Last active
December 14, 2017 06:28
-
-
Save arunkutty/86dc5dbb36f7f1cf402594330c0b26b7 to your computer and use it in GitHub Desktop.
Determine whether a logged in user is in a particular role
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Register the Manager role | |
var Role = app.models.Role; | |
Role.registerResolver('manager', function(role, context, cb) { | |
function reject(err) { | |
if (err) { | |
return cb(err); | |
} | |
cb(null, false); | |
} | |
function isEmployeeAManagerForOrganization(userId, organisationId){ | |
var Employee = app.models.employee; | |
Employee.findOne({where: {and: [{employeeID : userId},{organisationId : organisationId}]}}, | |
function (err, employee) { | |
if (err || (employee === null)) { | |
return reject(err); | |
} | |
cb(null, employee.isManager); | |
}); | |
} | |
if ((context.modelName !== 'organisation') && (context.modelName !== 'voucher')) { | |
// the target model is not organization or voucher | |
return reject(); | |
} | |
var userId = context.accessToken.userId; | |
if (!userId) { | |
return reject(); // do not allow anonymous users | |
} | |
//Access to the level of a single organisation | |
if (context.modelId === undefined){ | |
return reject(); | |
} | |
switch(context.modelName){ | |
case 'organisation': | |
context.model.findById(context.modelId, function (err, organisation) { | |
if (err || (organisation === null)) { | |
reject(err); | |
} | |
isEmployeeAManagerForOrganization(userId, organisation.id) | |
}); | |
break; | |
case 'voucher': | |
context.model.findById(context.modelId, function(err, voucher) { | |
if (err || voucher === null) { | |
reject(err); | |
} | |
isEmployeeAManagerForOrganization(userId, voucher.organisationId); | |
}); | |
break; | |
default : | |
reject("Unknown model"); | |
} | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment