Compare commits
No commits in common. "1a71d32b6df842edb2d78f1f1b61a770c84ee740" and "1a66c9fac0d168d0ad8194226857077395139e72" have entirely different histories.
1a71d32b6d
...
1a66c9fac0
1 changed files with 0 additions and 48 deletions
|
|
@ -73,23 +73,6 @@ export default class PermissionHelper {
|
||||||
}, false);
|
}, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
static canAccessSection(permissions: PermissionObject, section: PermissionSection): boolean {
|
|
||||||
if (permissions?.admin || permissions?.adminByOwner) return true;
|
|
||||||
if (permissions[section] != undefined) return true;
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
static canAccessSomeSection(
|
|
||||||
permissions: PermissionObject,
|
|
||||||
checks: Array<{
|
|
||||||
section: PermissionSection;
|
|
||||||
}>
|
|
||||||
): boolean {
|
|
||||||
return checks.reduce<boolean>((prev, curr) => {
|
|
||||||
return prev || this.canAccessSection(permissions, curr.section);
|
|
||||||
}, false);
|
|
||||||
}
|
|
||||||
|
|
||||||
static canValue(permissions: PermissionObject, key: string, emptyIfAdmin: boolean = false): string {
|
static canValue(permissions: PermissionObject, key: string, emptyIfAdmin: boolean = false): string {
|
||||||
if (emptyIfAdmin && (permissions.admin || permissions.adminByOwner)) return "";
|
if (emptyIfAdmin && (permissions.admin || permissions.adminByOwner)) return "";
|
||||||
return permissions?.additional?.[key] ?? "";
|
return permissions?.additional?.[key] ?? "";
|
||||||
|
|
@ -164,37 +147,6 @@ export default class PermissionHelper {
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
static sectionAccessPassCheckMiddleware(
|
|
||||||
section: PermissionSection
|
|
||||||
): (req: Request, res: Response, next: Function) => void {
|
|
||||||
return (req: Request, res: Response, next: Function) => {
|
|
||||||
const permissions = req.permissions;
|
|
||||||
const isOwner = req.isOwner;
|
|
||||||
|
|
||||||
if (isOwner || this.canAccessSection(permissions, section)) {
|
|
||||||
next();
|
|
||||||
} else {
|
|
||||||
throw new ForbiddenRequestException(`missing permission for ${section}.${module}`);
|
|
||||||
}
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
static sectionAccessPassCheckSomeMiddleware(
|
|
||||||
checks: Array<{ section: PermissionSection }>
|
|
||||||
): (req: Request, res: Response, next: Function) => void {
|
|
||||||
return (req: Request, res: Response, next: Function) => {
|
|
||||||
const permissions = req.permissions;
|
|
||||||
const isOwner = req.isOwner;
|
|
||||||
|
|
||||||
if (isOwner || this.canAccessSomeSection(permissions, checks)) {
|
|
||||||
next();
|
|
||||||
} else {
|
|
||||||
let permissionsToPass = checks.map((c) => `${c.section}`).join(" or ");
|
|
||||||
throw new ForbiddenRequestException(`missing permission for ${permissionsToPass}`);
|
|
||||||
}
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
static isAdminMiddleware(): (req: Request, res: Response, next: Function) => void {
|
static isAdminMiddleware(): (req: Request, res: Response, next: Function) => void {
|
||||||
return (req: Request, res: Response, next: Function) => {
|
return (req: Request, res: Response, next: Function) => {
|
||||||
const permissions = req.permissions;
|
const permissions = req.permissions;
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue