Changeset View
Changeset View
Standalone View
Standalone View
lib/app/base-chips/access-strategy-types/users-who-can.js
const assert = require("assert"); | const assert = require("assert"); | ||||
const ALLOW = [{ $match: { _id: { $exists: true } } }]; | const ALLOW = [{ $match: { _id: { $exists: true } } }]; | ||||
const DENY = [{ $match: { _id: { $exists: false } } }]; | const DENY = [{ $match: { _id: { $exists: false } } }]; | ||||
function check_params(app, [action_name, collection]) { | function check_params(app, [action_name, collection]) { | ||||
assert(["create", "delete"].includes(action_name)); | assert(["create", "delete"].includes(action_name)); | ||||
assert( | assert( | ||||
collection instanceof app.Sealious.Collection, | collection instanceof app.Sealious.Collection, | ||||
"'collection' should be an instanse of Sealious.Collection" | "'collection' should be an instanse of Sealious.Collection" | ||||
); | ); | ||||
} | } | ||||
module.exports = app => ({ | module.exports = app => ({ | ||||
name: "users-who-can", | name: "users-who-can", | ||||
get_pre_aggregation_stage: async function( | async get_pre_aggregation_stage(context, [action_name, collection], item) { | ||||
context, | |||||
[action_name, collection], | |||||
item | |||||
) { | |||||
check_params(app, [action_name, collection]); | check_params(app, [action_name, collection]); | ||||
try { | try { | ||||
await collection.get_access_strategy(action_name).check(context); | await collection.get_access_strategy(action_name).check(context); | ||||
return Promise.resolve(ALLOW); | return Promise.resolve(ALLOW); | ||||
} catch (error) { | } catch (error) { | ||||
return Promise.resolve(DENY); | return Promise.resolve(DENY); | ||||
} | } | ||||
}, | }, | ||||
checker_function: async function(context, [action_name, collection]) { | async checker_function(context, [action_name, collection]) { | ||||
check_params(app, [action_name, collection]); | check_params(app, [action_name, collection]); | ||||
try { | try { | ||||
await collection.get_access_strategy(action_name).check(context); | await collection.get_access_strategy(action_name).check(context); | ||||
return Promise.resolve(); | return Promise.resolve(); | ||||
} catch (error) { | } catch (error) { | ||||
return Promise.reject( | return Promise.reject( | ||||
`You can't perform this action beacuse you can't ${action_name} ${ | `You can't perform this action beacuse you can't ${action_name} ${ | ||||
collection.name | collection.name | ||||
}` | }` | ||||
); | ); | ||||
} | } | ||||
}, | }, | ||||
item_sensitive: false, | item_sensitive: false, | ||||
}); | }); |