2020-08-20 06:50:35 -04:00
|
|
|
const { NotAuthorizedError } = require('./Errors')
|
|
|
|
|
2020-06-23 13:29:44 -04:00
|
|
|
let AuthorizationManager
|
|
|
|
module.exports = AuthorizationManager = {
|
|
|
|
assertClientCanViewProject(client, callback) {
|
2020-07-07 06:06:02 -04:00
|
|
|
AuthorizationManager._assertClientHasPrivilegeLevel(
|
2020-06-23 13:29:44 -04:00
|
|
|
client,
|
|
|
|
['readOnly', 'readAndWrite', 'owner'],
|
|
|
|
callback
|
|
|
|
)
|
|
|
|
},
|
2014-11-13 12:07:05 -05:00
|
|
|
|
2020-06-23 13:29:44 -04:00
|
|
|
assertClientCanEditProject(client, callback) {
|
2020-07-07 06:06:02 -04:00
|
|
|
AuthorizationManager._assertClientHasPrivilegeLevel(
|
2020-06-23 13:29:44 -04:00
|
|
|
client,
|
|
|
|
['readAndWrite', 'owner'],
|
|
|
|
callback
|
|
|
|
)
|
|
|
|
},
|
2016-09-02 11:35:00 -04:00
|
|
|
|
2020-06-23 13:29:44 -04:00
|
|
|
_assertClientHasPrivilegeLevel(client, allowedLevels, callback) {
|
2020-07-07 06:06:02 -04:00
|
|
|
if (allowedLevels.includes(client.ol_context.privilege_level)) {
|
|
|
|
callback(null)
|
2020-06-23 13:29:44 -04:00
|
|
|
} else {
|
2020-08-20 06:50:35 -04:00
|
|
|
callback(new NotAuthorizedError())
|
2020-06-23 13:29:44 -04:00
|
|
|
}
|
|
|
|
},
|
2016-09-02 11:35:00 -04:00
|
|
|
|
2023-03-20 10:10:40 -04:00
|
|
|
assertClientCanViewProjectAndDoc(client, docId, callback) {
|
2020-07-07 06:06:02 -04:00
|
|
|
AuthorizationManager.assertClientCanViewProject(client, function (error) {
|
|
|
|
if (error) {
|
2020-06-23 13:29:44 -04:00
|
|
|
return callback(error)
|
|
|
|
}
|
2023-03-20 10:10:40 -04:00
|
|
|
AuthorizationManager._assertClientCanAccessDoc(client, docId, callback)
|
2020-06-23 13:29:44 -04:00
|
|
|
})
|
|
|
|
},
|
2016-09-02 11:35:00 -04:00
|
|
|
|
2023-03-20 10:10:40 -04:00
|
|
|
assertClientCanEditProjectAndDoc(client, docId, callback) {
|
2020-07-07 06:06:02 -04:00
|
|
|
AuthorizationManager.assertClientCanEditProject(client, function (error) {
|
|
|
|
if (error) {
|
2020-06-23 13:29:44 -04:00
|
|
|
return callback(error)
|
|
|
|
}
|
2023-03-20 10:10:40 -04:00
|
|
|
AuthorizationManager._assertClientCanAccessDoc(client, docId, callback)
|
2020-06-23 13:29:44 -04:00
|
|
|
})
|
|
|
|
},
|
2016-09-02 11:35:00 -04:00
|
|
|
|
2023-03-20 10:10:40 -04:00
|
|
|
_assertClientCanAccessDoc(client, docId, callback) {
|
|
|
|
if (client.ol_context[`doc:${docId}`] === 'allowed') {
|
2020-07-07 06:06:02 -04:00
|
|
|
callback(null)
|
2020-06-23 13:29:44 -04:00
|
|
|
} else {
|
2020-08-20 06:50:35 -04:00
|
|
|
callback(new NotAuthorizedError())
|
2020-06-23 13:29:44 -04:00
|
|
|
}
|
|
|
|
},
|
2016-09-02 11:35:00 -04:00
|
|
|
|
2023-03-20 10:10:40 -04:00
|
|
|
addAccessToDoc(client, docId, callback) {
|
|
|
|
client.ol_context[`doc:${docId}`] = 'allowed'
|
2020-07-07 06:06:02 -04:00
|
|
|
callback(null)
|
2020-06-23 13:29:44 -04:00
|
|
|
},
|
|
|
|
|
2023-03-20 10:10:40 -04:00
|
|
|
removeAccessToDoc(client, docId, callback) {
|
|
|
|
delete client.ol_context[`doc:${docId}`]
|
2020-07-07 06:06:02 -04:00
|
|
|
callback(null)
|
2021-07-13 07:04:45 -04:00
|
|
|
},
|
2020-06-23 13:29:44 -04:00
|
|
|
}
|