IT4Change/Ocelot-Social
3
0
Fork 0
mirror of https://github.com/IT4Change/Ocelot-Social.git synced 2025-12-13 07:45:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
696 Commits 5 Branches 2 Tags
Commit Graph

119 Commits

Author SHA1 Message Date
Robert Schäfer
5cff508bd6 Disable/enable fullfills tests 2019-03-06 01:07:04 +01:00
Robert Schäfer
0a73ddd46d Refactor: custom resolvers for moderation 2019-03-05 23:59:54 +01:00
Robert Schäfer
2b7576521c Fix lint 
+ return more attributes in post factory for convenience
 2019-03-05 18:17:02 +01:00
Robert Schäfer
99cebc8d64 Implementation ready except disabled attr. 2019-03-05 17:45:10 +01:00
Robert Schäfer
f2e7e515a4 Check from: User! matches the authenticated user 2019-03-05 16:46:39 +01:00
Robert Schäfer
85d9d7043e Setup isModerator permission for disable relation 2019-03-05 16:25:01 +01:00
Robert Schäfer
f644507e4f Intermediate commit 2019-03-05 15:47:03 +01:00
Robert Schäfer
180491c08c Put isAuthor in permissions middleware 
I find it dirty to access the database in a middleware, ie. I would like
to put all access on the database as close to the resolver as possible.
However, in this case that would mean to put the authorization check in
the resolver, where nobody expects it to be.

CC @appinteractive
 2019-03-04 19:43:24 +01:00
Robert Schäfer
c869724d29 Let all tests pass 💚 2019-03-04 18:41:05 +01:00
Robert Schäfer
4a64755df7
Merge branch 'master' into 27_disable_posts 2019-03-03 15:27:27 +01:00
Robert Schäfer
8d1eb6026a Let all tests pass 💚 2019-03-03 14:35:08 +01:00
Wolfgang Huß
6937c60ef8 Only admins are allowed to create badges 2019-03-01 15:49:11 +01:00
Matt Rider
5e592f666b Write unit test badge creation 
- for unauthenticated
- for authenticated admin

Co-authored-by: Wolfgang Huss <wolle.huss@pjannto.com>
 2019-02-28 16:16:14 -03:00
Robert Schäfer
8febf147ce Fix lint 2019-02-28 18:37:52 +01:00
Robert Schäfer
f3ab671f21 Soft delete middleware test passes 2019-02-28 18:37:52 +01:00
Robert Schäfer
911500a3bd Don't override given { deleted, disabled } = args 
@appinteractive I guess this was done unintentionally?
 2019-02-28 18:37:52 +01:00
Robert Schäfer
738ba4f51c DRY softDeleteMiddleware 2019-02-28 18:37:52 +01:00
Robert Schäfer
ce28de893b Write a test for #27 
Moderators are allowed to see disabled or deleted posts if they
ask for it.
 2019-02-28 18:37:52 +01:00
Robert Schäfer
69bf53e05e Impplement currentUser query 
* remove dead code (passport-jwt)
* refactor resolves to have a separate folder
* currentUser and login have the same response
 2019-02-26 16:35:31 +01:00
Robert Schäfer
ec2b1050bc Less redundancy and more consistency in factories 
* use the same `relate` method for now
* use a capital letter for the model `user` instead of `User`
 2019-02-25 21:28:30 +01:00
Robert Schäfer
2e7e0579e4 Fix bug with id middleware 
Ids are queried only for well known queries and mutations
 2019-02-22 16:11:07 +01:00
Robert Schäfer
eda2ea34fc Incorporate @appinteractive's feedback 
@appinteractive can we merge this soon?
 2019-02-21 20:03:22 +01:00
Robert Schäfer
132dba04dd Refactor tests with the new factory API 2019-02-21 16:06:13 +01:00
Robert Schäfer
aa07a2a616 Refactor Id Middleware 
I found a way to cleanly request additional attributes in our
middleware. We can use this pattern if we e.g. require the author of
posts and comments to check if the user is the author and therefore
authorized to update or delete the post.

CC @mattwr18 @appinteractive @tirokk
 2019-02-21 10:50:41 +01:00
Robert Schäfer
4a1e06402a Fix lint 2019-02-20 15:26:49 +01:00
Robert Schäfer
7abc1583dc Implement + test unique slugs for user 
I put the relevant line on categories and organizations too, but I
didn't test it separately. I could have tested it but found it
unnecessary repeating
 2019-02-20 14:03:36 +01:00
Robert Schäfer
bfc5603fa8 All tests are passing! 2019-02-20 12:56:57 +01:00
Robert Schäfer
a61362b269 Fix slugify unit test with async mock functions 2019-02-20 11:48:06 +01:00
Robert Schäfer
ba26c0e188 Seed reported comments, posts and users 2019-02-20 11:36:50 +01:00
Robert Schäfer
3532b473ee Choose another slug is green 2019-02-20 01:30:32 +01:00
Robert Schäfer
7a70b9ece4 Implement authorization on Post mutations 2019-02-20 01:01:41 +01:00
Robert Schäfer
f1dd52f579 Expose yet another bug in the authorization 
Cannot read property id of null

CC @appinteractive
 2019-02-20 01:01:41 +01:00
Robert Schäfer
9c4e599ff1 Separate middleware for ids 2019-02-19 23:39:39 +01:00
Robert Schäfer
30bb54c6fa Fix slugify test 2019-02-19 23:00:59 +01:00
Robert Schäfer
e6a996e0dd Harden permissions spec 
If we expect an error to be thrown, the test should fail if no error was
raised.
 2019-02-19 22:55:23 +01:00
Robert Schäfer
f703164f1d Expose cannot read property id of null error 
CC @appinteractive
 2019-02-19 13:36:02 +01:00
Robert Schäfer
924a57a7ca Seed badges and tags 2019-02-18 22:48:22 +01:00
Robert Schäfer
1734554a88 Fix seeds without the use of neode 
@appinteractive ping
 2019-02-18 15:35:45 +01:00
Robert Schäfer
f17242b824 Transfer relevant changes from branch neode 2019-02-18 12:57:07 +01:00
Grzegorz Leoniec
2f2bc5e507
Improved link cleaning 2019-02-07 08:46:34 +01:00
Grzegorz Leoniec
ad2bba586e
Fixed link target 2019-02-06 17:20:38 +01:00
Grzegorz Leoniec
cc5701a193
Do not catch issues on user assign at post create 2019-02-04 17:20:04 +01:00
Grzegorz Leoniec
ca076bbcb9
Assign post to current user on creation 2019-02-04 17:19:26 +01:00
Grzegorz Leoniec
3583259aa6
Merge branch 'master' into editor 2019-02-04 10:56:32 +01:00
Grzegorz Leoniec
aba356395b
allow h3, h4 nad hr tags 2019-01-28 12:19:48 +01:00
Grzegorz Leoniec
827687b3bc
Add content excerpt also on update 2019-01-28 12:19:35 +01:00
Grzegorz Leoniec
8c36d9a740
Updated XSS 2019-01-28 11:06:54 +01:00
Grzegorz Leoniec
31d44fe395
Improved xss cleaning 2019-01-28 10:06:30 +01:00
Grzegorz Leoniec
fa6e5b69ed
Merge branch 'master' into 100_2_download_uploads_and_more 2019-01-26 09:39:31 +01:00
Robert Schäfer
f273240fd8
Merge branch 'master' into report-content 2019-01-22 13:33:57 +01:00