jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

validate individual scopes

Browse Source
This commit is contained in:
Girish Ramakrishnan
2016-04-25 10:21:55 -07:00
parent 9d8def8349
commit 2d27da89d2
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/clients.js
View File

@@ -47,10 +47,13 @@ ClientsError.INVALID_CLIENT = 'Invalid client';
function validateScope(scope) {
assert.strictEqual(typeof scope, 'string');
var VALID_SCOPES = [ 'root', 'profile', 'users', 'apps', 'developer', 'settings' ];
if (scope === '') return new ClientsError(ClientsError.INVALID_SCOPE);
if (scope === '*') return null;
// TODO maybe validate all individual scopes if they exist
var allValid = scope.split(',').every(function (s) { return VALID_SCOPES.indexOf(s) !== -1; });
if (!allValid) return new ClientsError(ClientsError.INVALID_SCOPE);
return null;
}