github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-09-16 02:52:31 -04:00
Code Issues Projects Releases Packages Wiki Activity
overleaf/services/web/app/coffee/Features/UserMembership/UserMembershipAuthorization.coffee
Timothée Alby dffb6bc7a2 Merge pull request #1187 from sharelatex/ta-publisher-membership 
Add Publisher Entity for UserMemberships

GitOrigin-RevId: 862b1e4fe6d33b63ddfdaef47c02809c4558f9cc
2018-11-28 10:17:36 +00:00

50 lines
1.9 KiB
CoffeeScript
Raw Blame History

AuthenticationController = require('../Authentication/AuthenticationController')
AuthorizationMiddlewear = require('../Authorization/AuthorizationMiddlewear')
UserMembershipHandler = require('./UserMembershipHandler')
EntityConfigs = require('./UserMembershipEntityConfigs')
Errors = require('../Errors/Errors')
logger = require("logger-sharelatex")
module.exports =
requireTeamAccess: (req, res, next) ->
requireAccessToEntity('team', req.params.id, req, res, next)
requireGroupAccess: (req, res, next) ->
requireAccessToEntity('group', req.params.id, req, res, next)
requireGroupManagersAccess: (req, res, next) ->
requireAccessToEntity('groupManagers', req.params.id, req, res, next)
requireInstitutionAccess: (req, res, next) ->
requireAccessToEntity('institution', req.params.id, req, res, next)
requirePublisherAccess: (req, res, next) ->
requireAccessToEntity('publisher', req.params.id, req, res, next)
requireGraphAccess: (req, res, next) ->
requireAccessToEntity(
req.query.resource_type, req.query.resource_id, req, res, next
)
requireAccessToEntity = (entityName, entityId, req, res, next) ->
loggedInUser = AuthenticationController.getSessionUser(req)
unless loggedInUser
return AuthorizationMiddlewear.redirectToRestricted req, res, next
getEntity entityName, entityId, loggedInUser, (error, entity, entityConfig) ->
return next(error) if error?
unless entity?
return AuthorizationMiddlewear.redirectToRestricted(req, res, next)
req.entity = entity
req.entityConfig = entityConfig
next()
getEntity = (entityName, entityId, userId, callback = (error, entity, entityConfig)->) ->
entityConfig = EntityConfigs[entityName]
unless entityConfig
return callback(new Errors.NotFoundError("No such entity: #{entityName}"))
UserMembershipHandler.getEntity entityId, entityConfig, userId, (error, entity)->
return callback(error) if error?
callback(null, entity, entityConfig)
Reference in a new issue View git blame Copy permalink