xuthus/pigallery2
1
0
Fork 0
mirror of https://github.com/xuthus83/pigallery2.git synced 2024-11-03 21:04:03 +08:00
Code Actions Projects Activity
c93c1aba2d
pigallery2/backend/middlewares/UserRequestConstrainsMWs.ts
Braun Patrik ef5758f3c7 source style cleanup
2016-05-09 17:04:56 +02:00

55 lines
1.7 KiB
TypeScript
Raw Blame History

import {NextFunction, Request, Response} from "express";
import {Error, ErrorCodes} from "../../common/entities/Error";
import {UserRoles} from "../../common/entities/User";
import {ObjectManagerRepository} from "../model/ObjectManagerRepository";
export class UserRequestConstrainsMWs {
public static forceSelfRequest(req:Request, res:Response, next:NextFunction) {
if ((typeof req.params === 'undefined') || (typeof req.params.id === 'undefined')) {
return next();
}
if (req.session.user.id !== req.params.id) {
return next(new Error(ErrorCodes.NOT_AUTHORISED));
}
return next();
}
public static notSelfRequest(req:Request, res:Response, next:NextFunction) {
if ((typeof req.params === 'undefined') || (typeof req.params.id === 'undefined')) {
return next();
}
if (req.session.user.id === req.params.id) {
return next(new Error(ErrorCodes.NOT_AUTHORISED));
}
return next();
}
public static notSelfRequestOr2Admins(req:Request, res:Response, next:NextFunction) {
if ((typeof req.params === 'undefined') || (typeof req.params.id === 'undefined')) {
return next();
}
if (req.session.user.id !== req.params.id) {
return next();
}
//TODO: fix it!
ObjectManagerRepository.getInstance().getUserManager().find({minRole: UserRoles.Admin}, (err, result) => {
if ((err) || (!result)) {
return next(new Error(ErrorCodes.GENERAL_ERROR));
}
if (result.length <= 1) {
return next(new Error(ErrorCodes.GENERAL_ERROR));
}
});
return next();
}
}
View Git Blame Copy Permalink