Compare commits
No commits in common. "1a71d32b6df842edb2d78f1f1b61a770c84ee740" and "1a66c9fac0d168d0ad8194226857077395139e72" have entirely different histories.
1a71d32b6d
...
1a66c9fac0
1 changed files with 0 additions and 48 deletions
|
|
@ -73,23 +73,6 @@ export default class PermissionHelper {
|
|||
}, false);
|
||||
}
|
||||
|
||||
static canAccessSection(permissions: PermissionObject, section: PermissionSection): boolean {
|
||||
if (permissions?.admin || permissions?.adminByOwner) return true;
|
||||
if (permissions[section] != undefined) return true;
|
||||
return false;
|
||||
}
|
||||
|
||||
static canAccessSomeSection(
|
||||
permissions: PermissionObject,
|
||||
checks: Array<{
|
||||
section: PermissionSection;
|
||||
}>
|
||||
): boolean {
|
||||
return checks.reduce<boolean>((prev, curr) => {
|
||||
return prev || this.canAccessSection(permissions, curr.section);
|
||||
}, false);
|
||||
}
|
||||
|
||||
static canValue(permissions: PermissionObject, key: string, emptyIfAdmin: boolean = false): string {
|
||||
if (emptyIfAdmin && (permissions.admin || permissions.adminByOwner)) return "";
|
||||
return permissions?.additional?.[key] ?? "";
|
||||
|
|
@ -164,37 +147,6 @@ export default class PermissionHelper {
|
|||
};
|
||||
}
|
||||
|
||||
static sectionAccessPassCheckMiddleware(
|
||||
section: PermissionSection
|
||||
): (req: Request, res: Response, next: Function) => void {
|
||||
return (req: Request, res: Response, next: Function) => {
|
||||
const permissions = req.permissions;
|
||||
const isOwner = req.isOwner;
|
||||
|
||||
if (isOwner || this.canAccessSection(permissions, section)) {
|
||||
next();
|
||||
} else {
|
||||
throw new ForbiddenRequestException(`missing permission for ${section}.${module}`);
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
static sectionAccessPassCheckSomeMiddleware(
|
||||
checks: Array<{ section: PermissionSection }>
|
||||
): (req: Request, res: Response, next: Function) => void {
|
||||
return (req: Request, res: Response, next: Function) => {
|
||||
const permissions = req.permissions;
|
||||
const isOwner = req.isOwner;
|
||||
|
||||
if (isOwner || this.canAccessSomeSection(permissions, checks)) {
|
||||
next();
|
||||
} else {
|
||||
let permissionsToPass = checks.map((c) => `${c.section}`).join(" or ");
|
||||
throw new ForbiddenRequestException(`missing permission for ${permissionsToPass}`);
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
static isAdminMiddleware(): (req: Request, res: Response, next: Function) => void {
|
||||
return (req: Request, res: Response, next: Function) => {
|
||||
const permissions = req.permissions;
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue