UNPKG

@inspire-platform/sails-hook-permissions

Version:

Comprehensive user permissions and entitlements system for sails.js and Waterline. Supports user authentication with passport.js, role-based permissioning, object ownership, and row-level security.

github.com/conceptainc/sails-hook-permissions

conceptainc/sails-hook-permissions

51 lines (42 loc) 1.39 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
'use strict'; var _ = require('lodash'); var _super = require('@inspire-platform/sails-hook-auth/api/controllers/AuthController'); var accessPolicy = require('../../lib/accessPolicy'); var featurePolicy = require('../../lib/featurePolicy'); _.merge(exports, _super); _.merge(exports, { accessPolicy: function policy(req, res) { // does user have session? if (true === req.session.authenticated) { // try to get user access policy return accessPolicy.user(req.user).then(function (policy) { // got one, return it return res.send(policy); })['catch'](function (err) { // not good, log error sails.log.debug(err); // don't provide an error info (paranoid) return res.forbidden(); }); } // default to forbidden return res.forbidden(); }, featurePolicy: function policy(req, res) { // does user have session? if (true === req.session.authenticated) { // try to get user feature policy return featurePolicy.user(req.user).then(function (policy) { // got one, return it return res.send(policy); })['catch'](function (err) { // not good, log error sails.log.debug(err); // don't provide an error info (paranoid) return res.forbidden(); }); } // default to forbidden return res.forbidden(); } });