From cc7560b25849b277b3d565350ba6e7080a9798dd Mon Sep 17 00:00:00 2001
From: Raymond Feng <raymond@strongloop.com>
Date: Wed, 13 Nov 2013 17:14:13 -0800
Subject: [PATCH] Simplify check permission

---
 lib/models/acl.js | 30 +++++++-----------------------
 1 file changed, 7 insertions(+), 23 deletions(-)

diff --git a/lib/models/acl.js b/lib/models/acl.js
index 6adfaa9d..f4953969 100644
--- a/lib/models/acl.js
+++ b/lib/models/acl.js
@@ -130,8 +130,13 @@ function overridePermission(p1, p2) {
  * @param callback
  */
 ACL.checkPermission = function (principalType, principalId, model, property, accessType, callback) {
+  property = property || ACL.ALL;
+  var propertyQuery = (property === ACL.ALL) ? ACL.ALL : {inq: [property, ACL.ALL]};
+  accessType = accessType || ACL.aLL;
+  var accessTypeQuery = (accessType === ACL.ALL) ? ACL.ALL : {inq: [accessType, ACL.ALL]};
+
   ACL.find({where: {principalType: principalType, principalId: principalId,
-      model: model, property: {inq: [property, ACL.ALL]}, accessType: {inq: [accessType, ACL.ALL]}}},
+      model: model, property: propertyQuery, accessType: accessTypeQuery}},
     function (err, acls) {
       if (err) {
         callback && callback(err);
@@ -165,28 +170,7 @@ Scope.checkPermission = function (scope, model, property, accessType, callback)
     if (err) {
       callback && callback(err);
     } else {
-      ACL.find({where: {principalType: ACL.SCOPE, principalId: scope.id,
-          model: model, property: {inq: [property, ACL.ALL]},
-          accessType: {inq: [accessType, ACL.ALL]}}}, function (err, resources) {
-          if (err) {
-            callback && callback(err);
-            return;
-          }
-          // Try to resolve the permission
-          var resolvedPermission = resources.reduce(function (previousValue, currentValue, index, array) {
-            // If the property is the same or the previous one is ACL.ALL (ALL)
-            if (previousValue.property === currentValue.property || (previousValue.property === ACL.ALL && currentValue.property)) {
-              previousValue.property = currentValue.property;
-              if (previousValue.accessType === currentValue.accessType || (previousValue.accessType === ACL.ALL && currentValue.accessType)) {
-                previousValue.accessType = currentValue.accessType;
-              }
-              previousValue.permission = overridePermission(previousValue.permission, currentValue.permission);
-            }
-            return previousValue;
-          }, {model: model, property: ACL.ALL, accessType: ACL.ALL, permission: ACL.ALLOW});
-          callback && callback(null, resolvedPermission);
-        }
-      );
+      ACL.checkPermission(ACL.SCOPE, scope.id, model, property, accessType, callback);
     }
   });
 };