Skip to content

Commit

Permalink
updates
Browse files Browse the repository at this point in the history
  • Loading branch information
Thanh Nguyen authored and Thanh Nguyen committed Mar 5, 2017
1 parent 9322c35 commit ffb2c56
Show file tree
Hide file tree
Showing 1,052 changed files with 83 additions and 275,491 deletions.
74 changes: 32 additions & 42 deletions permissions.bolt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,66 +15,56 @@
//
// See https://www.firebase.com/docs/security/guide/user-security.html

path /users/{uid} {
path /users {
read() {
isSignedIn()
}
/{uid} {
/profile {
create() {
isAdmin()
}

create() {
isAdmin()
}
update() {
isAdmin() || isCurrentUser(uid)
}

update() {
isAdmin() || isCurrentUser(uid)
}
delete() {
isAdmin() || isCurrentUser(uid)
}
}

delete() {
isAdmin() || isCurrentUser(uid)
}
}

path /admins/{uid} {
read() {
isSignedIn()
/roles {
write() { isAdmin() }
}
}
write() { isAdmin() }
}

path /projects/{project_id} {
path /projects {
read() { isSignedIn() }
create() { isSignedIn() }
update() { isAdmin() || isProjectAdmin(project_id) }
delete() { false }

/admins {
write() { isAdmin() }
}

/allowusers {
write() { isAdmin() }
}
/{project_id} {
read() { isSignedIn() }
create() { isSignedIn() }
update() { isAdmin() || isProjectAdmin(project_id) }
delete() { false }

/denyusers {
write() { isAdmin() }
}


/allowmodules {
write() { isAdmin() }
}
/members {
write() { isAdmin() }
}

/denymodules {
write() { isAdmin() }
/modules {
write() { isAdmin() }
}
}
}

//
// Helper Functions
//
isCurrentUser(id) { auth != null && auth.uid == id }
isNew(ref) { prior(ref) == null }
isSignedIn() { auth != null }
isAdmin() { auth != null && root.admins[auth.uid] == true }
cantDelete() { !(delete()) }
adminCanUpdate() { auth != null && root.projects[project_id].admins[auth.uid] == true }
isProjectAdmin(project_id) { auth != null && root.projects[project_id].admins[auth.uid] == true }
isAdmin() { auth != null && root.users[auth.uid].roles.admin == true }
adminCanUpdate() { auth != null && root.projects[project_id].members[auth.uid].isAdmin == true }
isProjectAdmin(project_id) { auth != null && root.projects[project_id].members[auth.uid].isAdmin == true }
isProjectMember(project_id) { root.projects[project_id].members[auth.uid].exists() }
39 changes: 15 additions & 24 deletions permissions.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,36 +2,27 @@
"rules": {
"users": {
"$uid": {
".write": "data.val() == null && (auth != null && newData.parent().parent().child('admins').child(auth.uid).val() == true) || data.val() != null && newData.val() != null && (auth != null && newData.parent().parent().child('admins').child(auth.uid).val() == true || auth != null && auth.uid == $uid) || data.val() != null && newData.val() == null && (auth != null && newData.parent().parent().child('admins').child(auth.uid).val() == true || auth != null && auth.uid == $uid)",
".read": "auth != null"
}
},
"admins": {
"$uid": {
".read": "auth != null",
".write": "auth != null && newData.parent().parent().child('admins').child(auth.uid).val() == true"
}
"profile": {
".write": "data.val() == null && (auth != null && newData.parent().parent().parent().child('users').child(auth.uid).child('roles').child('admin').val() == true) || data.val() != null && newData.val() != null && (auth != null && newData.parent().parent().parent().child('users').child(auth.uid).child('roles').child('admin').val() == true || auth != null && auth.uid == $uid) || data.val() != null && newData.val() == null && (auth != null && newData.parent().parent().parent().child('users').child(auth.uid).child('roles').child('admin').val() == true || auth != null && auth.uid == $uid)"
},
"roles": {
".write": "auth != null && newData.parent().parent().parent().child('users').child(auth.uid).child('roles').child('admin').val() == true"
}
},
".read": "auth != null"
},
"projects": {
"$project_id": {
"admins": {
".write": "auth != null && newData.parent().parent().parent().child('admins').child(auth.uid).val() == true"
},
"allowusers": {
".write": "auth != null && newData.parent().parent().parent().child('admins').child(auth.uid).val() == true"
},
"denyusers": {
".write": "auth != null && newData.parent().parent().parent().child('admins').child(auth.uid).val() == true"
},
"allowmodules": {
".write": "auth != null && newData.parent().parent().parent().child('admins').child(auth.uid).val() == true"
"members": {
".write": "auth != null && newData.parent().parent().parent().child('users').child(auth.uid).child('roles').child('admin').val() == true"
},
"denymodules": {
".write": "auth != null && newData.parent().parent().parent().child('admins').child(auth.uid).val() == true"
"modules": {
".write": "auth != null && newData.parent().parent().parent().child('users').child(auth.uid).child('roles').child('admin').val() == true"
},
".write": "data.val() == null && auth != null || data.val() != null && newData.val() != null && (auth != null && newData.parent().parent().child('admins').child(auth.uid).val() == true || auth != null && newData.parent().parent().child('projects').child($project_id).child('admins').child(auth.uid).val() == true)",
".write": "data.val() == null && auth != null || data.val() != null && newData.val() != null && (auth != null && newData.parent().parent().child('users').child(auth.uid).child('roles').child('admin').val() == true || auth != null && newData.parent().parent().child('projects').child($project_id).child('members').child(auth.uid).child('isAdmin').val() == true)",
".read": "auth != null"
}
},
".read": "auth != null"
}
}
}
2 changes: 1 addition & 1 deletion public/app/login.html.twig
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@
console.log(user.providerData);
if (!user.isAnonymous) {
user.getToken().then(function(token){
document.location = '/main/auth/firebase/?token=' + token;
document.location = '/auth/firebase/?token=' + token;
});
}
// redirect to dashboard
Expand Down
4 changes: 3 additions & 1 deletion public/app/main.html.twig
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,4 @@
[% extends 'shared/backend.html.twig' %]
[% block title %]test[% endblock %]
[% block title %]test[% endblock %]

[% block body %][[projects]][% endblock %]
16 changes: 8 additions & 8 deletions public/app/shared/base.html.twig
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,10 +20,10 @@
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css">

<!-- Theme style -->
<link rel="stylesheet" href="/static/css/AdminLTE.min.css">
<link rel="stylesheet" href="/static/css/skin-blue.min.css">
<link rel="stylesheet" href="https://unpkg.com/admin-lte@2.3.11/dist/css/AdminLTE.min.css">
<link rel="stylesheet" href="https://unpkg.com/admin-lte@2.3.11/dist/css/skin-blue.min.css">
<!-- iCheck -->
<link rel="stylesheet" href="/static/js/plugins/AdminLTE/plugins/iCheck/square/blue.css">
<link rel="stylesheet" href="https://unpkg.com/admin-lte@2.3.11/plugins/iCheck/square/blue.css">

<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
Expand All @@ -49,18 +49,18 @@
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>

<!-- iCheck -->
<script src="/static/js/plugins/AdminLTE/plugins/iCheck/icheck.min.js"></script>
<script src="https://unpkg.com/admin-lte@2.3.11/plugins/iCheck/icheck.min.js"></script>

<!-- iCheck -->
<script src="/static/js/plugins/AdminLTE/app.min.js"></script>
<script src="https://unpkg.com/admin-lte@2.3.11/dist/js/app.min.js"></script>

<!-- firebase -->
<script src="https://www.gstatic.com/firebasejs/3.7.0/firebase.js"></script>

<!-- vuejs -->
<script src="https://unpkg.com/vue/dist/vue.js"></script>
<script src="https://unpkg.com/vuex/dist/vuex.js"></script>
<script src="https://unpkg.com/vue-router/dist/vue-router.js"></script>
<script src="https://unpkg.com/vue@2.2.1/dist/vue.js"></script>
<script src="https://unpkg.com/vuex@2.2.1/dist/vuex.js"></script>
<script src="https://unpkg.com/vue-router@2.3.0/dist/vue-router.js"></script>

[% block footer %][% endblock %]

Expand Down
6 changes: 3 additions & 3 deletions public/app/shared/header.html.twig
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,14 +23,14 @@
<!-- Menu Toggle Button -->
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
<!-- The user image in the navbar-->
<img src="/assets/libs/AdminLTE/dist/img/user2-160x160.jpg" class="user-image" alt="User Image">
<img src="https://unpkg.com/admin-lte@2.3.11/dist/img/user2-160x160.jpg" class="user-image" alt="User Image">
<!-- hidden-xs hides the username on small devices so only the image appears. -->
<span class="hidden-xs">[[user.first_name]] [[user.last_name]]</span>
</a>
<ul class="dropdown-menu">
<!-- The user image in the menu -->
<li class="user-header">
<img src="/assets/libs/AdminLTE/dist/img/user2-160x160.jpg" class="img-circle" alt="User Image">
<img src="https://unpkg.com/admin-lte@2.3.11/dist/img/user2-160x160.jpg" class="img-circle" alt="User Image">

<p>
[[user.first_name]] [[user.last_name]]
Expand Down Expand Up @@ -58,7 +58,7 @@
<a href="#" class="btn btn-default btn-flat">[[ "PROFILE" ]]</a>
</div>
<div class="pull-right">
<a href="/app-main/logout" class="btn btn-default btn-flat"><i class="fa fa-fw fa-power-off"></i>[[ "LOGOUT" ]]</a>
<a href="/logout" class="btn btn-default btn-flat"><i class="fa fa-fw fa-power-off"></i>[[ "LOGOUT" ]]</a>
</div>
</li>
</ul>
Expand Down
Loading

0 comments on commit ffb2c56

Please sign in to comment.