overleaf/services/real-time/app/js/AuthorizationManager.js
Eric Mc Sween d9e0215aee Merge pull request #12211 from overleaf/em-camel-case-real-time
Camel case variables in real-time

GitOrigin-RevId: 0a35d2e39d54c258bed017ea4dcdbf9a19a2a9b1
2023-03-21 09:05:37 +00:00

64 lines
1.7 KiB
JavaScript

const { NotAuthorizedError } = require('./Errors')
let AuthorizationManager
module.exports = AuthorizationManager = {
assertClientCanViewProject(client, callback) {
AuthorizationManager._assertClientHasPrivilegeLevel(
client,
['readOnly', 'readAndWrite', 'owner'],
callback
)
},
assertClientCanEditProject(client, callback) {
AuthorizationManager._assertClientHasPrivilegeLevel(
client,
['readAndWrite', 'owner'],
callback
)
},
_assertClientHasPrivilegeLevel(client, allowedLevels, callback) {
if (allowedLevels.includes(client.ol_context.privilege_level)) {
callback(null)
} else {
callback(new NotAuthorizedError())
}
},
assertClientCanViewProjectAndDoc(client, docId, callback) {
AuthorizationManager.assertClientCanViewProject(client, function (error) {
if (error) {
return callback(error)
}
AuthorizationManager._assertClientCanAccessDoc(client, docId, callback)
})
},
assertClientCanEditProjectAndDoc(client, docId, callback) {
AuthorizationManager.assertClientCanEditProject(client, function (error) {
if (error) {
return callback(error)
}
AuthorizationManager._assertClientCanAccessDoc(client, docId, callback)
})
},
_assertClientCanAccessDoc(client, docId, callback) {
if (client.ol_context[`doc:${docId}`] === 'allowed') {
callback(null)
} else {
callback(new NotAuthorizedError())
}
},
addAccessToDoc(client, docId, callback) {
client.ol_context[`doc:${docId}`] = 'allowed'
callback(null)
},
removeAccessToDoc(client, docId, callback) {
delete client.ol_context[`doc:${docId}`]
callback(null)
},
}