UNPKG

express-acler

Version:

ACL manager for Express using ACLer

github.com/Rocketseat/express-acler

72 lines (59 loc) 1.56 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
const { check } = require("acler"); const dp = require("dot-prop-immutable"); const R = require("ramda"); module.exports = config => { const defaults = { roles: "user.roles", permissions: "user.permissions", errors: { roles: "You not allowed to this resource", permissions: "You not allowed to this resource" } }; const { roles, permissions, errors } = R.merge(defaults, config); return { is(acl) { return (req, res, next) => { const r = dp.get(req, roles); if (!r) { throw Error("User roles is required"); } const is = check(acl, roles => { return r.includes(roles); }); if (!is) { throw Error(errors.roles); } next(); }; }, can(acl) { return (req, res, next) => { let p = dp.get(req, permissions); const r = dp.get(req, roles); if (!p) { throw Error("User permissions is required"); } if (r) { r.forEach(role => { rolesPermissions = []; if (typeof role === "object") { rolesPermissions = R.concat( rolesPermissions, R.head(R.values(role)) ); } }); p = R.uniq(p.concat(rolesPermissions)); } const is = check(acl, permissions => { return p.includes(permissions); }); if (!is) { throw Error(errors.permissions); } next(); }; } }; };