From 6af61d710e7fef827697f300d09441e67af5a315 Mon Sep 17 00:00:00 2001 From: jaredhilton Date: Tue, 7 Feb 2017 15:40:55 -0600 Subject: [PATCH] For #3651, adjustments based on requested changes --- packages/rocketchat-api/package.js | 5 +++++ .../server/default/helpers/getLoggedInUser.js | 9 +++++++++ packages/rocketchat-api/server/default/info.js | 8 ++++++-- .../rocketchat-api/server/v1/helpers/getLoggedInUser.js | 9 +++++++++ packages/rocketchat-api/server/v1/misc.js | 4 +++- 5 files changed, 32 insertions(+), 3 deletions(-) create mode 100644 packages/rocketchat-api/server/default/helpers/getLoggedInUser.js create mode 100644 packages/rocketchat-api/server/v1/helpers/getLoggedInUser.js diff --git a/packages/rocketchat-api/package.js b/packages/rocketchat-api/package.js index d2eee06b508..6918b5f1da8 100644 --- a/packages/rocketchat-api/package.js +++ b/packages/rocketchat-api/package.js @@ -20,7 +20,12 @@ Package.onUse(function(api) { api.addFiles('server/v1/helpers/getPaginationItems.js', 'server'); api.addFiles('server/v1/helpers/getUserFromParams.js', 'server'); api.addFiles('server/v1/helpers/parseJsonQuery.js', 'server'); + api.addFiles('server/v1/helpers/getLoggedInUser.js', 'server'); + //Register default helpers + api.addFiles('server/default/helpers/getLoggedInUser.js', 'server'); + + //Add default routes api.addFiles('server/default/info.js', 'server'); api.addFiles('server/default/metrics.js', 'server'); diff --git a/packages/rocketchat-api/server/default/helpers/getLoggedInUser.js b/packages/rocketchat-api/server/default/helpers/getLoggedInUser.js new file mode 100644 index 00000000000..7e1b54142b2 --- /dev/null +++ b/packages/rocketchat-api/server/default/helpers/getLoggedInUser.js @@ -0,0 +1,9 @@ +RocketChat.API.default.helperMethods.set('getLoggedInUser', function _getLoggedInUser() { + let user; + + if (this.request.headers['x-user-id'] && this.request.headers['x-auth-token']) { + user = RocketChat.models.Users.findOneById(this.request.headers['x-user-id']); + } + + return user; +}); diff --git a/packages/rocketchat-api/server/default/info.js b/packages/rocketchat-api/server/default/info.js index 23c2b7c1b00..d0844b3c05e 100644 --- a/packages/rocketchat-api/server/default/info.js +++ b/packages/rocketchat-api/server/default/info.js @@ -1,7 +1,11 @@ RocketChat.API.default.addRoute('info', { authRequired: false }, { get: function() { - if (this.request.headers['x-user-id'] != null && RocketChat.authz.hasRole(this.request.headers['x-user-id'], 'admin')) { - return RocketChat.Info; + let user = this.getLoggedInUser(); + + if (user && RocketChat.authz.hasRole(user._id, 'admin')) { + return { + info: RocketChat.Info + }; } return RocketChat.API.v1.success({ diff --git a/packages/rocketchat-api/server/v1/helpers/getLoggedInUser.js b/packages/rocketchat-api/server/v1/helpers/getLoggedInUser.js new file mode 100644 index 00000000000..33fa3237049 --- /dev/null +++ b/packages/rocketchat-api/server/v1/helpers/getLoggedInUser.js @@ -0,0 +1,9 @@ +RocketChat.API.v1.helperMethods.set('getLoggedInUser', function _getLoggedInUser() { + let user; + + if (this.request.headers['x-user-id'] && this.request.headers['x-auth-token']) { + user = RocketChat.models.Users.findOneById(this.request.headers['x-user-id']); + } + + return user; +}); diff --git a/packages/rocketchat-api/server/v1/misc.js b/packages/rocketchat-api/server/v1/misc.js index abecc0118ac..7d861e5b3a1 100644 --- a/packages/rocketchat-api/server/v1/misc.js +++ b/packages/rocketchat-api/server/v1/misc.js @@ -1,6 +1,8 @@ RocketChat.API.v1.addRoute('info', { authRequired: false }, { get: function() { - if (this.request.headers['x-user-id'] != null && RocketChat.authz.hasRole(this.request.headers['x-user-id'], 'admin')) { + let user = this.getLoggedInUser(); + + if (user && RocketChat.authz.hasRole(user._id, 'admin')) { return { info: RocketChat.Info };