63 lines
1.8 KiB
JavaScript
63 lines
1.8 KiB
JavaScript
|
module.exports = Self => {
|
||
|
/**
|
||
|
* Checks if current user has
|
||
|
* read privileges over a dms
|
||
|
*
|
||
|
* @param {Object} ctx - Request context
|
||
|
* @param {Interger} id - DmsType id
|
||
|
* @return {Boolean} True for user with read privileges
|
||
|
*/
|
||
|
Self.hasReadRole = async(ctx, id) => {
|
||
|
const models = Self.app.models;
|
||
|
const dmsType = await models.DmsType.findById(id, {
|
||
|
include: {
|
||
|
relation: 'readRole'
|
||
|
}
|
||
|
});
|
||
|
|
||
|
return await hasRole(ctx, dmsType);
|
||
|
};
|
||
|
|
||
|
/**
|
||
|
* Checks if current user has
|
||
|
* write privileges over a dms
|
||
|
*
|
||
|
* @param {Object} ctx - Request context
|
||
|
* @param {Interger} id - DmsType id
|
||
|
* @return {Boolean} True for user with write privileges
|
||
|
*/
|
||
|
Self.hasWriteRole = async(ctx, id) => {
|
||
|
const models = Self.app.models;
|
||
|
const dmsType = await models.DmsType.findById(id, {
|
||
|
include: {
|
||
|
relation: 'writeRole'
|
||
|
}
|
||
|
});
|
||
|
|
||
|
return await hasRole(ctx, dmsType);
|
||
|
};
|
||
|
|
||
|
/**
|
||
|
* Checks if current user has
|
||
|
* read or write privileges
|
||
|
* @param {Object} ctx - Context
|
||
|
* @param {Object} dmsType - Dms type [read/write]
|
||
|
*/
|
||
|
async function hasRole(ctx, dmsType) {
|
||
|
const models = Self.app.models;
|
||
|
const myUserId = ctx.req.accessToken.userId;
|
||
|
|
||
|
const readRole = dmsType.readRole() && dmsType.readRole().name;
|
||
|
const writeRole = dmsType.writeRole() && dmsType.writeRole().name;
|
||
|
const requiredRole = readRole || writeRole;
|
||
|
|
||
|
const hasRequiredRole = await models.Account.hasRole(myUserId, requiredRole);
|
||
|
const isRoot = await models.Account.hasRole(myUserId, 'root');
|
||
|
|
||
|
if (isRoot || hasRequiredRole)
|
||
|
return true;
|
||
|
|
||
|
return false;
|
||
|
}
|
||
|
};
|