46 lines
1.1 KiB
JavaScript
46 lines
1.1 KiB
JavaScript
|
module.exports = Self => {
|
||
|
Self.remoteMethod('acl', {
|
||
|
description: 'Get the user information and permissions',
|
||
|
accepts: [
|
||
|
{
|
||
|
arg: 'ctx',
|
||
|
type: 'Object',
|
||
|
http: {source: 'context'}
|
||
|
}
|
||
|
],
|
||
|
returns: {
|
||
|
type: 'Object',
|
||
|
root: true
|
||
|
},
|
||
|
http: {
|
||
|
path: `/acl`,
|
||
|
verb: 'GET'
|
||
|
}
|
||
|
});
|
||
|
|
||
|
Self.acl = async function(ctx) {
|
||
|
let userId = ctx.req.accessToken.userId;
|
||
|
let models = Self.app.models;
|
||
|
|
||
|
let user = await models.Account.findById(userId, {
|
||
|
fields: ['id', 'name', 'nickname', 'email']
|
||
|
});
|
||
|
|
||
|
let roles = await models.RoleMapping.find({
|
||
|
fields: ['roleId'],
|
||
|
where: {
|
||
|
principalId: userId,
|
||
|
principalType: 'USER'
|
||
|
},
|
||
|
include: [{
|
||
|
relation: 'role',
|
||
|
scope: {
|
||
|
fields: ['name']
|
||
|
}
|
||
|
}]
|
||
|
});
|
||
|
|
||
|
return {roles, user};
|
||
|
};
|
||
|
};
|