feat: add oauth group permission

2023-10-13 20:30:09 +08:00 · 2023-10-13 20:30:09 +08:00 · fb3b2a6c6c
commit fb3b2a6c6c
parent 3db1e1328c
7 changed files with 27 additions and 2 deletions
--- a/js/dist/admin.js
+++ b/js/dist/admin.js
--- a/js/dist/admin.js.map
+++ b/js/dist/admin.js.map
--- a/js/src/admin/index.js
+++ b/js/src/admin/index.js
@ -3,5 +3,14 @@ import SettingsPage from './components/SettingsPage';
 app.initializers.add('foskym/flarum-oauth-center', () => {
  app.extensionData
    .for('foskym-oauth-center')
-    .registerPage(SettingsPage);
+    .registerPage(SettingsPage)
+    .registerPermission(
+    {
+      icon: 'fas fa-user-friends',
+      label: app.translator.trans('foskym-oauth-center.admin.permission.use_oauth'),
+      permission: 'foskym-oauth-center.use-oauth',
+    },
+    'use-oauth',
+    95
+  );
 });
--- a/locale/en.yml
+++ b/locale/en.yml
@ -1,5 +1,7 @@
 foskym-oauth-center:
  admin:
+    permission:
+      use_oauth: Use OAuth
    page:
      index: home
      clients: Manage Clients
--- a/locale/zh-Hans.yml
+++ b/locale/zh-Hans.yml
@ -1,5 +1,7 @@
 foskym-oauth-center:
  admin:
+    permission:
+      use_oauth: 使用 OAuth 授权
    page:
      index: 首页
      clients: 应用管理
--- a/src/Api/Controller/ShowClientController.php
+++ b/src/Api/Controller/ShowClientController.php
@ -4,6 +4,7 @@ namespace FoskyM\OAuthCenter\Api\Controller;

 use Flarum\Api\Controller\AbstractListController;
 use Flarum\Http\RequestUtil;
+use Flarum\User\Exception\NotAuthenticatedException;
 use Illuminate\Support\Arr;
 use Psr\Http\Message\ServerRequestInterface;
 use Tobscure\JsonApi\Document;
@ -16,7 +17,13 @@ class ShowClientController extends AbstractListController
    protected function data(ServerRequestInterface $request, Document $document)
    {
        $client_id = Arr::get($request->getQueryParams(), 'client_id');
-        RequestUtil::getActor($request)->assertRegistered();
+
+        $actor = RequestUtil::getActor($request);
+        $actor->assertRegistered();
+
+        if (!$actor->hasPermission('foskym-oauth-center.use-oauth')) {
+            throw new NotAuthenticatedException();
+        }

        $client = Client::where('client_id', $client_id)->get();

--- a/src/Controllers/AuthorizeController.php
+++ b/src/Controllers/AuthorizeController.php
@ -9,6 +9,7 @@
 * file that was distributed with this source code.
 */
 namespace FoskyM\OAuthCenter\Controllers;
+use Flarum\User\Exception\NotAuthenticatedException;
 use Flarum\User\User;
 use Flarum\Http\RequestUtil;
 use FoskyM\OAuthCenter\OAuth;
@ -33,6 +34,10 @@ class AuthorizeController implements RequestHandlerInterface
        $actor = RequestUtil::getActor($request);
        $actor->assertRegistered();

+        if (!$actor->hasPermission('foskym-oauth-center.use-oauth')) {
+            throw new NotAuthenticatedException();
+        }
+
        $params = $request->getParsedBody();

        $oauth = new OAuth($this->settings);