Главная Обзор Помощь
Вход
wiki
/
weseek__growi
зеркало из https://github.com/weseek/growi
2
0
Ответвить 0
Файлы Задачи 0 Вики
Просмотр исходного кода

Merge pull request #8996 from weseek/fix/151407-151408-unable-to-create-pages-under-restricted-page

fix: Enable page creation under GRANT_RESTRICTED pages
Yuki Takei 1 год назад
Родитель
f98e94401d b97db4c8a2
Сommit
7821bca0e9
2 измененных файлов с 4 добавлено и 3 удалено
Разделённый вид Показать статистику Diff
  1. 1 1
      apps/app/src/server/routes/apiv3/page/index.ts
  2. 3 2
      apps/app/src/server/service/page-grant.ts

+ 1 - 1
apps/app/src/server/routes/apiv3/page/index.ts
Просмотреть файл 

@@ -661,7 +661,7 @@ module.exports = (crowi) => {
 
         }
 
 
         const userRelatedGroups = await pageGrantService.getUserRelatedGroups(user);
 
-        const isUserGrantedPageAccess = await pageGrantService.isUserGrantedPageAccess(page, user, userRelatedGroups);
 
+        const isUserGrantedPageAccess = await pageGrantService.isUserGrantedPageAccess(page, user, userRelatedGroups, true);
 
         if (!isUserGrantedPageAccess) {
 
           return res.apiv3Err(new ErrorV3('Cannot access page or ancestor.', 'cannot_access_page'), 403);
 
         }

+ 3 - 2
apps/app/src/server/service/page-grant.ts
Просмотреть файл 

@@ -106,7 +106,7 @@ export interface IPageGrantService {
 
   getUserRelatedGrantedGroups: (page: PageDocument, user) => Promise<IGrantedGroup[]>,
 
   getUserRelatedGrantedGroupsSyncronously: (userRelatedGroups: PopulatedGrantedGroup[], page: PageDocument) => IGrantedGroup[],
 
   getNonUserRelatedGrantedGroups: (page: PageDocument, user) => Promise<IGrantedGroup[]>,
 
-  isUserGrantedPageAccess: (page: PageDocument, user, userRelatedGroups: PopulatedGrantedGroup[]) => boolean,
 
+  isUserGrantedPageAccess: (page: PageDocument, user, userRelatedGroups: PopulatedGrantedGroup[], allowAnyoneWithTheLink?: boolean) => boolean,
 
   getPageGroupGrantData: (page: PageDocument, user) => Promise<GroupGrantData>,
 
   calcApplicableGrantData: (page, user) => Promise<IRecordApplicableGrant>
 
 }
 
@@ -789,8 +789,9 @@ class PageGrantService implements IPageGrantService {
 
   /**
 
    * Check if user is granted access to page
 
    */
 
-  isUserGrantedPageAccess(page: PageDocument, user, userRelatedGroups: PopulatedGrantedGroup[]): boolean {
 
+  isUserGrantedPageAccess(page: PageDocument, user, userRelatedGroups: PopulatedGrantedGroup[], allowAnyoneWithTheLink = false): boolean {
 
     if (page.grant === PageGrant.GRANT_PUBLIC) return true;
 
+    if (page.grant === PageGrant.GRANT_RESTRICTED && allowAnyoneWithTheLink) return true;
 
     if (page.grant === PageGrant.GRANT_OWNER) return page.grantedUsers?.includes(user._id.toString()) ?? false;
 
     if (page.grant === PageGrant.GRANT_USER_GROUP) return this.getUserRelatedGrantedGroupsSyncronously(userRelatedGroups, page).length > 0;
 
     return false;