Skip to content
Snippets Groups Projects
Commit 4c77d2d4 authored by Henrique Varella Ehrenfried's avatar Henrique Varella Ehrenfried
Browse files

Make API to always return as a JSONObject 


Signed-off-by: default avatarHenrique Varella Ehrenfried <h.v.ehrenfried@gmail.com>
parent 874d2cc9
No related branches found
No related tags found
1 merge request!1Acl testing
Hide whitespace changes
Inline Side-by-side
server/boot/access-control.js
+ 27
62
View file @ 4c77d2d4
...@@ -19,8 +19,7 @@ module.exports = function(app) { ...@@ -19,8 +19,7 @@ module.exports = function(app) {
process.nextTick(function() { process.nextTick(function() {
cb(null, false); cb(null, false);
}); });
} }
switch (context.modelName){ switch (context.modelName){
case 'end_user': case 'end_user':
...@@ -33,35 +32,14 @@ module.exports = function(app) { ...@@ -33,35 +32,14 @@ module.exports = function(app) {
return reject(); return reject();
} }
// // if the target model is not project
// if (context.modelName !== 'project') {
// return reject();
// }
// do not allow anonymous users
var userId = context.accessToken.userId; var userId = context.accessToken.userId;
if (!userId) { if (!userId) {
return reject(); return reject();
} }
else{
console.log("USER ID ::",userId)
}
console.log("ROLE ::", role)
console.log("CONTEXT MODEL ::", context.model)
console.log("CONTEXT ID ::", context.id)
// check if userId is in team table for the given project id
context.model.findById(userId, function(err, model) { context.model.findById(userId, function(err, model) {
app.models.EndUser.findById(userId, function(err2, user){ app.models.EndUser.findById(userId, function(err2, user){
console.log("ERR ::", err)
console.log("ERR 2::", err2)
console.log("MODEL ::", model)
console.log("ENDUSER MODEL", user)
if (err || err2 || !user || !model) if (err || err2 || !user || !model)
return reject(); return reject();
if(user.permission !== role) if(user.permission !== role)
...@@ -74,51 +52,38 @@ module.exports = function(app) { ...@@ -74,51 +52,38 @@ module.exports = function(app) {
Role.registerResolver('user', function(role, context, cb) { Role.registerResolver('user', function(role, context, cb) {
function reject() { function reject() {
process.nextTick(function() { process.nextTick(function() {
cb(null, false); cb(null, false);
}); });
} }
switch (context.modelName){
case 'end_user':
break;
case 'geolocation':
break;
case 'category':
break;
default:
return reject();
}
// // if the target model is not project switch (context.modelName){
// if (context.modelName !== 'project') { case 'end_user':
// return reject(); break;
// } case 'geolocation':
break;
case 'category':
break;
default:
return reject();
}
// do not allow anonymous users
var userId = context.accessToken.userId; var userId = context.accessToken.userId;
if (!userId) { if (!userId) {
return reject(); return reject();
} }
context.model.findById(userId, function(err, model) {
// check if userId is in team table for the given project id app.models.EndUser.findById(userId, function(err2, user){
context.model.findById(context.modelId, function(err, model) { if (err || err2 || !user || !model)
if (err || !model) return reject();
return reject(); if(user.permission !== role)
return reject();
var EndUser = app.models.EndUser; else
EndUser.count({ return cb(null,true)
ownerId: model.ownerId, })
memberId: userId
}, function(err, count) {
if (err) {
console.log(err);
return cb(null, false);
}
cb(null, count > 0); // true = is a team member
});
}); });
}); });
}; };
\ No newline at end of file
server/boot/hook.js 0 → 100644
+ 11
0
View file @ 4c77d2d4
module.exports = function(server) {
var remotes = server.remotes();
// modify all returned values
remotes.after('**', function (ctx, next) {
ctx.result = {
result: ctx.result
};
next();
});
};
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment