Skip to content

Commit

Permalink
refactored workManagementForTemplate permission middleware to reuse g…
Browse files Browse the repository at this point in the history 
…eneral method permission method
  • Loading branch information
@maxceem
maxceem committed Jul 17, 2019
1 parent b590fb0 commit 1d56b6b
Showing 1 changed file with 33 additions and 64 deletions.
97 changes: 33 additions & 64 deletions src/permissions/workManagementForTemplate.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,75 +8,44 @@ import models from '../models';
* @param {String} policy the work management permission policy
* @return {Promise} Returns a promise
*/
module.exports = policy => freq => new Promise((resolve, reject) => {
const projectId = _.parseInt(freq.params.projectId);
module.exports = policy => req => new Promise((resolve, reject) => {
const projectId = _.parseInt(req.params.projectId);

return models.Project.findOne({
where: {
id: projectId,
},
})
.then((project) => {
if (!project) {
return resolve(true);
}

if (!project.templateId) {
const errorMessage = 'You do not have permissions to perform this action';
return reject(new Error(errorMessage));
}

return models.WorkManagementPermissions.findOne({
where: {
policy,
projectTemplateId: project.templateId,
},
});
})
.then((management) => {
if (!management) {
const errorMessage = 'You do not have permissions to perform this action';
return reject(new Error(errorMessage));
}
.then((project) => {
if (!project) {
const apiErr = new Error(`Project not found for id ${projectId}`);
apiErr.status = 404;
return Promise.reject(apiErr);
}

return models.ProjectMember.getActiveProjectMembers(projectId)
.then((members) => {
const req = freq;
const mem = _.find(members, m => m.userId === req.authUser.userId);
let allowRule = false;
if (management.allowRule) {
if (management.allowRule.projectRoles
&& management.allowRule.projectRoles.length > 0
&& !_.isUndefined(mem)) {
allowRule = allowRule || _.includes(management.allowRule.projectRoles, mem.role);
}
if (management.allowRule.topcoderRoles && management.allowRule.topcoderRoles.length > 0) {
allowRule = allowRule || util.hasRoles(freq, management.allowRule.topcoderRoles);
}
}
if (management.denyRule) {
let denyRuleProject = false;
let denyRuleTopcoder = false;
if (management.denyRule.projectRoles
&& management.denyRule.projectRoles.length > 0
&& !_.isUndefined(mem)) {
denyRuleProject = _.includes(management.denyRule.projectRoles, mem.role);
}
if (management.denyRule.topcoderRoles && management.denyRule.topcoderRoles.length > 0) {
denyRuleTopcoder = util.hasRoles(freq, management.denyRule.topcoderRoles);
}
if (!project.templateId) {
return null;
}

const denyRule = (denyRuleProject || denyRuleTopcoder);
return !denyRule && allowRule;
}
return models.WorkManagementPermissions.findOne({
where: {
policy,
projectTemplateId: project.templateId,
},
});
})
.then((permission) => {
if (!permission) {
return false;
}

return allowRule;
});
})
.then((hasAccess) => {
if (!hasAccess) {
const errorMessage = 'You do not have permissions to perform this action';
return reject(new Error(errorMessage));
}
return resolve(true);
});
});
return util.hasPermissionForProject(permission, req.authUser, projectId);
})
.then((hasAccess) => {
if (!hasAccess) {
const errorMessage = 'You do not have permissions to perform this action';
return reject(new Error(errorMessage));
}
return resolve(true);
});
});

0 comments on commit 1d56b6b

Please sign in to comment.