Nemcio/meanTorrent
1
0
Fork 0
mirror of https://github.com/taobataoma/meanTorrent.git synced 2026-01-16 20:32:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
37899b2ef2fe77df5f0fef2df875975089bb83d6
meanTorrent/modules/articles/server/policies/articles.server.policy.js
Michael Leanos 89075cb8d3 feat(articles): Article Admin feature (#807) 
This feature introduces a breaking change, that restricts the User's that
can create/edit/delete Articles to only those that have the `admin` Role.

Fixed ESLint issues.

Resolved merge conflicts, and moved new client Article Service
`createOrUpdate` functionality to new Admin feature controller.

Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00

73 lines
1.6 KiB
JavaScript
Raw Blame History

'use strict';
/**
* Module dependencies
*/
var acl = require('acl');
// Using the memory backend
acl = new acl(new acl.memoryBackend());
/**
* Invoke Articles Permissions
*/
exports.invokeRolesPolicies = function () {
acl.allow([{
roles: ['admin'],
allows: [{
resources: '/api/articles',
permissions: '*'
}, {
resources: '/api/articles/:articleId',
permissions: '*'
}]
}, {
roles: ['user'],
allows: [{
resources: '/api/articles',
permissions: ['get']
}, {
resources: '/api/articles/:articleId',
permissions: ['get']
}]
}, {
roles: ['guest'],
allows: [{
resources: '/api/articles',
permissions: ['get']
}, {
resources: '/api/articles/:articleId',
permissions: ['get']
}]
}]);
};
/**
* Check If Articles Policy Allows
*/
exports.isAllowed = function (req, res, next) {
var roles = (req.user) ? req.user.roles : ['guest'];
// If an article is being processed and the current user created it then allow any manipulation
if (req.article && req.user && req.article.user && req.article.user.id === req.user.id) {
return next();
}
// Check for user roles
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
if (err) {
// An authorization error occurred
return res.status(500).send('Unexpected authorization error');
} else {
if (isAllowed) {
// Access granted! Invoke next middleware
return next();
} else {
return res.status(403).json({
message: 'User is not authorized'
});
}
}
});
};
Reference in New Issue View Git Blame Copy Permalink