salix/back/models/image-collection.js

module.exports = Self => {
    /**
     * Checks if current user has
     * read privileges over a collection
     *
     * @param {object} ctx - Request context
     * @param {interger} name - Collection name
     * @param {object} options - Query options
     * @return {boolean} True for user with read privileges
     */
    Self.hasReadRole = async(ctx, name, options) => {
        const collection = await Self.findOne({
            include: {
                relation: 'readRole'
            },
            where: {name}
        }, options);

        return await hasRole(ctx, collection, options);
    };

    /**
     * Checks if current user has
     * write privileges over a collection
     *
     * @param {object} ctx - Request context
     * @param {string} name - Collection name
     * @param {object} options - Query options
     * @return {boolean} True for user with write privileges
     */
    Self.hasWriteRole = async(ctx, name, options) => {
        const collection = await Self.findOne({
            include: {
                relation: 'writeRole'
            },
            where: {name}
        }, options);

        return await hasRole(ctx, collection, options);
    };

    /**
     * Checks if current user has
     * read or write privileges
     * @param {Object} ctx - Context
     * @param {Object} collection - Collection [read/write]
     * @param {Object} options - Query options
     */
    async function hasRole(ctx, collection, options) {
        const models = Self.app.models;
        const myUserId = ctx.req.accessToken.userId;

        const readRole = collection.readRole() && collection.readRole().name;
        const writeRole = collection.writeRole() && collection.writeRole().name;
        const requiredRole = readRole || writeRole;

        const hasRequiredRole = await models.VnUser.hasRole(myUserId, requiredRole, options);
        const isRoot = await models.VnUser.hasRole(myUserId, 'root', options);

        if (isRoot || hasRequiredRole)
            return true;

        return false;
    }
};
refs #5488 fix(): use hasWriteRole 2023-04-28 07:35:15 +00:00			`module.exports = Self => {`
			`/**`
			`* Checks if current user has`
			`* read privileges over a collection`
			`*`
			`* @param {object} ctx - Request context`
			`* @param {interger} name - Collection name`
			`* @param {object} options - Query options`
			`* @return {boolean} True for user with read privileges`
			`*/`
			`Self.hasReadRole = async(ctx, name, options) => {`
fix(imageCollection): 2023-04-28 09:54:11 +00:00			`const collection = await Self.findOne({`
refs #5488 fix(): use hasWriteRole 2023-04-28 07:35:15 +00:00			`include: {`
			`relation: 'readRole'`
fix(imageCollection): 2023-04-28 09:54:11 +00:00			`},`
			`where: {name}`
refs #5488 fix(): use hasWriteRole 2023-04-28 07:35:15 +00:00			`}, options);`

			`return await hasRole(ctx, collection, options);`
			`};`

			`/**`
			`* Checks if current user has`
			`* write privileges over a collection`
			`*`
			`* @param {object} ctx - Request context`
			`* @param {string} name - Collection name`
			`* @param {object} options - Query options`
			`* @return {boolean} True for user with write privileges`
			`*/`
			`Self.hasWriteRole = async(ctx, name, options) => {`
			`const collection = await Self.findOne({`
			`include: {`
			`relation: 'writeRole'`
			`},`
			`where: {name}`
			`}, options);`

			`return await hasRole(ctx, collection, options);`
			`};`

			`/**`
			`* Checks if current user has`
			`* read or write privileges`
			`* @param {Object} ctx - Context`
			`* @param {Object} collection - Collection [read/write]`
			`* @param {Object} options - Query options`
			`*/`
			`async function hasRole(ctx, collection, options) {`
			`const models = Self.app.models;`
			`const myUserId = ctx.req.accessToken.userId;`

			`const readRole = collection.readRole() && collection.readRole().name;`
			`const writeRole = collection.writeRole() && collection.writeRole().name;`
			`const requiredRole = readRole \|\| writeRole;`

			`const hasRequiredRole = await models.VnUser.hasRole(myUserId, requiredRole, options);`
			`const isRoot = await models.VnUser.hasRole(myUserId, 'root', options);`

			`if (isRoot \|\| hasRequiredRole)`
			`return true;`

			`return false;`
			`}`
			`};`