pigallery2/backend/middlewares/UserRequestConstrainsMWs.ts

import {NextFunction, Request, Response} from "express";
import {Error, ErrorCodes} from "../../common/entities/Error";
import {UserRoles} from "../../common/entities/User";
import {ObjectManagerRepository} from "../model/ObjectManagerRepository";

export class UserRequestConstrainsMWs {

    public static forceSelfRequest(req:Request, res:Response, next:NextFunction) {
        if ((typeof req.params === 'undefined') || (typeof req.params.id === 'undefined')) {
            return next();
        }
        if (req.session.user.id !== req.params.id) {
            return next(new Error(ErrorCodes.NOT_AUTHORISED));
        }

        return next();
    }


    public static notSelfRequest(req:Request, res:Response, next:NextFunction) {
        if ((typeof req.params === 'undefined') || (typeof req.params.id === 'undefined')) {
            return next();
        }

        if (req.session.user.id === req.params.id) {
            return next(new Error(ErrorCodes.NOT_AUTHORISED));
        }

        return next();
    }

    public static notSelfRequestOr2Admins(req:Request, res:Response, next:NextFunction) {
        if ((typeof req.params === 'undefined') || (typeof req.params.id === 'undefined')) {
            return next();
        }

        if (req.session.user.id !== req.params.id) {
            return next();
        }
        //TODO: fix it!
        ObjectManagerRepository.getInstance().getUserManager().find({minRole: UserRoles.Admin}, (err, result) => {
            if ((err) || (!result)) {
                return next(new Error(ErrorCodes.GENERAL_ERROR));
            }
            if (result.length <= 1) {
                return next(new Error(ErrorCodes.GENERAL_ERROR));
            }

        });

        return next();
    }


}
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00			`import {NextFunction, Request, Response} from "express";`
			`import {Error, ErrorCodes} from "../../common/entities/Error";`
			`import {UserRoles} from "../../common/entities/User";`
implementing mongoose managers 2016-04-22 19:23:44 +08:00			`import {ObjectManagerRepository} from "../model/ObjectManagerRepository";`
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00
refactoring middleware rendering methods 2016-03-26 18:19:10 +08:00			`export class UserRequestConstrainsMWs {`
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00
source style cleanup 2016-05-09 23:04:56 +08:00			`public static forceSelfRequest(req:Request, res:Response, next:NextFunction) {`
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00			`if ((typeof req.params === 'undefined') \|\| (typeof req.params.id === 'undefined')) {`
			`return next();`
			`}`
source style cleanup 2016-05-09 23:04:56 +08:00			`if (req.session.user.id !== req.params.id) {`
refactoring middleware rendering methods 2016-03-26 18:19:10 +08:00			`return next(new Error(ErrorCodes.NOT_AUTHORISED));`
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00			`}`
source style cleanup 2016-05-09 23:04:56 +08:00
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00			`return next();`
			`}`


source style cleanup 2016-05-09 23:04:56 +08:00			`public static notSelfRequest(req:Request, res:Response, next:NextFunction) {`
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00			`if ((typeof req.params === 'undefined') \|\| (typeof req.params.id === 'undefined')) {`
			`return next();`
			`}`
source style cleanup 2016-05-09 23:04:56 +08:00
			`if (req.session.user.id === req.params.id) {`
refactoring middleware rendering methods 2016-03-26 18:19:10 +08:00			`return next(new Error(ErrorCodes.NOT_AUTHORISED));`
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00			`}`

			`return next();`
			`}`
source style cleanup 2016-05-09 23:04:56 +08:00
			`public static notSelfRequestOr2Admins(req:Request, res:Response, next:NextFunction) {`
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00			`if ((typeof req.params === 'undefined') \|\| (typeof req.params.id === 'undefined')) {`
			`return next();`
			`}`
source style cleanup 2016-05-09 23:04:56 +08:00
			`if (req.session.user.id !== req.params.id) {`
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00			`return next();`
			`}`
implementing user listing and role changing 2016-05-03 20:29:24 +08:00			`//TODO: fix it!`
source style cleanup 2016-05-09 23:04:56 +08:00			`ObjectManagerRepository.getInstance().getUserManager().find({minRole: UserRoles.Admin}, (err, result) => {`
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00			`if ((err) \|\| (!result)) {`
refactoring middleware rendering methods 2016-03-26 18:19:10 +08:00			`return next(new Error(ErrorCodes.GENERAL_ERROR));`
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00			`}`
source style cleanup 2016-05-09 23:04:56 +08:00			`if (result.length <= 1) {`
refactoring middleware rendering methods 2016-03-26 18:19:10 +08:00			`return next(new Error(ErrorCodes.GENERAL_ERROR));`
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00			`}`
source style cleanup 2016-05-09 23:04:56 +08:00
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00			`});`
source style cleanup 2016-05-09 23:04:56 +08:00
implementing routers and user middlewares 2016-03-20 00:31:42 +08:00			`return next();`
			`}`


			`}`