Skip to content
Snippets Groups Projects
Commit 20e521f4 authored by Henrique V. Ehrenfried's avatar Henrique V. Ehrenfried
Browse files

Start to build ACM

parent 03645ca3
No related branches found
No related tags found
1 merge request!1Acl testing
...@@ -20,6 +20,11 @@ ...@@ -20,6 +20,11 @@
"type": "hasMany", "type": "hasMany",
"model": "geolocation", "model": "geolocation",
"foreignKey": "category_id" "foreignKey": "category_id"
},
"user":{
"type": "belongsTo",
"model": "end_user",
"foreignKey": "id"
} }
}, },
"acls": [], "acls": [],
......
'use strict'; 'use strict';
module.exports = function(Endser) { module.exports = function(EndUser) {
}; };
...@@ -29,6 +29,11 @@ ...@@ -29,6 +29,11 @@
"type": "hasMany", "type": "hasMany",
"model": "geolocation", "model": "geolocation",
"foreignKey": "user_id" "foreignKey": "user_id"
},
"category":{
"type": "hasMany",
"model": "categories",
"foreignKey": "id"
} }
}, },
"acls": [], "acls": [],
......
/*
2 Permissions : admin, user
user: GET category, geolocation, own profile, number of users
UPDATE own profile
POST geolocation
admin: GET all
POST all
UPDATE all
DELETE all
*/
module.exports = function(app) {
var Role = app.models.Role;
Role.registerResolver('admin', function(role, context, cb) {
function reject() {
process.nextTick(function() {
cb(null, false);
});
}
switch (context.modelName){
case 'end_user':
break;
case 'geolocation':
break;
case 'category':
break;
default:
return reject();
}
// // if the target model is not project
// if (context.modelName !== 'project') {
// return reject();
// }
// do not allow anonymous users
var userId = context.accessToken.userId;
if (!userId) {
return reject();
}
// check if userId is in team table for the given project id
context.model.findById(context.modelId, function(err, model) {
if (err || !model)
return reject();
var EndUser = app.models.EndUser;
EndUser.count({
ownerId: model.ownerId,
memberId: userId
}, function(err, count) {
if (err) {
console.log(err);
return cb(null, false);
}
cb(null, count > 0); // true = is a team member
});
});
});
Role.registerResolver('user', function(role, context, cb) {
function reject() {
process.nextTick(function() {
cb(null, false);
});
}
switch (context.modelName){
case 'end_user':
break;
case 'geolocation':
break;
case 'category':
break;
default:
return reject();
}
// // if the target model is not project
// if (context.modelName !== 'project') {
// return reject();
// }
// do not allow anonymous users
var userId = context.accessToken.userId;
if (!userId) {
return reject();
}
// check if userId is in team table for the given project id
context.model.findById(context.modelId, function(err, model) {
if (err || !model)
return reject();
var EndUser = app.models.EndUser;
EndUser.count({
ownerId: model.ownerId,
memberId: userId
}, function(err, count) {
if (err) {
console.log(err);
return cb(null, false);
}
cb(null, count > 0); // true = is a team member
});
});
});
};
\ No newline at end of file
...@@ -34,7 +34,7 @@ ...@@ -34,7 +34,7 @@
}, },
"Role": { "Role": {
"dataSource": "db", "dataSource": "db",
"public": false "public": true
}, },
"category": { "category": {
"dataSource": "SMPPIR_CheckIn2", "dataSource": "SMPPIR_CheckIn2",
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment