whitelist funcs
This commit is contained in:
parent
d5bde350a2
commit
28711d1e96
|
@ -1,6 +1,6 @@
|
||||||
const userRole = require('./user_roles');
|
const userRole = require('./user_roles');
|
||||||
|
|
||||||
var permissionModel;
|
let permissionModel;
|
||||||
|
|
||||||
const start = options => {
|
const start = options => {
|
||||||
const { schema } = options
|
const { schema } = options
|
||||||
|
@ -69,9 +69,10 @@ const getUsers = (cb) => {
|
||||||
|
|
||||||
const getRolesByUserId = (user_id, cb) => {
|
const getRolesByUserId = (user_id, cb) => {
|
||||||
if (user_id === undefined) {
|
if (user_id === undefined) {
|
||||||
console.error('storage::role_permissions:getRolesByUserId - given a user_id that is undefined');
|
console.error('model::role_permissions:getRolesByUserId - given a user_id that is undefined');
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
// console.log('model::role_permissions:getRolesByUserId - looking up', user_id);
|
||||||
return permissionModel.find({
|
return permissionModel.find({
|
||||||
where: { entity_type: 'user', entity_id: user_id }, order: 'ord'
|
where: { entity_type: 'user', entity_id: user_id }, order: 'ord'
|
||||||
}, cb);
|
}, cb);
|
||||||
|
@ -229,7 +230,7 @@ module.exports = {
|
||||||
permissionModel.find({ where: {
|
permissionModel.find({ where: {
|
||||||
entity_type: 'user', entity_id: user_id, object: 'server', object_id: 0
|
entity_type: 'user', entity_id: user_id, object: 'server', object_id: 0
|
||||||
}, order: 'ord'}, async (err, permissions) => {
|
}, order: 'ord'}, async (err, permissions) => {
|
||||||
if (err) console.error('storage:::role_permissions::unblacklistUserFromServer err', err);
|
if (err) console.error('storage:::role_permissions::blacklistUserFromServer err', err);
|
||||||
if (permissions.length) {
|
if (permissions.length) {
|
||||||
await Promise.all(
|
await Promise.all(
|
||||||
permissions.map(async perm => {
|
permissions.map(async perm => {
|
||||||
|
@ -255,14 +256,14 @@ module.exports = {
|
||||||
},
|
},
|
||||||
isBlacklisted: async user_id => {
|
isBlacklisted: async user_id => {
|
||||||
if (user_id === undefined) {
|
if (user_id === undefined) {
|
||||||
console.error('role_permissions:isBlacklisted given a user_id that is undefined');
|
console.trace('role_permissions:isBlacklisted given a user_id that is undefined');
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
const userPerms = await getRolesByUserId(user_id);
|
const userPerms = await getRolesByUserId(user_id);
|
||||||
if (!userPerms || !userPerms.length) {
|
if (!userPerms || !userPerms.length) {
|
||||||
// no entries at all
|
// no entries at all
|
||||||
// FIXME: look up server default
|
// FIXME: look up server default
|
||||||
console.log('role_permissions:isBlacklisted - no perms for', user_id);
|
//console.log('role_permissions:isBlacklisted - no perms for', user_id);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
const perms = userPerms.pop();
|
const perms = userPerms.pop();
|
||||||
|
@ -283,7 +284,7 @@ module.exports = {
|
||||||
},
|
},
|
||||||
unblacklistUserFromServer: async user_id => {
|
unblacklistUserFromServer: async user_id => {
|
||||||
if (user_id === undefined) {
|
if (user_id === undefined) {
|
||||||
console.error('role_permissions:unblacklistUserFromServer given a user_id that is undefined');
|
console.trace('role_permissions:unblacklistUserFromServer given a user_id that is undefined');
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
permissionModel.find({ where: {
|
permissionModel.find({ where: {
|
||||||
|
@ -301,4 +302,85 @@ module.exports = {
|
||||||
);
|
);
|
||||||
});
|
});
|
||||||
return true;
|
return true;
|
||||||
},}
|
},
|
||||||
|
isWhitelisted: async user_id => {
|
||||||
|
if (user_id === undefined) {
|
||||||
|
console.trace('role_permissions:isWhitelisted given a user_id that is undefined');
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const userPerms = await getRolesByUserId(user_id);
|
||||||
|
if (!userPerms || !userPerms.length) {
|
||||||
|
// no entries at all
|
||||||
|
// FIXME: look up server default
|
||||||
|
//console.log('role_permissions:isWhitelisted - no perms for', user_id);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
const perms = userPerms.pop();
|
||||||
|
const triboolPerms = [ 'allowed' ];
|
||||||
|
userPerms.map( perm_obj => {
|
||||||
|
triboolPerms.map( perm => {
|
||||||
|
// if -1 disable
|
||||||
|
if (perm_obj[perm] === -1) perms[perm] = -1;
|
||||||
|
// if 1 enable
|
||||||
|
else if (perm_obj[perm] === 1) perms[perm] = 1;
|
||||||
|
});
|
||||||
|
});
|
||||||
|
// not set one way or another
|
||||||
|
if (perms['allowed'] !== -1 && perms['allowed'] !== 1) {
|
||||||
|
// FIXME: look up server default
|
||||||
|
// write back to perms['allowed']
|
||||||
|
}
|
||||||
|
return perms['allowed'] === 1;
|
||||||
|
},
|
||||||
|
whitelistUserForServer: user_id => {
|
||||||
|
return new Promise(async (resolve, rej) => {
|
||||||
|
if (user_id === undefined) {
|
||||||
|
console.error('role_permissions:whitelistUserForServer given a user_id that is undefined');
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
permissionModel.find({ where: {
|
||||||
|
entity_type: 'user', entity_id: user_id, object: 'server', object_id: 0
|
||||||
|
}, order: 'ord'}, async (err, permissions) => {
|
||||||
|
if (err) console.error('storage:::role_permissions::whitelistUserForServer err', err);
|
||||||
|
if (permissions.length) {
|
||||||
|
await Promise.all(
|
||||||
|
permissions.map(async perm => {
|
||||||
|
perm.allowed = 1;
|
||||||
|
await perm.save();
|
||||||
|
})
|
||||||
|
);
|
||||||
|
return resolve(true);
|
||||||
|
}
|
||||||
|
const permission = new permissionModel;
|
||||||
|
permission.entity_type = 'user';
|
||||||
|
permission.entity_id = user_id;
|
||||||
|
permission.object = 'server';
|
||||||
|
permission.object_id = 0;
|
||||||
|
permission.allowed = 1;
|
||||||
|
await permission.save();
|
||||||
|
resolve(true);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
},
|
||||||
|
unwhitelistUserFromServer: async user_id => {
|
||||||
|
if (user_id === undefined) {
|
||||||
|
console.trace('role_permissions:unwhitelistUserFromServer given a user_id that is undefined');
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
permissionModel.find({ where: {
|
||||||
|
entity_type: 'user', entity_id: user_id, object: 'server', object_id: 0
|
||||||
|
}, order: 'ord'}, async (err, permissions) => {
|
||||||
|
if (err) console.error('storage:::role_permissions::unwhitelistUserFromServer err', err);
|
||||||
|
if (!permissions || !permissions.length) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
await Promise.all(
|
||||||
|
permissions.map(async perm => {
|
||||||
|
perm.allowed = 0;
|
||||||
|
await perm.save();
|
||||||
|
})
|
||||||
|
);
|
||||||
|
});
|
||||||
|
return true;
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue