Starship
/
CoreID
1
0
Fork 0
Code Issues 8 Pull Requests Releases 34 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b526b8f24d'
${ noResults }
CoreID/app/routing/middleware/api/Permission.middleware.js

34 lines
1.1 KiB
Raw Blame History

const { Middleware } = require('libflitter')
class PermissionMiddleware extends Middleware {
static get services() {
return [...super.services, 'models']
}
async test(req, res, next, { check }) {
const Policy = this.models.get('iam:Policy')
// If the request was authorized using an OAuth2 bearer token,
// make sure the associated client has permission to access this endpoint.
if ( req?.oauth?.client ) {
if ( !req.oauth.client.can(check) )
return res.status(401)
.message('Insufficient permissions (OAuth2 Client).')
.api()
}
const policy_denied = await Policy.check_user_denied(req.user, check)
const policy_access = await Policy.check_user_access(req.user, check)
// Make sure the user has permission
if ( policy_denied || (!req.user.can(check) && !policy_access) )
return res.status(401)
.message('Insufficient permissions.')
.api()
return next()
}
}
module.exports = exports = PermissionMiddleware
Reference in new issue View Git Blame Copy Permalink