apps: hasAccessTo -> canAccess

src/apps.js

@@ -1,7 +1,7 @@
 'use strict';
 
 exports = module.exports = {
-    hasAccessTo,
+    canAccess,
     removeInternalFields,
     removeRestrictedFields,
 
@@ -581,7 +581,7 @@ function attachProperties(app, domainObjectMap) {
     app.aliasDomains.forEach(function (ad) { ad.fqdn = dns.fqdn(ad.subdomain, domainObjectMap[ad.domain]); });
 }
 
-function hasAccessTo(app, user) {
+function canAccess(app, user) {
     assert.strictEqual(typeof app, 'object');
     assert.strictEqual(typeof user, 'object');
 
@@ -901,7 +901,7 @@ async function listByUser(user) {
     assert.strictEqual(typeof user, 'object');
 
     const result = await list();
-    return result.filter((app) => hasAccessTo(app, user));
+    return result.filter((app) => canAccess(app, user));
 }
 
 async function downloadManifest(appStoreId, manifest) {

src/ldap.js

@@ -53,7 +53,7 @@ async function getUsersWithAccessToApp(req) {
     assert.strictEqual(typeof req.app, 'object');
 
     const result = await users.list();
-    const allowedUsers = result.filter((user) => apps.hasAccessTo(req.app, user));
+    const allowedUsers = result.filter((user) => apps.canAccess(req.app, user));
     return allowedUsers;
 }
 
@@ -472,9 +472,9 @@ async function authorizeUserForApp(req, res, next) {
     assert.strictEqual(typeof req.user, 'object');
     assert.strictEqual(typeof req.app, 'object');
 
-    const hasAccess = apps.hasAccessTo(req.app, req.user);
+    const canAccess = apps.canAccess(req.app, req.user);
     // we return no such object, to avoid leakage of a users existence
-    if (!hasAccess) return next(new ldap.NoSuchObjectError(req.dn.toString()));
+    if (!canAccess) return next(new ldap.NoSuchObjectError(req.dn.toString()));
 
     await eventlog.upsertLoginEvent(eventlog.ACTION_USER_LOGIN, { authType: 'ldap', appId: req.app.id }, { userId: req.user.id, user: users.removePrivateFields(req.user) });
 
@@ -586,8 +586,8 @@ async function userSearchSftp(req, res, next) {
 
     if (req.requireAdmin && users.compareRoles(user.role, users.ROLE_ADMIN) < 0) return next(new ldap.InsufficientAccessRightsError('Insufficient previleges'));
 
-    const hasAccess = apps.hasAccessTo(app, user);
-    if (!hasAccess) return next(new ldap.InsufficientAccessRightsError('Not authorized'));
+    const canAccess = apps.canAccess(app, user);
+    if (!canAccess) return next(new ldap.InsufficientAccessRightsError('Not authorized'));
 
     const obj = {
         dn: ldap.parseDN(`cn=${username}@${appFqdn},ou=sftp,dc=cloudron`).toString(),

src/proxyauth.js

@@ -167,7 +167,7 @@ async function authorize(req, res, next) {
     const [error, app] = await safe(apps.get(appId));
     if (error) return next(new HttpError(403, 'No such app' ));
 
-    if (!apps.hasAccessTo(app, req.user)) return next(new HttpError(403, 'Forbidden' ));
+    if (!apps.canAccess(app, req.user)) return next(new HttpError(403, 'Forbidden' ));
 
     const token = jwt.sign({ user: users.removePrivateFields(req.user) }, TOKEN_SECRET, { expiresIn: `${constants.DEFAULT_TOKEN_EXPIRATION_DAYS}d` });
 

src/test/apps-test.js

@@ -71,40 +71,40 @@ describe('Apps', function () {
         });
     });
 
-    describe('hasAccessTo', function () {
+    describe('canAccess', function () {
         const someuser = { id: 'someuser', groupIds: [], role: 'user' };
         const adminuser = { id: 'adminuser', groupIds: [ 'groupie' ], role: 'admin' };
 
         it('returns true for unrestricted access', function () {
-            expect(apps.hasAccessTo({ accessRestriction: null }, someuser)).to.be(true);
+            expect(apps.canAccess({ accessRestriction: null }, someuser)).to.be(true);
         });
 
         it('returns true for allowed user', function () {
-            expect(apps.hasAccessTo({ accessRestriction: { users: [ 'someuser' ] } }, someuser)).to.be(true);
+            expect(apps.canAccess({ accessRestriction: { users: [ 'someuser' ] } }, someuser)).to.be(true);
         });
 
         it('returns true for allowed user with multiple allowed', function () {
-            expect(apps.hasAccessTo({ accessRestriction: { users: [ 'foo', 'someuser', 'anotheruser' ] } }, someuser)).to.be(true);
+            expect(apps.canAccess({ accessRestriction: { users: [ 'foo', 'someuser', 'anotheruser' ] } }, someuser)).to.be(true);
         });
 
         it('returns false for not allowed user', function () {
-            expect(apps.hasAccessTo({ accessRestriction: { users: [ 'foo' ] } }, someuser)).to.be(false);
+            expect(apps.canAccess({ accessRestriction: { users: [ 'foo' ] } }, someuser)).to.be(false);
         });
 
         it('returns false for not allowed user with multiple allowed', function () {
-            expect(apps.hasAccessTo({ accessRestriction: { users: [ 'foo', 'anotheruser' ] } }, someuser)).to.be(false);
+            expect(apps.canAccess({ accessRestriction: { users: [ 'foo', 'anotheruser' ] } }, someuser)).to.be(false);
         });
 
         it('returns false for no group or user', function () {
-            expect(apps.hasAccessTo({ accessRestriction: { users: [ ], groups: [ ] } }, someuser)).to.be(false);
+            expect(apps.canAccess({ accessRestriction: { users: [ ], groups: [ ] } }, someuser)).to.be(false);
         });
 
         it('returns false for invalid group or user', function () {
-            expect(apps.hasAccessTo({ accessRestriction: { users: [ ], groups: [ 'nop' ] } }, someuser)).to.be(false);
+            expect(apps.canAccess({ accessRestriction: { users: [ ], groups: [ 'nop' ] } }, someuser)).to.be(false);
         });
 
         it('returns true for admin user', function () {
-            expect(apps.hasAccessTo({ accessRestriction: { users: [ ], groups: [ 'nop' ] } }, adminuser)).to.be(true);
+            expect(apps.canAccess({ accessRestriction: { users: [ ], groups: [ 'nop' ] } }, adminuser)).to.be(true);
         });
     });