module.exports = Self => { /** * Checks if current user has * read privileges over a dms * * @param {Object} ctx - Request context * @param {Interger} id - DmsType id * @param {Object} options - Query options * @return {Boolean} True for user with read privileges */ Self.hasReadRole = async(ctx, id, options) => { const models = Self.app.models; const dmsType = await models.DmsType.findById(id, { include: { relation: 'readRole' } }, options); return await hasRole(ctx, dmsType, options); }; /** * Checks if current user has * write privileges over a dms * * @param {Object} ctx - Request context * @param {Interger} id - DmsType id * @param {Object} options - Query options * @return {Boolean} True for user with write privileges */ Self.hasWriteRole = async(ctx, id, options) => { const models = Self.app.models; const dmsType = await models.DmsType.findById(id, { include: { relation: 'writeRole' } }, options); return await hasRole(ctx, dmsType, options); }; /** * Checks if current user has * read or write privileges * @param {Object} ctx - Context * @param {Object} dmsType - Dms type [read/write] * @param {Object} options - Query options */ async function hasRole(ctx, dmsType, options) { const models = Self.app.models; const myUserId = ctx.req.accessToken.userId; const readRole = dmsType.readRole() && dmsType.readRole().name; const writeRole = dmsType.writeRole() && dmsType.writeRole().name; const requiredRole = readRole || writeRole; const hasRequiredRole = await models.Account.hasRole(myUserId, requiredRole, options); const isRoot = await models.Account.hasRole(myUserId, 'root', options); if (isRoot || hasRequiredRole) return true; return false; } };