Add customizable user roles (#18641)

* Add customizable user roles * Various fixes and improvements * Add migration for old settings and fix tootctl role management
2022-07-05 02:41:40 +02:00 · 2022-07-05 02:41:40 +02:00 · 44b2ee3485
commit 44b2ee3485
parent 1b4054256f
187 changed files with 1945 additions and 1032 deletions
--- a/app/controllers/api/v1/admin/accounts_controller.rb
+++ b/app/controllers/api/v1/admin/accounts_controller.rb
@ -8,11 +8,11 @@ class Api::V1::Admin::AccountsController < Api::BaseController

  before_action -> { authorize_if_got_token! :'admin:read', :'admin:read:accounts' }, only: [:index, :show]
  before_action -> { authorize_if_got_token! :'admin:write', :'admin:write:accounts' }, except: [:index, :show]
-  before_action :require_staff!
  before_action :set_accounts, only: :index
  before_action :set_account, except: :index
  before_action :require_local_account!, only: [:enable, :approve, :reject]

+  after_action :verify_authorized
  after_action :insert_pagination_headers, only: :index

  FILTER_PARAMS = %i(
@ -119,7 +119,9 @@ class Api::V1::Admin::AccountsController < Api::BaseController
      translated_params[:status] = status.to_s if params[status].present?
    end

-    translated_params[:permissions] = 'staff' if params[:staff].present?
+    if params[:staff].present?
+      translated_params[:role_ids] = UserRole.that_can(:manage_reports).map(&:id)
+    end

    translated_params
  end