Dont attempt access checking on models without a check access method

2013-12-11 19:46:56 -08:00 · 2013-12-11 19:46:56 -08:00 · 4619a143f5
parent 0f4e9e1d1c
commit 4619a143f5
1 changed files with 20 additions and 16 deletions
--- a/lib/application.js
+++ b/lib/application.js
@ -164,23 +164,27 @@ app.enableAuth = function() {
    var modelInstance = ctx.instance;
    var modelId = modelInstance && modelInstance.id || req.param('id');

-    Model.checkAccess(
-      req.accessToken,
-      modelId,
-      method.name,
-      function(err, allowed) {
-        if(err) {
-          console.log(err);
-          next(err);
-        } else if(allowed) {
-          next();
-        } else {
-          var e = new Error('Access Denied');
-          e.statusCode = 401;
-          next(e);
+    if(Model.checkAccess) {
+      Model.checkAccess(
+        req.accessToken,
+        modelId,
+        method.name,
+        function(err, allowed) {
+          if(err) {
+            console.log(err);
+            next(err);
+          } else if(allowed) {
+            next();
+          } else {
+            var e = new Error('Access Denied');
+            e.statusCode = 401;
+            next(e);
+          }
        }
-      }
-    );
+      );
+    } else {
+      next();
+    }
  });
 }