49 lines
1.3 KiB
JavaScript
49 lines
1.3 KiB
JavaScript
module.exports = Self => {
|
|
Self.remoteMethod('funcionalityAcl', {
|
|
description: 'Return if user has permissions',
|
|
accepts: [
|
|
{
|
|
arg: 'model',
|
|
type: 'String',
|
|
description: 'The model',
|
|
required: true
|
|
},
|
|
{
|
|
arg: 'property',
|
|
type: 'String',
|
|
description: 'The property',
|
|
required: true
|
|
}
|
|
],
|
|
returns: {
|
|
type: 'Object',
|
|
root: true
|
|
},
|
|
http: {
|
|
path: `/funcionalityAcl`,
|
|
verb: 'GET'
|
|
}
|
|
});
|
|
|
|
Self.funcionalityAcl = async function(ctx, model, property) {
|
|
const userId = ctx.req.accessToken.userId;
|
|
const models = Self.app.models;
|
|
|
|
const acls = await models.FuncionalityAcl.find({
|
|
where: {
|
|
model: model,
|
|
property: property
|
|
}
|
|
});
|
|
|
|
const hasPermissions = acls.filter(async acl => {
|
|
console.log('FILTER: ');
|
|
acl.role && await models.Account.hasRole(userId, acl.role);
|
|
});
|
|
console.log(hasPermissions);
|
|
if (hasPermissions)
|
|
return true;
|
|
return false;
|
|
};
|
|
};
|