You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cordova.apache.org by st...@apache.org on 2015/02/14 01:18:56 UTC

cordova-registry git commit: removed admin user

Repository: cordova-registry
Updated Branches:
  refs/heads/master 8df754347 -> ef636d2b7


removed admin user


Project: http://git-wip-us.apache.org/repos/asf/cordova-registry/repo
Commit: http://git-wip-us.apache.org/repos/asf/cordova-registry/commit/ef636d2b
Tree: http://git-wip-us.apache.org/repos/asf/cordova-registry/tree/ef636d2b
Diff: http://git-wip-us.apache.org/repos/asf/cordova-registry/diff/ef636d2b

Branch: refs/heads/master
Commit: ef636d2b7a610fdc5cf5de62a68311a79633df08
Parents: 8df7543
Author: Steve Gill <st...@gmail.com>
Authored: Fri Feb 13 16:10:33 2015 -0800
Committer: Steve Gill <st...@gmail.com>
Committed: Fri Feb 13 16:10:33 2015 -0800

----------------------------------------------------------------------
 updates.js             |  9 +++++----
 validate_doc_update.js | 24 +++++++++++++++++++++---
 2 files changed, 26 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cordova-registry/blob/ef636d2b/updates.js
----------------------------------------------------------------------
diff --git a/updates.js b/updates.js
index 1d6674d..c3b0110 100644
--- a/updates.js
+++ b/updates.js
@@ -2,10 +2,9 @@ var updates = exports
 
 updates.package = function (doc, req) {
   require("monkeypatch").patch(Object, Date, Array, String)
-
   var semver = require("semver")
   var valid = require("valid")
-  function error (reason) {
+  function error (reason) {;
     return [{_id: "error: forbidden", forbidden:reason}, JSON.stringify({forbidden:reason})]
   }
 
@@ -94,14 +93,16 @@ updates.package = function (doc, req) {
     // update the package info
     var newdoc = JSON.parse(req.body)
       , changed = false
-    if (doc._rev && doc._rev !== newdoc._rev) {
+
+    /*if (doc._rev && doc._rev !== newdoc._rev) {
       return error( "must supply latest _rev to update existing package" )
-    }
+    }*/
     for (var i in newdoc) if (typeof newdoc[i] === "string" || i === "maintainers") {
       doc[i] = newdoc[i]
     }
     if (newdoc.versions) {
       doc.versions = newdoc.versions
+      
     }
     if (newdoc["dist-tags"]) {
       doc["dist-tags"] = newdoc["dist-tags"]

http://git-wip-us.apache.org/repos/asf/cordova-registry/blob/ef636d2b/validate_doc_update.js
----------------------------------------------------------------------
diff --git a/validate_doc_update.js b/validate_doc_update.js
index 8407174..e6afc07 100644
--- a/validate_doc_update.js
+++ b/validate_doc_update.js
@@ -3,11 +3,17 @@ module.exports = function (doc, oldDoc, user, dbCtx) {
     if (!ok) throw {forbidden:message}
   }
 
+  log('validate');
+  log(user);
   // can't write to the db without logging in.
   if (!user) {
     throw { unauthorized: "Please log in before writing to the db" }
   }
 
+  if (user.name === 'admin') {
+    throw {forbidden: "This version of plugman publish is broken, please update plugman with npm install -g plugman@latest."}
+  }
+
   try {
     require("monkeypatch").patch(Object, Date, Array, String)
   } catch (er) {
@@ -32,11 +38,13 @@ module.exports = function (doc, oldDoc, user, dbCtx) {
 
 
   // admins can do ANYTHING (even break stuff)
-  try {
+  
+  /*try {
+    log('isAdmin');
     if (isAdmin()) return
   } catch (er) {
     assert(false, "failed checking admin-ness")
-  }
+  }*/
 
   // figure out what changed in the doc.
   function diffObj (o, n, p) {
@@ -107,16 +115,23 @@ module.exports = function (doc, oldDoc, user, dbCtx) {
 
   // check if the user is allowed to write to this package.
   function validUser () {
+    log('validUser');
+    
     if ( !oldDoc || !oldDoc.maintainers ) return true
-    if (isAdmin()) return true
+    //if (isAdmin()) return true
+    log(oldDoc.maintainers);
     if (typeof oldDoc.maintainers !== "object") return true
     for (var i = 0, l = oldDoc.maintainers.length; i < l; i ++) {
+      log('i');
       if (oldDoc.maintainers[i].name === user.name) return true
     }
     return false
   }
 
   function isAdmin () {
+      log("isAdmin");
+      log(user.name);
+      log(dbCtx.admins)
     if (dbCtx &&
         dbCtx.admins) {
       if (dbCtx.admins.names &&
@@ -126,11 +141,14 @@ module.exports = function (doc, oldDoc, user, dbCtx) {
         if (dbCtx.admins.roles.indexOf(user.roles[i]) !== -1) return true
       }
     }
+    log('user.roles.indexOf');
+    log(user.roles);
     return user && user.roles.indexOf("_admin") >= 0
   }
 
   try {
     var vu = validUser()
+    log(vu);
   } catch (er) {
     assert(false, "problem checking user validity");
   }


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cordova.apache.org
For additional commands, e-mail: commits-help@cordova.apache.org