46 lines
1.1 KiB
JavaScript
46 lines
1.1 KiB
JavaScript
module.exports = Self => {
|
|
Self.remoteMethod('acl', {
|
|
description: 'Get the user information and permissions',
|
|
accepts: [
|
|
{
|
|
arg: 'ctx',
|
|
type: 'Object',
|
|
http: {source: 'context'}
|
|
}
|
|
],
|
|
returns: {
|
|
type: 'Object',
|
|
root: true
|
|
},
|
|
http: {
|
|
path: `/acl`,
|
|
verb: 'GET'
|
|
}
|
|
});
|
|
|
|
Self.acl = async function(ctx) {
|
|
let userId = ctx.req.accessToken.userId;
|
|
let models = Self.app.models;
|
|
|
|
let user = await models.Account.findById(userId, {
|
|
fields: ['id', 'name', 'nickname', 'email']
|
|
});
|
|
|
|
let roles = await models.RoleMapping.find({
|
|
fields: ['roleId'],
|
|
where: {
|
|
principalId: userId,
|
|
principalType: 'USER'
|
|
},
|
|
include: [{
|
|
relation: 'role',
|
|
scope: {
|
|
fields: ['name']
|
|
}
|
|
}]
|
|
});
|
|
|
|
return {roles, user};
|
|
};
|
|
};
|