Skip to content

App Permissions from package.json#2179

Closed
jgable wants to merge 1 commit intoTryGhost:masterfrom
jgable:appPermissions
Closed

App Permissions from package.json#2179
jgable wants to merge 1 commit intoTryGhost:masterfrom
jgable:appPermissions

Conversation

@jgable
Copy link
Contributor

@jgable jgable commented Feb 12, 2014

Progress on #2095 and #2059

  • Add new AppPermissions class with read() method
  • has default permissions to read and browse posts
  • uses default permissions if no package.json
  • uses default permissions if no ghost object in package.json
  • uses default permissions errors when reading malformed package.json
  • uses ghost.permissions if found in package.json

@jgable
Copy link
Contributor Author

jgable commented Feb 12, 2014

I know #2156 is in flight for loading package.json in a standard way. I can update this to use that when it lands. Should just mean I replace my current getPackageContents implementation.

My plan was that once this is reviewed and in place we can either put it into the permissions tables and refresh canThis or pass it to the proxy to manage. If the proxy handles this, I'll refactor proxy.js into a class that takes the app name and permissions and adds checks before the api calls, each app would get their own instance of the proxy then.

@javorszky
Copy link
Contributor

javorszky commented Feb 12, 2014

@jgable , I'm about half a day away from updating #2156 as per Hannah's last comment. Just need a warning message as well. Expect this to be final in about 4 hours hopefully.

@ErisDS ErisDS mentioned this pull request Feb 12, 2014
Closed
This was referenced Feb 12, 2014
Closed
Closed
@jgable
Copy link
Contributor Author

jgable commented Feb 17, 2014

I'm gonna be honest. I don't want to use require-tree to parse the package.json. Just looking at it and I can't directly call parsePackageJson I'd have to call readAll. Also, that file could use some refactoring. The extend method should be using _.extend, and the way messages are shared globally across all the functions is kinda hacky. If we don't want many different ways of parsing a package.json, then we need to export a function that just does that, not the whole directory.

If you want I can put together another PR to clean up that file and then use it here.

@halfdan
Copy link
Contributor

halfdan commented Feb 17, 2014

@jgable Picked that up literally 5 minutes before you mentioned it :-)

halfdan added a commit to halfdan/Ghost that referenced this pull request Feb 17, 2014
@halfdan
Remove unneeded extend implementation.
6083cfc 
refs TryGhost#2179, TryGhost#2156
- Replace extend with _.extend
@halfdan halfdan mentioned this pull request Feb 17, 2014
Merged
@sebgie
Copy link
Contributor

sebgie commented Feb 28, 2014

@jgable is there something missing from this PR due to require-tree? The extend method was replaced, but readAll is still used.

@jgable
Copy link
Contributor Author

jgable commented Feb 28, 2014

I want to refactor that require-tree before I use it so I don't have to call readAll, just haven't had time yet. I'm hoping to get to it today.

@jgable jgable mentioned this pull request Feb 28, 2014
Merged
@jgable
App Permissions from package.json
ee6eb76 
Progress on TryGhost#2095

- Add new AppPermissions class with read() method
- has default permissions to read and browse posts
- uses default permissions if no package.json
- uses default permissions if no ghost object in package.json
- errors when reading malformed package.json
- uses ghost.permissions if found in package.json
@jgable
Copy link
Contributor Author

jgable commented Mar 6, 2014

Updated

Refactored to use parsePackageJson from require-tree. Still a little weird to pass messages around instead of just have it reject the deferred.

@ErisDS ErisDS mentioned this pull request Mar 7, 2014
Closed
4 tasks
ErisDS added a commit that referenced this pull request Mar 14, 2014
@ErisDS
Merge pull request #2179 from jgable/appPermissions
698fee4
@ErisDS
Copy link
Member

ErisDS commented Mar 14, 2014

This is now on 003-data-updates

@ErisDS ErisDS closed this Mar 14, 2014
@ErisDS
Copy link
Member

ErisDS commented Mar 20, 2014

Still a little weird to pass messages around instead of just have it reject the deferred.

Why are we doing this? Is it to prevent require-tree from requiring errorHandling.js?

@jgable
Copy link
Contributor Author

jgable commented Mar 20, 2014

I think it's just a legacy implementation thing. I guess it's because more than one error could happen and didn't want to reject with an array of errors.

ErisDS added a commit that referenced this pull request Apr 2, 2014
@ErisDS
Merge pull request #2179 from jgable/appPermissions
9825b38
@ErisDS
Copy link
Member

ErisDS commented Apr 3, 2014

This has been remerged onto the apps-perms branch which is basically master with all the data changes on it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@sebgie sebgie

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@jgable @javorszky @halfdan @sebgie @ErisDS