UNPKG

@openveo/core

Version:

OpenVeo core CMS

github.com/veo-labs/openveo-core

veo-labs/openveo-core

140 lines (112 loc) 3.66 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
'use strict'; /** * @module core/controllers/MenuController */ var util = require('util'); var openVeoApi = require('@openveo/api'); var storage = process.require('app/server/storage.js'); var Controller = openVeoApi.controllers.Controller; /** * Checks if user has the given permission. * * @memberof module:core/controllers/MenuController~MenuController * @private * @param {Object} user The user to test * @param {Array} user.permissions The user's permissions * @param {String} permission The permission id to check */ function isAuthorized(user, permission) { if (user && user.permissions) { if (user.permissions.indexOf(permission) >= 0) return true; } return false; } /** * Filters the given menu depending on user permissions and requested * menu items permissions. * * @memberof module:core/controllers/MenuController~MenuController * @private * @param {Array} menu The menu to filter * @param {Object} user The authenticated user */ function filterMenuByPermissions(menu, user) { var filteredMenu = []; // Iterate through menu items for (var i = 0; i < menu.length; i++) { var filteredSubMenu; var menuItem = menu[i]; var filteredMenuItem = {}; if (menuItem.weight) filteredMenuItem.weight = menuItem.weight; if (menuItem.label) filteredMenuItem.label = menuItem.label; if (menuItem.path) filteredMenuItem.path = menuItem.path; // Got a specific permission for this menu item if (menuItem.permission) { // Find if user is authorized to access this menu item if (isAuthorized(user, menuItem.permission)) { // Menu item has sub menu if (menuItem.subMenu) { filteredSubMenu = filterMenuByPermissions(menuItem.subMenu, user); if (filteredSubMenu.length) filteredMenuItem.subMenu = filteredSubMenu; } filteredMenu.push(filteredMenuItem); } } else if (menuItem.subMenu) { // No specific permission needed for this menu item : grant access // Menu item has sub items if (menuItem.subMenu) { filteredSubMenu = filterMenuByPermissions(menuItem.subMenu, user); if (filteredSubMenu.length) { filteredMenuItem.subMenu = filteredSubMenu; filteredMenu.push(filteredMenuItem); } } } else { // No sub menu filteredMenu.push(filteredMenuItem); } } return filteredMenu; } /** * Defines a controller to handle requests relative to the back end menu. * * @class MenuController * @extends Controller */ function MenuController() { MenuController.super_.call(this); } module.exports = MenuController; util.inherits(MenuController, Controller); /** * Gets the backend menu as a JSON object. * * If menu is empty a 404 Not Found is sent. * Menu is filtered regarding user permissions. * * @param {Request} request ExpressJS HTTP Request * @param {Object} request.user The connected user * @param {String} request.user.id The connected user id * @param {Response} response ExpressJS HTTP Response * @param {Function} next Function to defer execution to the next registered middleware */ MenuController.prototype.getMenuAction = function(request, response, next) { var menu = storage.getMenu(); var superAdminId = storage.getConfiguration().superAdminId; if (menu) { if (request.user && request.user.id !== superAdminId) { // Filters menu by permissions response.send(filterMenuByPermissions(menu, request.user)); } else { // User is the administrator (do not filter menu) response.send(menu); } } else next(); };