Fix the Scope reference to models

2014-01-23 14:46:02 -08:00 · 2014-01-23 14:46:02 -08:00 · 224b500c3a
parent bb389ce209
commit 224b500c3a
1 changed files with 41 additions and 41 deletions
--- a/lib/models/acl.js
+++ b/lib/models/acl.js
@ -44,47 +44,6 @@ var AccessRequest = ctx.AccessRequest;
 var role = require('./role');
 var Role = role.Role;

-/*!
- * Schema for Scope which represents the permissions that are granted to client
- * applications by the resource owner
- */
-var ScopeSchema = {
-  name: {type: String, required: true},
-  description: String
-};
-
-/**
- * Resource owner grants/delegates permissions to client applications
- *
- * For a protected resource, does the client application have the authorization
- * from the resource owner (user or system)?
- *
- * Scope has many resource access entries
- * @class
- */
-var Scope = loopback.createModel('Scope', ScopeSchema);
-
-
-/**
- * Check if the given scope is allowed to access the model/property
- * @param {String} scope The scope name
- * @param {String} model The model name
- * @param {String} property The property/method/relation name
- * @param {String} accessType The access type
- * @callback {Function} callback
- * @param {String|Error} err The error object
- * @param {AccessRequest} result The access permission
- */
-Scope.checkPermission = function (scope, model, property, accessType, callback) {
-  Scope.findOne({where: {name: scope}}, function (err, scope) {
-    if (err) {
-      callback && callback(err);
-    } else {
-      ACL.checkPermission(ACL.SCOPE, scope.id, model, property, accessType, callback);
-    }
-  });
-};
-
 /**
 * System grants permissions to principals (users/applications, can be grouped
 * into roles).
@ -452,6 +411,47 @@ ACL.checkAccessForToken = function (token, model, modelId, method, callback) {
  });
 };

+/*!
+ * Schema for Scope which represents the permissions that are granted to client
+ * applications by the resource owner
+ */
+var ScopeSchema = {
+  name: {type: String, required: true},
+  description: String
+};
+
+/**
+ * Resource owner grants/delegates permissions to client applications
+ *
+ * For a protected resource, does the client application have the authorization
+ * from the resource owner (user or system)?
+ *
+ * Scope has many resource access entries
+ * @class
+ */
+var Scope = loopback.createModel('Scope', ScopeSchema);
+
+
+/**
+ * Check if the given scope is allowed to access the model/property
+ * @param {String} scope The scope name
+ * @param {String} model The model name
+ * @param {String} property The property/method/relation name
+ * @param {String} accessType The access type
+ * @callback {Function} callback
+ * @param {String|Error} err The error object
+ * @param {AccessRequest} result The access permission
+ */
+Scope.checkPermission = function (scope, model, property, accessType, callback) {
+  this.findOne({where: {name: scope}}, function (err, scope) {
+    if (err) {
+      callback && callback(err);
+    } else {
+      var aclModel = loopback.getModelByType(ACL);
+      aclModel.checkPermission(ACL.SCOPE, scope.id, model, property, accessType, callback);
+    }
+  });
+};

 module.exports.ACL = ACL;
 module.exports.Scope = Scope;