@bigfishtv/cockpit
Version:
82 lines (68 loc) • 2.01 kB
JavaScript
;
exports.__esModule = true;
exports.userCanAccess = userCanAccess;
/**
* Role Utilities
* @module Utilities/roleUtils
*/
/**
* Returns true if user can access at least one of the supplied resources.
*
* @param {Object[]} resources
* @param {String} resources[].model
* @param {String} resources[].foreign_key
* @param {String} resources[].alias
* @param {Object} user
* @param {Boolean} user.admin
* @param {Object[]} user.permissions
* @param {String} user.permissions[].model
* @param {String} user.permissions[].foreign_key
* @param {String} user.permissions[].alias
* @return {Boolean}
*/
function userCanAccess() {
var resources = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : [];
var user = arguments[1];
if (!Array.isArray(resources)) {
resources = [resources];
}
if (user.admin) {
return true;
}
if (!resources.length) {
return true;
}
for (var r = 0; r < resources.length; r++) {
var resource = resources[r];
for (var p = 0; p < user.permissions.length; p++) {
var permission = user.permissions[p];
// skip permission if scoped to foreign key that does not match resource
if (permission.foreign_key && resource.foreign_key && resource.foreign_key != permission.foreign_key) {
continue;
}
// skip permission if scoped to model key that does not match resource
if (permission.model && resource.model != permission.model) {
continue;
}
// normalise permission actions to an array
var permissionActions = ensureArray(permission.actions);
// skip permission if scoped to actions and action does not match resource
if (permissionActions.length) {
if (!resource.action) {
continue;
}
if (typeof resource.action === 'string' && permissionActions.indexOf(resource.action) === -1) {
continue;
}
}
return true;
}
}
return false;
}
function ensureArray(value) {
if (Array.isArray(value)) {
return value;
}
return value ? [value] : [];
}