2018-11-30 10:11:36 +01:00
|
|
|
'use strict';
|
|
|
|
|
|
|
|
const { Router } = require('express');
|
2021-04-12 20:25:03 +02:00
|
|
|
const NoAccessError = require('../error/no-access-error');
|
2021-02-10 14:15:28 +01:00
|
|
|
const requireContentType = require('../middleware/content_type_checker');
|
2021-04-12 20:25:03 +02:00
|
|
|
|
|
|
|
const checkPermission = permission => {
|
|
|
|
return async (req, res, next) => {
|
|
|
|
if (!permission) {
|
|
|
|
return next();
|
|
|
|
}
|
|
|
|
if (await req.checkRbac(permission)) {
|
|
|
|
return next();
|
|
|
|
}
|
|
|
|
return res
|
|
|
|
.status(403)
|
|
|
|
.json(new NoAccessError(permission))
|
|
|
|
.end();
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2018-11-30 10:11:36 +01:00
|
|
|
/**
|
|
|
|
* Base class for Controllers to standardize binding to express Router.
|
|
|
|
*/
|
|
|
|
class Controller {
|
2018-12-19 14:50:01 +01:00
|
|
|
constructor(config) {
|
2018-11-30 10:11:36 +01:00
|
|
|
const router = Router();
|
|
|
|
this.app = router;
|
2018-12-19 14:50:01 +01:00
|
|
|
this.config = config;
|
2018-12-19 13:35:54 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
get(path, handler, permission) {
|
2021-04-12 20:25:03 +02:00
|
|
|
this.app.get(path, checkPermission(permission), handler.bind(this));
|
2018-11-30 10:11:36 +01:00
|
|
|
}
|
|
|
|
|
2021-02-10 14:15:28 +01:00
|
|
|
post(path, handler, permission, ...acceptedContentTypes) {
|
2018-12-19 13:35:54 +01:00
|
|
|
this.app.post(
|
|
|
|
path,
|
2021-04-12 20:25:03 +02:00
|
|
|
checkPermission(permission),
|
2021-02-10 14:15:28 +01:00
|
|
|
requireContentType(...acceptedContentTypes),
|
2020-04-14 22:29:11 +02:00
|
|
|
handler.bind(this),
|
2018-12-19 13:35:54 +01:00
|
|
|
);
|
2018-11-30 10:11:36 +01:00
|
|
|
}
|
|
|
|
|
2021-02-10 14:15:28 +01:00
|
|
|
put(path, handler, permission, ...acceptedContentTypes) {
|
2018-12-19 13:35:54 +01:00
|
|
|
this.app.put(
|
|
|
|
path,
|
2021-04-12 20:25:03 +02:00
|
|
|
checkPermission(permission),
|
2021-02-10 14:15:28 +01:00
|
|
|
requireContentType(...acceptedContentTypes),
|
2020-04-14 22:29:11 +02:00
|
|
|
handler.bind(this),
|
2018-12-19 13:35:54 +01:00
|
|
|
);
|
2018-11-30 11:11:12 +01:00
|
|
|
}
|
|
|
|
|
2018-12-19 13:17:44 +01:00
|
|
|
delete(path, handler, permission) {
|
2021-04-12 20:25:03 +02:00
|
|
|
this.app.delete(path, checkPermission(permission), handler.bind(this));
|
2018-11-30 11:11:12 +01:00
|
|
|
}
|
|
|
|
|
2019-03-13 19:10:13 +01:00
|
|
|
fileupload(path, filehandler, handler, permission) {
|
|
|
|
this.app.post(
|
|
|
|
path,
|
2021-04-12 20:25:03 +02:00
|
|
|
checkPermission(permission),
|
2019-03-13 19:10:13 +01:00
|
|
|
filehandler,
|
2020-04-14 22:29:11 +02:00
|
|
|
handler.bind(this),
|
2019-03-13 19:10:13 +01:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2018-12-03 08:59:13 +01:00
|
|
|
use(path, router) {
|
|
|
|
this.app.use(path, router);
|
|
|
|
}
|
|
|
|
|
|
|
|
get router() {
|
2018-11-30 10:11:36 +01:00
|
|
|
return this.app;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
module.exports = Controller;
|