overleaf/services/real-time/app/coffee/AuthorizationManager.coffee

module.exports = AuthorizationManager =
	assertClientCanViewProject: (client, callback = (error) ->) ->
		AuthorizationManager._assertClientHasPrivilegeLevel client, ["readOnly", "readAndWrite", "owner"], callback

	assertClientCanEditProject: (client, callback = (error) ->) ->
		AuthorizationManager._assertClientHasPrivilegeLevel client, ["readAndWrite", "owner"], callback
				
	_assertClientHasPrivilegeLevel: (client, allowedLevels, callback = (error) ->) ->
		client.get "privilege_level", (error, privilegeLevel) ->
			return callback(error) if error?
			allowed = (privilegeLevel in allowedLevels)
			if allowed
				callback null
			else
				callback new Error("not authorized")
Create joinDoc socket.io end point 2014-11-12 15:54:55 +00:00			`module.exports = AuthorizationManager =`
			`assertClientCanViewProject: (client, callback = (error) ->) ->`
			`AuthorizationManager._assertClientHasPrivilegeLevel client, ["readOnly", "readAndWrite", "owner"], callback`
Add appltOtUpdate end point (sans acceptance tests for now) 2014-11-13 17:07:05 +00:00
			`assertClientCanEditProject: (client, callback = (error) ->) ->`
			`AuthorizationManager._assertClientHasPrivilegeLevel client, ["readAndWrite", "owner"], callback`

Create joinDoc socket.io end point 2014-11-12 15:54:55 +00:00			`_assertClientHasPrivilegeLevel: (client, allowedLevels, callback = (error) ->) ->`
			`client.get "privilege_level", (error, privilegeLevel) ->`
			`return callback(error) if error?`
			`allowed = (privilegeLevel in allowedLevels)`
			`if allowed`
			`callback null`
			`else`
			`callback new Error("not authorized")`