mirror of
https://github.com/ets-cfuhrman-pfe/EvalueTonSavoir.git
synced 2025-08-11 21:23:54 -04:00
29 lines
No EOL
933 B
JavaScript
29 lines
No EOL
933 B
JavaScript
const Permissions = require('../models/permissions');
|
|
const AppError = require("./AppError");
|
|
const { UNAUTHORIZED_PERMISSION_MISSING} = require("../constants/errorCodes");
|
|
|
|
class Rbac {
|
|
checkPermission = (...permissions) => {
|
|
return (req, res, next) => {
|
|
let userRole;
|
|
if (req.user) {
|
|
userRole = req.user.role;
|
|
} else if (req.session.passport.user) {
|
|
userRole = req.session.passport.user.role;
|
|
} else {
|
|
userRole = 'anonymous';
|
|
}
|
|
const userPermissions = Permissions.getPermissionsByRoleName(userRole);
|
|
|
|
for (let permission of permissions) {
|
|
if (!userPermissions.includes(permission)) {
|
|
return next(new AppError(UNAUTHORIZED_PERMISSION_MISSING));
|
|
}
|
|
}
|
|
|
|
return next();
|
|
};
|
|
};
|
|
}
|
|
|
|
module.exports = new Rbac; |