jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

migrate permissions and admin flag to user.role

Browse Source
This commit is contained in:
Girish Ramakrishnan
2020-02-21 12:17:06 -08:00
parent a8f1b0241e
commit 0e156b9376
27 changed files with 245 additions and 254 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/routes/accesscontrol.js
View File

@@ -105,14 +105,13 @@ function tokenAuth(req, res, next) {
});
}
function authorize(requiredPermission) {
assert.strictEqual(typeof requiredPermission, 'string');
function authorize(requiredRole) {
assert.strictEqual(typeof requiredRole, 'string');
return function (req, res, next) {
assert.strictEqual(typeof req.user, 'object');
var error = accesscontrol.hasPermission(req.user, requiredPermission);
if (error) return next(new HttpError(403, error.message));
if (users.compareRoles(req.user.role, requiredRole) < 0) return next(new HttpError(403, `role '${requiredRole}' is required but user has only '${req.user.role}'`));
next();
};
@@ -129,8 +128,7 @@ function websocketAuth(requiredRole, req, res, next) {
req.user = user;
var e = accesscontrol.hasRole(req.user, requiredRole);
if (e) return next(new HttpError(403, e.message));
if (users.compareRoles(req.user.role, requiredRole) < 0) return next(new HttpError(403, `role '${requiredRole}' is required but user has only '${user.role}'`));
next();
});