-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathrole.js
32 lines (27 loc) · 998 Bytes
/
role.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
/**
* This middleware will validate if a user has a high enough user role to perform a task. The passed in role is
* the required role and the required role is compaired to the user's role that is in the kontx.
* @param role
* @returns {Function}
*/
module.exports = function(role){
'use strict';
var _ = require('lodash'),
roles = require('../security/roles'),
Strings = require('../strings'),
strings = new Strings(),
createError = require('../utils/error');
if(!_.isNumber(role)){
role = roles[role.toUpperCase()];
}
return function validateRole(kontx, next){
var userPrivLevel = roles[kontx.user.role.toUpperCase()],
err = createError(strings.group('codes').forbidden, strings.group('errors').user_privileges_exceeded);
//If user has enough priviliges then keep going
if (userPrivLevel <= parseInt(role, 10)){
next();
return;
}
next(err);
};
};