unleash.unleash/lib/middleware/permission-checker.js

'use strict';

const MissingPermission = require('../missing-permission');
const { ADMIN } = require('../permissions');

module.exports = function(config, permission) {
    if (!permission || !config.extendedPermissions) {
        return (req, res, next) => next();
    }
    return (req, res, next) => {
        if (
            req.user &&
            req.user.permissions &&
            (req.user.permissions.indexOf(ADMIN) !== -1 ||
                req.user.permissions.indexOf(permission) !== -1)
        ) {
            return next();
        }
        return res
            .status(403)
            .json(
                new MissingPermission({
                    permission,
                    message: `You require ${permission} to perform this action`,
                })
            )
            .end();
    };
};
Refactored controllers, moved checkPermission to permission-checker.js middleware 2018-12-19 14:50:01 +01:00			`'use strict';`

			`const MissingPermission = require('../missing-permission');`
			`const { ADMIN } = require('../permissions');`

			`module.exports = function(config, permission) {`
			`if (!permission \|\| !config.extendedPermissions) {`
			`return (req, res, next) => next();`
			`}`
			`return (req, res, next) => {`
			`if (`
			`req.user &&`
			`req.user.permissions &&`
			`(req.user.permissions.indexOf(ADMIN) !== -1 \|\|`
			`req.user.permissions.indexOf(permission) !== -1)`
			`) {`
			`return next();`
			`}`
			`return res`
			`.status(403)`
			`.json(`
			`new MissingPermission({`
			`permission,`
			message: `You require ${permission} to perform this action`,
			`})`
			`)`
			`.end();`
			`};`
			`};`