typeof(data.role) !== 'string') { data.role = 'MEMBER'; }
|
|
|
|
if (typeof(data.role) !== 'string') { data.role = 'VIEWER'; }
|
|
|
|
|
|
|
|
|
|
|
|
if (!canAddRole(author, data.role, members)) {
|
|
|
|
if (!canAddRole(author, data.role, members)) {
|
|
|
|
throw new Error("INSUFFICIENT_PERMISSIONS");
|
|
|
|
throw new Error("INSUFFICIENT_PERMISSIONS");
|
|
|
|
|
yflory
5 years ago