huanld/speckle-server
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
bb5778bf2d50208de2daf7b2ae4e09a294d21072
speckle-server/packages/server/modules/core/rest/authUtils.js
T

70 lines
1.8 KiB
JavaScript
Raw Blame History

'use strict'
const {
validateScopes,
validateServerRole,
authorizeResolver
} = require('@/modules/shared')
const { getStream } = require('../services/streams')
const { Roles, Scopes } = require('@speckle/shared')
module.exports = {
async validatePermissionsReadStream(streamId, req) {
const stream = await getStream({ streamId, userId: req.context.userId })
if (stream?.isPublic) return { result: true, status: 200 }
try {
await validateServerRole(req.context, Roles.Server.User)
} catch (err) {
return { result: false, status: 401 }
}
if (!stream) return { result: false, status: 404 }
if (!stream.isPublic && req.context.auth === false) {
return { result: false, status: 401 }
}
if (!stream.isPublic) {
try {
await validateScopes(req.context.scopes, Scopes.Streams.Read)
} catch (err) {
return { result: false, status: 401 }
}
try {
await authorizeResolver(req.context.userId, streamId, 'stream:reviewer')
} catch (err) {
return { result: false, status: 401 }
}
}
return { result: true, status: 200 }
},
async validatePermissionsWriteStream(streamId, req) {
if (!req.context || !req.context.auth) {
return { result: false, status: 401 }
}
try {
await validateServerRole(req.context, Roles.Server.User)
} catch (err) {
return { result: false, status: 401 }
}
try {
await validateScopes(req.context.scopes, 'streams:write')
} catch (err) {
return { result: false, status: 401 }
}
try {
await authorizeResolver(req.context.userId, streamId, 'stream:contributor')
} catch (err) {
return { result: false, status: 401 }
}
return { result: true, status: 200 }
}
}
Reference in New Issue View Git Blame Copy Permalink