Add more comments
This commit is contained in:
parent
328a72ac91
commit
aaaa28d569
|
@ -138,7 +138,12 @@ ACL.getMatchingScore = function getMatchingScore(rule, req) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Weigh agaist the principal type
|
// Weigh against the principal type into 4 levels
|
||||||
|
// - user level (explicitly allow/deny a given user)
|
||||||
|
// - app level (explicitly allow/deny a given app)
|
||||||
|
// - role level (role based authorization)
|
||||||
|
// - other
|
||||||
|
// user > app > role > ...
|
||||||
score = score * 4;
|
score = score * 4;
|
||||||
switch(rule.principalType) {
|
switch(rule.principalType) {
|
||||||
case ACL.USER:
|
case ACL.USER:
|
||||||
|
@ -155,6 +160,7 @@ ACL.getMatchingScore = function getMatchingScore(rule, req) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Weigh against the roles
|
// Weigh against the roles
|
||||||
|
// everyone < authenticated/unauthenticated < related < owner < ...
|
||||||
score = score * 8;
|
score = score * 8;
|
||||||
if(rule.principalType === ACL.ROLE) {
|
if(rule.principalType === ACL.ROLE) {
|
||||||
switch(rule.principalId) {
|
switch(rule.principalId) {
|
||||||
|
|
Loading…
Reference in New Issue