Nemcio/meanTorrent
1
0
Fork 0
mirror of https://github.com/taobataoma/meanTorrent.git synced 2026-03-02 02:00:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ee467665b5b6af80c1cab5fd08256ca1cdabd4eb
meanTorrent/modules/about/server/policies/about.server.policy.js

63 lines
1.8 KiB
JavaScript
Raw Blame History

'use strict';
/**
* Module dependencies
*/
var acl = require('acl');
// Using the memory backend
acl = new acl(new acl.memoryBackend());
/**
* Invoke Articles Permissions
*/
exports.invokeRolesPolicies = function () {
acl.allow([{
roles: ['oper', 'admin'],
allows: [
{resources: '/api/makers', permissions: '*'},
{resources: '/api/makers/create/:userId', permissions: '*'},
{resources: '/api/makers/:makerId', permissions: '*'},
{resources: '/api/makers/:makerId/rating', permissions: '*'},
{resources: '/api/makers/:makerId/addMember/:username', permissions: '*'},
{resources: '/api/makers/:makerId/removeMember/:username', permissions: '*'}
]
}, {
roles: ['user'],
allows: [
{resources: '/api/makers', permissions: ['get']},
{resources: '/api/makers/:makerId', permissions: ['get']},
{resources: '/api/makers/:makerId/rating', permissions: ['put']}
]
}]);
};
/**
* Check If Articles Policy Allows
*/
exports.isAllowed = function (req, res, next) {
var roles = (req.user) ? req.user.roles : ['guest'];
// If an article is being processed and the current user created it then allow any manipulation
if (req.maker && req.user && req.maker.user && req.maker.user.id === req.user.id) {
return next();
}
// Check for user roles
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
if (err) {
// An authorization error occurred
return res.status(500).send('Unexpected authorization error');
} else {
if (isAllowed) {
// Access granted! Invoke next middleware
return next();
} else {
return res.status(403).json({
message: 'User is not authorized'
});
}
}
});
};
Reference in New Issue View Git Blame Copy Permalink