Changeset View
Changeset View
Standalone View
Standalone View
lib/app/base-chips/access-strategy-types/not.js
"use strict"; | |||||
const locreq = require("locreq")(__dirname); | const locreq = require("locreq")(__dirname); | ||||
const Promise = require("bluebird"); | const Promise = require("bluebird"); | ||||
const AccessStrategy = locreq("lib/chip-types/access-strategy.js"); | const AccessStrategy = locreq("lib/chip-types/access-strategy.js"); | ||||
const Query = locreq("lib/datastore/query.js"); | const Query = locreq("lib/datastore/query.js"); | ||||
function parse_params(app, params) { | function parse_params(app, params) { | ||||
let strategies; | let strategies; | ||||
if (params instanceof Array) { | if (params instanceof Array) { | ||||
strategies = params.map( | strategies = params.map( | ||||
declaration => new AccessStrategy(app, declaration) | declaration => new AccessStrategy(app, declaration) | ||||
); | ); | ||||
} else { | } else { | ||||
strategies = [new AccessStrategy(app, params)]; | strategies = [new AccessStrategy(app, params)]; | ||||
} | } | ||||
return strategies; | return strategies; | ||||
} | } | ||||
module.exports = function(app) { | module.exports = function(app) { | ||||
return { | return { | ||||
name: "not", | name: "not", | ||||
getRestrictingQuery: async function(context, params) { | async getRestrictingQuery(context, params) { | ||||
//assuming "not" can take only one access strategy as a parameter | //assuming "not" can take only one access strategy as a parameter | ||||
const strategy = parse_params(app, params)[0]; | const strategy = parse_params(app, params)[0]; | ||||
const query = await strategy.getRestrictingQuery(context); | const query = await strategy.getRestrictingQuery(context); | ||||
return new Query.Not(query); | return new Query.Not(query); | ||||
}, | }, | ||||
item_sensitive: function(params) { | item_sensitive(params) { | ||||
const access_strategies = parse_params(app, params); | const access_strategies = parse_params(app, params); | ||||
return Promise.map(access_strategies, function(access_strategy) { | return Promise.map(access_strategies, access_strategy => | ||||
return access_strategy.is_item_sensitive(); | access_strategy.is_item_sensitive() | ||||
}).reduce((a, b) => a || b, false); | ).reduce((a, b) => a || b, false); | ||||
}, | }, | ||||
checker_function: function(context, params, item) { | checker_function(context, params, item) { | ||||
const strategies = parse_params(app, params); | const strategies = parse_params(app, params); | ||||
return Promise.map(strategies, function(strategy) { | return Promise.map(strategies, strategy => { | ||||
return strategy.check(context, item); | return strategy.check(context, item); | ||||
}) | }) | ||||
.any() | .any() | ||||
.then(function() { | .then(() => Promise.reject("Action not allowed")) | ||||
return Promise.reject("Action not allowed"); | .catch({ sealious_error: true }, () => Promise.resolve()); | ||||
}) | |||||
.catch({ sealious_error: true }, function() { | |||||
return Promise.resolve(); | |||||
}); | |||||
}, | }, | ||||
}; | }; | ||||
}; | }; |