Simplify check permission

This commit is contained in:
Raymond Feng 2013-11-13 17:14:13 -08:00
parent 94f12d0fce
commit cc7560b258
1 changed files with 7 additions and 23 deletions

View File

@ -130,8 +130,13 @@ function overridePermission(p1, p2) {
* @param callback * @param callback
*/ */
ACL.checkPermission = function (principalType, principalId, model, property, accessType, callback) { ACL.checkPermission = function (principalType, principalId, model, property, accessType, callback) {
property = property || ACL.ALL;
var propertyQuery = (property === ACL.ALL) ? ACL.ALL : {inq: [property, ACL.ALL]};
accessType = accessType || ACL.aLL;
var accessTypeQuery = (accessType === ACL.ALL) ? ACL.ALL : {inq: [accessType, ACL.ALL]};
ACL.find({where: {principalType: principalType, principalId: principalId, ACL.find({where: {principalType: principalType, principalId: principalId,
model: model, property: {inq: [property, ACL.ALL]}, accessType: {inq: [accessType, ACL.ALL]}}}, model: model, property: propertyQuery, accessType: accessTypeQuery}},
function (err, acls) { function (err, acls) {
if (err) { if (err) {
callback && callback(err); callback && callback(err);
@ -165,28 +170,7 @@ Scope.checkPermission = function (scope, model, property, accessType, callback)
if (err) { if (err) {
callback && callback(err); callback && callback(err);
} else { } else {
ACL.find({where: {principalType: ACL.SCOPE, principalId: scope.id, ACL.checkPermission(ACL.SCOPE, scope.id, model, property, accessType, callback);
model: model, property: {inq: [property, ACL.ALL]},
accessType: {inq: [accessType, ACL.ALL]}}}, function (err, resources) {
if (err) {
callback && callback(err);
return;
}
// Try to resolve the permission
var resolvedPermission = resources.reduce(function (previousValue, currentValue, index, array) {
// If the property is the same or the previous one is ACL.ALL (ALL)
if (previousValue.property === currentValue.property || (previousValue.property === ACL.ALL && currentValue.property)) {
previousValue.property = currentValue.property;
if (previousValue.accessType === currentValue.accessType || (previousValue.accessType === ACL.ALL && currentValue.accessType)) {
previousValue.accessType = currentValue.accessType;
}
previousValue.permission = overridePermission(previousValue.permission, currentValue.permission);
}
return previousValue;
}, {model: model, property: ACL.ALL, accessType: ACL.ALL, permission: ACL.ALLOW});
callback && callback(null, resolvedPermission);
}
);
} }
}); });
}; };