fix(core): change oper access

config/env/torrents.js

@@ -717,6 +717,7 @@ module.exports = {
 
         adminUserDelete: {name: 'adminUserDelete', enable: true},
         adminUserEdit: {name: 'adminUserEdit', enable: true},
+        adminMakerEdit: {name: 'adminMakerEdit', enable: true},
         adminBanAllExaminationUnfinishedUsers: {name: 'adminBanAllExaminationUnfinishedUsers', enable: true},
 
         userPasswordReset: {name: 'userPasswordReset', enable: true},

modules/about/server/controllers/makers.server.controller.js

@@ -123,6 +123,14 @@ exports.update = function (req, res) {
           site_name: appConfig.name
         });
       }
+
+      //create trace log
+      traceLogCreate(req, traceConfig.action.adminMakerEdit, {
+        maker: maker._id,
+        name: req.body.name,
+        desc: req.body.desc,
+        upload_access: req.body.upload_access
+      });
     }
   });
 };

modules/tickets/client/config/tickets-admin.client.menu.js

@@ -12,7 +12,6 @@
     menuService.addSubMenuItem('topbar', 'admin', {
       title: 'MENU_ADMIN_TICKETS',
       state: 'admin.tickets.support.message',
-      roles: ['admin'],
       faIcon: 'fa-volume-control-phone',
       faClass: 'text-mt',
       position: 70,

modules/torrents/client/config/admin/torrents-admin.client.menu.js

@@ -20,7 +20,6 @@
     menuService.addSubMenuItem('topbar', 'admin', {
       title: 'MENU_UPLOADER_ADMIN',
       state: 'admin.uploader',
-      roles: ['admin'],
       faIcon: 'fa-cloud-upload',
       faClass: 'text-mt',
       position: 2

modules/users/client/views/admin/view-user.client.view.html

@@ -79,7 +79,7 @@
                 <dt class="h-line">{{ 'STATUS_FIELD.EMAIL' | translate}}：</dt>
                 <dd class="h-line">{{ vm.user.email }}</dd>
 
-                <div ng-if="vm.authentication.user.isAdmin">
+                <div ng-if="vm.authentication.user.isOper">
                     <dt class="h-line">{{ 'STATUS_FIELD.PASSKEY' | translate}}：</dt>
                     <dd class="h-line">
                         <mark>{{ vm.user.passkey }}</mark>
@@ -129,7 +129,7 @@
                 <dd class="h-line">
                     <span>{{ vm.user.score | number: 2 }}</span> <span score-level-curr="vm.user"></span>
 
-                    <div class="pull-right" ng-if="vm.authentication.user.isAdmin">
+                    <div class="pull-right" ng-if="vm.authentication.user.isOper">
                         <button class="btn btn-default btn-xs btn-width-100"
                                 uib-popover-template="vm.setUserScorePopover.templateUrl"
                                 popover-title="{{vm.setUserScorePopover.title | translate}}"
@@ -164,7 +164,7 @@
                 <dt class="h-line">{{ 'STATUS_FIELD.LATEST_REFRESH_TIME' | translate}}：</dt>
                 <dd class="h-line">{{ vm.user.refreshat | date: 'yyyy-MM-dd HH:mm:ss' }}</dd>
 
-                <div ng-hide="!vm.authentication.user.isAdmin && vm.user.isAdmin">
+                <div ng-if="vm.authentication.user.isOper && !vm.user.isAdmin">
                     <dt class="h-line">{{ 'STATUS_FIELD.CURR_SIGNED_IP' | translate}}：</dt>
                     <dd class="h-line">{{ vm.user.curr_signed_ip }}</dd>
 
@@ -216,7 +216,7 @@
                     <span class="true_updown text-muted"
                           ng-if="vm.user.true_uploaded>0">|&emsp;{{ 'STATUS_FIELD.TRUE_UPLOADED' | translate}}：{{ vm.user.true_uploaded | bytes:2 }}</span>
 
-                    <div class="pull-right" ng-if="vm.authentication.user.isAdmin">
+                    <div class="pull-right" ng-if="vm.authentication.user.isOper">
                         <button class="btn btn-default btn-xs btn-width-100"
                                 uib-popover-template="vm.setUserUploadedPopover.templateUrl"
                                 popover-title="{{vm.setUserUploadedPopover.title | translate}}"
@@ -237,7 +237,7 @@
                     <span class="true_updown text-muted"
                           ng-if="vm.user.true_downloaded>0">|&emsp;{{ 'STATUS_FIELD.TRUE_DOWNLOADED' | translate}}：{{ vm.user.true_downloaded | bytes:2 }}</span>
 
-                    <div class="pull-right" ng-if="vm.authentication.user.isAdmin">
+                    <div class="pull-right" ng-if="vm.authentication.user.isOper">
                         <button class="btn btn-default btn-xs btn-width-100"
                                 uib-popover-template="vm.setUserDownloadedPopover.templateUrl"
                                 popover-title="{{vm.setUserDownloadedPopover.title | translate}}"

modules/users/server/controllers/admin.server.controller.js

@@ -82,7 +82,9 @@ exports.update = function (req, res) {
       user: user._id,
       firstName: req.body.firstName,
       lastName: req.body.lastName,
-      roles: req.body.roles
+      roles: req.body.roles,
+      upload_access: req.body.upload_access,
+      remarks: req.body.remarks
     });
   });
 };

modules/users/server/policies/admin.server.policy.js

@@ -17,7 +17,6 @@ exports.invokeRolesPolicies = function () {
       {
         roles: ['admin'],
         allows: [
-          {resources: '/api/users/uploaderList', permissions: '*'},
           {resources: '/api/users/:userId/role', permissions: '*'},
           {resources: '/api/users/:userId/VIPMonths/:months', permissions: '*'},
           {resources: '/api/users/:userId/VIPMonths/reset', permissions: '*'},
@@ -27,6 +26,7 @@ exports.invokeRolesPolicies = function () {
       {
         roles: ['oper', 'admin'],
         allows: [
+          {resources: '/api/users/uploaderList', permissions: '*'},
           {resources: '/api/users', permissions: '*'},
           {resources: '/api/users/:userId', permissions: '*'},
           {resources: '/api/users/:userId/status', permissions: '*'},