node-user-accounts-boilerplate-nahid/helper/access.js
"use strict";
const AUDIT_PERMISSION_ERROR = 'SESSION_PERMISSION_ERROR';
module.exports.AUDIT_PERMISSION_ERROR = AUDIT_PERMISSION_ERROR;
/**
* Express middleware for blocking non-logged in users
*/
module.exports.LOGGEDIN = function (req, res, next)
{
if (req.user)
{
return next();
}
res.error('Must be logged in', AUDIT_PERMISSION_ERROR);
};
/**
* Express middleware generator for blocking non-logged in users or users that do not have one of the specified roles
* @param {object} roles map of roles
* @return {ExpressMiddlewareFunction}
*/
module.exports.ROLE_ONE_OF = function (roles)
{
return function (req, res, next)
{
if (req.user)
{
let userRoles = req.user.roles || {};
for (let role in userRoles)
{
if (userRoles[role] && roles[role])
{
return next();
}
}
req.audit(AUDIT_PERMISSION_ERROR, 'MUST HAVE', JSON.stringify(roles), 'HAVE', JSON.stringify(req.user && req.user.roles || null));
res.error('Must have access');
}
else
{
res.error('Must be logged in', AUDIT_PERMISSION_ERROR);
}
};
};