Improve Space permissions

Closes out loopholes that allowed managers to kick owners.

gui/app/pods/customize/folders/controller.js

@@ -9,85 +9,7 @@
 //
 // https://documize.com
 
-import $ from 'jquery';
-import { computed } from '@ember/object';
-import { inject as service } from '@ember/service';
-import Notifier from '../../../mixins/notifier';
-import TooltipMixin from '../../../mixins/tooltip';
 import Controller from '@ember/controller';
 
-export default Controller.extend(TooltipMixin, Notifier, {
-	folderService: service('folder'),
-	browserSvc: service('browser'),
-	documentSvc: service('document'),
-	dropdown: null,
-
-	init() {
-		this._super(...arguments);
-		this.folders = [];
-		this.deleteSpace = {
-			id: '',
-			name: ''
-		};
-	},
-
-	label: computed('folders', function() {
-		switch (this.get('folders').length) {
-		case 1:
-			return "space";
-		default:
-			return "spaces";
-		}
-	}),
-
-	actions: {
-		onShow(id) {
-			this.set('deleteSpace.id', id);
-		},
-
-		onDelete() {
-			let deleteSpace = this.get('deleteSpace');
-			let spaceId = deleteSpace.id;
-			let spaceNameTyped = deleteSpace.name;
-			let space = this.get('folders').findBy('id', spaceId);
-			let spaceName = space.get('name');
-
-			if (spaceNameTyped !== spaceName || spaceNameTyped === '' || spaceName === '') {
-				$('#delete-space-name').addClass('is-invalid').focus();
-				return;
-			}
-
-			$('#space-delete-modal').modal('hide');
-			$('#space-delete-modal').modal('dispose');
-
-			this.get('folderService').delete(spaceId).then(() => { /* jshint ignore:line */
-				this.set('deleteSpace.id', '');
-				this.set('deleteSpace.name', '');
-
-				this.get('folderService').adminList().then((folders) => {
-					let nonPrivateFolders = folders.rejectBy('spaceType', 2);
-					if (is.empty(nonPrivateFolders) || is.null(folders) || is.undefined(folders)) {
-						nonPrivateFolders = [];
-					}
-
-					this.set('folders', nonPrivateFolders);
-				});
-			});
-		},
-
-		onExport() {
-			this.showWait();
-
-			let spec = {
-				spaceId: '',
-				data: _.pluck(this.get('folders'), 'id'),
-				filterType: 'space',
-			};
-
-			this.get('documentSvc').export(spec).then((htmlExport) => {
-				this.get('browserSvc').downloadFile(htmlExport, 'documize.html');
-				this.showDone();
-			});
-		}
-	}
+export default Controller.extend({
 });

gui/app/pods/customize/folders/route.js

@@ -9,33 +9,17 @@
 //
 // https://documize.com
 
-import { inject as service } from '@ember/service';
-import Route from '@ember/routing/route';
 import AuthenticatedRouteMixin from 'ember-simple-auth/mixins/authenticated-route-mixin';
+import Route from '@ember/routing/route';
 
 export default Route.extend(AuthenticatedRouteMixin, {
-	folderService: service('folder'),
-
 	beforeModel() {
 		if (!this.session.isAdmin) {
 			this.transitionTo('auth.login');
 		}
 	},
 
-	model() {
-		return this.get('folderService').adminList();
-	},
-
-	setupController(controller, model) {
-		let nonPrivateFolders = model.rejectBy('spaceType', 2);
-		if (is.empty(nonPrivateFolders) || is.null(model) || is.undefined(model)) {
-			nonPrivateFolders = [];
-		}
-
-		controller.set('folders', nonPrivateFolders);
-	},
-
 	activate() {
-		this.get('browser').setTitle('Spaces');
+		this.get('browser').setTitle('Manage Spaces');
 	}
 });

gui/app/pods/customize/folders/template.hbs

@@ -1,50 +1 @@
-{{#if folders}}
-	<div class="row">
-		<div class="col">
-			<div class="view-customize">
-				<h1 class="admin-heading">{{folders.length}} shared {{label}}</h1>
-				<button type="button" class="btn btn-success" onclick={{action 'onExport'}}>Export as HTML</button>
-			</div>
-		</div>
-	</div>
-	<div class="view-customize">
-		<div class="space-list">
-			{{#each folders as |folder|}}
-				<div class="space row">
-					<div class="col-12 col-sm-8">
-						{{#link-to 'folder' folder.id folder.slug class="alt"}}{{folder.name}}{{/link-to}}
-					</div>
-					<div class="col-12 col-sm-4 text-right">
-						<div id="space-delete-button-{{folder.id}}" class="button-icon-danger align-middle" data-toggle="tooltip" data-placement="top" title="Delete space" {{action "onShow" folder.id}}>
-							<i class="material-icons" data-toggle="modal" data-target="#space-delete-modal" data-backdrop="static">delete</i>
-						</div>
-					</div>
-				</div>
-			{{/each}}
-		</div>
-	</div>
-
-	<div id="space-delete-modal" class="modal" tabindex="-1" role="dialog">
-		<div class="modal-dialog" role="document">
-			<div class="modal-content">
-				<div class="modal-header">Space Deletion</div>
-				<div class="modal-body">
-					<form onsubmit={{action 'onDelete'}}>
-						<p>Are you sure you want to delete this space and all documents?</p>
-						<div class="form-group">
-							<label for="delete-space-name">Please type space name to confirm</label>
-							{{input type='text' id="delete-space-name" class="form-control mousetrap" placeholder="Space name" value=deleteSpace.name}}
-							<small class="form-text text-muted">This will delete all documents and templates within this space!</small>
-						</div>
-					</form>
-				</div>
-				<div class="modal-footer">
-					<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
-					<button type="button" class="btn btn-danger" onclick={{action 'onDelete'}}>Delete</button>
-				</div>
-			</div>
-		</div>
-	</div>
-{{else}}
-	<p>There are no spaces to maintain</p>
-{{/if}}
+{{customize/space-admin}}