make upload permissions global

give upload image permission to registered users on install
add global privileges to app.user.privileges for client side use

test/categories.js

@@ -638,7 +638,7 @@ describe('Categories', function () {
 			});
 		});
 
-		it('should load user privileges', function (done) {
+		it('should load category user privileges', function (done) {
 			privileges.categories.userPrivileges(categoryObj.cid, 1, function (err, data) {
 				assert.ifError(err);
 				assert.deepEqual(data, {
@@ -651,8 +651,6 @@ describe('Categories', function () {
 					'topics:tag': false,
 					'topics:delete': false,
 					'posts:edit': false,
-					'upload:post:file': false,
-					'upload:post:image': false,
 					purge: false,
 					moderate: false,
 				});
@@ -661,7 +659,20 @@ describe('Categories', function () {
 			});
 		});
 
-		it('should load group privileges', function (done) {
+		it('should load global user privileges', function (done) {
+			privileges.global.userPrivileges(1, function (err, data) {
+				assert.ifError(err);
+				assert.deepEqual(data, {
+					chat: false,
+					'upload:post:image': false,
+					'upload:post:file': false,
+				});
+
+				done();
+			});
+		});
+
+		it('should load category group privileges', function (done) {
 			privileges.categories.groupPrivileges(categoryObj.cid, 'registered-users', function (err, data) {
 				assert.ifError(err);
 				assert.deepEqual(data, {
@@ -674,8 +685,6 @@ describe('Categories', function () {
 					'groups:posts:delete': true,
 					'groups:read': true,
 					'groups:topics:read': true,
-					'groups:upload:post:file': false,
-					'groups:upload:post:image': true,
 					'groups:purge': false,
 					'groups:moderate': false,
 				});
@@ -684,6 +693,19 @@ describe('Categories', function () {
 			});
 		});
 
+		it('should load global group privileges', function (done) {
+			privileges.global.groupPrivileges('registered-users', function (err, data) {
+				assert.ifError(err);
+				assert.deepEqual(data, {
+					'groups:chat': true,
+					'groups:upload:post:image': true,
+					'groups:upload:post:file': false,
+				});
+
+				done();
+			});
+		});
+
 		it('should return false if cid is falsy', function (done) {
 			privileges.categories.isUserAllowedTo('find', null, adminUid, function (err, isAllowed) {
 				assert.ifError(err);

test/groups.js

@@ -71,9 +71,9 @@ describe('Groups', function () {
 
 	describe('.list()', function () {
 		it('should list the groups present', function (done) {
-			Groups.getGroupsFromSet('groups:createtime', 0, 0, -1, function (err, groups) {
+			Groups.getGroupsFromSet('groups:visible:createtime', 0, 0, -1, function (err, groups) {
 				assert.ifError(err);
-				assert.equal(groups.length, 7);
+				assert.equal(groups.length, 4);
 				done();
 			});
 		});

test/messaging.js

@@ -414,7 +414,7 @@ describe('Messaging Library', function () {
 
 		it('should fail to load room if user is not in', function (done) {
 			socketModules.chats.loadRoom({ uid: 0 }, { roomId: roomId }, function (err) {
-				assert.equal(err.message, '[[error:not-allowed]]');
+				assert.equal(err.message, '[[error:no-privileges]]');
 				done();
 			});
 		});
@@ -579,11 +579,12 @@ describe('Messaging Library', function () {
 			});
 		});
 
-		it('should 404 for guest', function (done) {
+		it('should 500 for guest with no privilege error', function (done) {
 			meta.config.disableChat = 0;
-			request(nconf.get('url') + '/user/baz/chats', function (err, response) {
+			request(nconf.get('url') + '/api/user/baz/chats', { json: true }, function (err, response, body) {
 				assert.ifError(err);
-				assert.equal(response.statusCode, 404);
+				assert.equal(response.statusCode, 500);
+				assert.equal(body.error, '[[error:no-privileges]]');
 				done();
 			});
 		});

test/mocks/databasemock.js

@@ -154,6 +154,9 @@ function setupMockDefaults(callback) {
 			winston.info('test_database flushed');
 			setupDefaultConfigs(meta, next);
 		},
+		function (next) {
+			giveDefaultGlobalPrivileges(next);
+		},
 		function (next) {
 			meta.configs.init(next);
 		},
@@ -182,6 +185,11 @@ function setupDefaultConfigs(meta, next) {
 	meta.configs.setOnEmpty(defaults, next);
 }
 
+function giveDefaultGlobalPrivileges(next) {
+	var privileges = require('../../src/privileges');
+	privileges.global.give(['chat', 'upload:post:image'], 'registered-users', next);
+}
+
 function enableDefaultPlugins(callback) {
 	winston.info('Enabling default plugins\n');
 

test/uploads.js

@@ -62,7 +62,7 @@ describe('Upload Controllers', function () {
 				assert.ifError(err);
 				jar = _jar;
 				csrf_token = _csrf_token;
-				privileges.categories.give(['upload:post:file'], cid, 'registered-users', done);
+				privileges.global.give(['upload:post:file'], 'registered-users', done);
 			});
 		});
 
@@ -77,17 +77,8 @@ describe('Upload Controllers', function () {
 			});
 		});
 
-		it('should fail to upload an image to a post with invalid cid', function (done) {
-			helpers.uploadFile(nconf.get('url') + '/api/post/upload', path.join(__dirname, '../test/files/test.png'), { cid: '0' }, jar, csrf_token, function (err, res, body) {
-				assert.ifError(err);
-				assert.equal(res.statusCode, 500);
-				assert.equal(body.error, '[[error:category-not-selected]]');
-				done();
-			});
-		});
-
 		it('should upload an image to a post', function (done) {
-			helpers.uploadFile(nconf.get('url') + '/api/post/upload', path.join(__dirname, '../test/files/test.png'), { cid: cid }, jar, csrf_token, function (err, res, body) {
+			helpers.uploadFile(nconf.get('url') + '/api/post/upload', path.join(__dirname, '../test/files/test.png'), {}, jar, csrf_token, function (err, res, body) {
 				assert.ifError(err);
 				assert.equal(res.statusCode, 200);
 				assert(Array.isArray(body));
@@ -100,7 +91,7 @@ describe('Upload Controllers', function () {
 		it('should resize and upload an image to a post', function (done) {
 			var oldValue = meta.config.maximumImageWidth;
 			meta.config.maximumImageWidth = 10;
-			helpers.uploadFile(nconf.get('url') + '/api/post/upload', path.join(__dirname, '../test/files/test.png'), { cid: cid }, jar, csrf_token, function (err, res, body) {
+			helpers.uploadFile(nconf.get('url') + '/api/post/upload', path.join(__dirname, '../test/files/test.png'), {}, jar, csrf_token, function (err, res, body) {
 				assert.ifError(err);
 				assert.equal(res.statusCode, 200);
 				assert(Array.isArray(body));
@@ -116,7 +107,7 @@ describe('Upload Controllers', function () {
 			meta.config.allowFileUploads = 1;
 			var oldValue = meta.config.allowedFileExtensions;
 			meta.config.allowedFileExtensions = 'png,jpg,bmp,html';
-			helpers.uploadFile(nconf.get('url') + '/api/post/upload', path.join(__dirname, '../test/files/503.html'), { cid: cid }, jar, csrf_token, function (err, res, body) {
+			helpers.uploadFile(nconf.get('url') + '/api/post/upload', path.join(__dirname, '../test/files/503.html'), {}, jar, csrf_token, function (err, res, body) {
 				meta.config.allowedFileExtensions = oldValue;
 				assert.ifError(err);
 				assert.equal(res.statusCode, 200);