mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-07 20:31:06 -05:00
aa9d6c8dc9
* [misc] decaff cleanup: RoomManager * [misc] decaff cleanup: RedisClientManager * [misc] decaff cleanup: SafeJsonParse * [misc] decaff cleanup: WebApiManager * [misc] decaff cleanup: WebsocketController * [misc] decaff cleanup: WebsocketLoadBalancer * [misc] decaff cleanup: SessionSockets * [misc] decaff cleanup: HttpController * [misc] decaff cleanup: HttpApiController * [misc] decaff cleanup: HealthCheckManager * [misc] decaff cleanup: EventLogger * [misc] decaff cleanup: Errors o-error will eliminate most of it -- when we migrate over. * [misc] decaff cleanup: DrainManager * [misc] decaff cleanup: DocumentUpdaterManager * [misc] decaff cleanup: DocumentUpdaterController: no-unused-vars * [misc] decaff cleanup: DocumentUpdaterController: Array.from * [misc] decaff cleanup: DocumentUpdaterController: implicit return * [misc] decaff cleanup: DocumentUpdaterController: IIFE * [misc] decaff cleanup: DocumentUpdaterController: null checks * [misc] decaff cleanup: DocumentUpdaterController: simpler loops * [misc] decaff cleanup: DocumentUpdaterController: move module name def * [misc] decaff cleanup: ConnectedUsersManager: handle-callback-err * [misc] decaff cleanup: ConnectedUsersManager: implicit returns * [misc] decaff cleanup: ConnectedUsersManager: null checks * [misc] decaff cleanup: ChannelManager: no-unused-vars * [misc] decaff cleanup: ChannelManager: implicit returns * [misc] decaff cleanup: ChannelManager: other cleanup - var -> const - drop variable assignment before return * [misc] decaff cleanup: AuthorizationManager: handle-callback-err Note: This requires a change in WebsocketController to provide a dummy callback. * [misc] decaff cleanup: AuthorizationManager: Array.from * [misc] decaff cleanup: AuthorizationManager: implicit returns * [misc] decaff cleanup: AuthorizationManager: null checks * [misc] decaff cleanup: Router: handle-callback-err * [misc] decaff cleanup: Router: standard/no-callback-literal * [misc] decaff cleanup: Router: Array.from * [misc] decaff cleanup: Router: implicit returns * [misc] decaff cleanup: Router: refactor __guard__ wrapper * [misc] decaff cleanup: Router: null checks And a minor bug fix: user.id -> user._id * [misc] decaff cleanup: Router: move variable declarations to assignments * [misc] decaff cleanup: app: implicit returns * [misc] decaff cleanup: app: __guard__ * [misc] decaff cleanup: app: null checks * [misc] decaff cleanup: app: function definitions * [misc] decaff cleanup: app: drop unused next argument * [misc] decaff cleanup: app: var -> const
65 lines
1.7 KiB
JavaScript
65 lines
1.7 KiB
JavaScript
/* eslint-disable
|
|
camelcase,
|
|
*/
|
|
let AuthorizationManager
|
|
module.exports = AuthorizationManager = {
|
|
assertClientCanViewProject(client, callback) {
|
|
AuthorizationManager._assertClientHasPrivilegeLevel(
|
|
client,
|
|
['readOnly', 'readAndWrite', 'owner'],
|
|
callback
|
|
)
|
|
},
|
|
|
|
assertClientCanEditProject(client, callback) {
|
|
AuthorizationManager._assertClientHasPrivilegeLevel(
|
|
client,
|
|
['readAndWrite', 'owner'],
|
|
callback
|
|
)
|
|
},
|
|
|
|
_assertClientHasPrivilegeLevel(client, allowedLevels, callback) {
|
|
if (allowedLevels.includes(client.ol_context.privilege_level)) {
|
|
callback(null)
|
|
} else {
|
|
callback(new Error('not authorized'))
|
|
}
|
|
},
|
|
|
|
assertClientCanViewProjectAndDoc(client, doc_id, callback) {
|
|
AuthorizationManager.assertClientCanViewProject(client, function (error) {
|
|
if (error) {
|
|
return callback(error)
|
|
}
|
|
AuthorizationManager._assertClientCanAccessDoc(client, doc_id, callback)
|
|
})
|
|
},
|
|
|
|
assertClientCanEditProjectAndDoc(client, doc_id, callback) {
|
|
AuthorizationManager.assertClientCanEditProject(client, function (error) {
|
|
if (error) {
|
|
return callback(error)
|
|
}
|
|
AuthorizationManager._assertClientCanAccessDoc(client, doc_id, callback)
|
|
})
|
|
},
|
|
|
|
_assertClientCanAccessDoc(client, doc_id, callback) {
|
|
if (client.ol_context[`doc:${doc_id}`] === 'allowed') {
|
|
callback(null)
|
|
} else {
|
|
callback(new Error('not authorized'))
|
|
}
|
|
},
|
|
|
|
addAccessToDoc(client, doc_id, callback) {
|
|
client.ol_context[`doc:${doc_id}`] = 'allowed'
|
|
callback(null)
|
|
},
|
|
|
|
removeAccessToDoc(client, doc_id, callback) {
|
|
delete client.ol_context[`doc:${doc_id}`]
|
|
callback(null)
|
|
}
|
|
}
|