UNPKG

joola.io.engine

Version:

joola.io's Framework Engine

github.com/joola/joola.io.engine

joola/joola.io.engine

72 lines (66 loc) 2.06 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
/** * joola.io * * Copyright Joola Smart Solutions, Ltd. <info@joo.la> * * Licensed under GNU General Public License 3.0 or later. * Some rights reserved. See LICENSE, AUTHORS. * * @license GPL-3.0+ <http://spdx.org/licenses/GPL-3.0+> */ var joola = global.joola, //for jslint _roles = require('../objects/roles'); exports.validate = function (connection, permission, next) { try { joola.logger.debug('checking permission [' + permission + ']...'); api.session.load(connection, function (error, session) { var pFound; if (session && session.loggedIn) { if (session.user) { _.each(session.user.roles, function (role) { if (!pFound) { role = _roles.get(role); pFound = _.find(role.permissions, function (permission) { return permission.id == permission; }) } }); if (pFound) { } else { joola.logger.warn('User does not have permission for this action.'); connection.response.error = 'Action not allowed'; connection.error = new Error("none of the required params for this action were provided."); //throw new Error("[Authentication: User does not have permission for this action.]"); } } else { joola.logger.warn('User does not have a valid authenticated session.'); connection.response.error = 'Authentication failed'; return next(connection, true); } } else { joola.logger.warn('User does not have a valid authenticated session.'); connection.response.error = 'Authentication failed'; return next(connection, true); } }); } catch (ex) { console.log('error'); throw ex; } }; exports.hasRole = function (roleList, rolesToCheck) { var found; _.each(roleList, function (role) { if (!found) { if (rolesToCheck.indexOf(role) > -1) { found = role; } } }); return found; }