exports.isAllowed = function (req, res, next) {
var roles = (req.user) ? req.user.roles : ['guest'];
// If an offers is being processed and the current user created it then allow any manipulation
if (req.offers && req.user && req.offers.user.id === req.user.id) {
return next();
}
// Check for user roles
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
if (err) {
// An authorization error occurred.
return res.status(500).send('Unexpected authorization error');
} else {
if (isAllowed) {
// Access granted! Invoke next middleware
return next();
} else {
return res.status(403).json({
message: 'User is not authorized'
});
}
}
});
};
exports.isAllowed = function (req, res, next) {
var roles = (req.user) ? req.user.roles : ['guest'];
// If an Garden is being processed and the current user created it then allow any manipulation
if (req.garden && req.user && req.garden.user && req.garden.user.id === req.user.id) {
return next();
}
// Check for user roles
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
if (err) {
// An authorization error occurred
return res.status(500).send('Lỗi xác thực!');
} else {
if (isAllowed) {
// Access granted! Invoke next middleware
return next();
} else {
return res.status(403).json({
message: 'Người dùng không được xác thực'
});
}
}
});
};
exports.isAllowed = function (req, res, next) {
var roles = (req.user) ? req.user.roles : ['guest'];
// Check for user roles
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
if (err) {
// An authorization error occurred
return res.status(500).send('Unexpected authorization error');
} else {
if (isAllowed) {
// Access granted! Invoke next middleware
return next();
} else {
if (authHelper.isLoggedIn(roles)) {
return res.status(403).json({
message: 'User is not authorized'
});
} else {
return res.status(401).json({
message: 'User logged out'
});
}
}
}
});
};
exports.isAllowed = function(req, res, next) {
// No tags/tribes for non-authenticated users
/*
if(!req.user || (req.user && !req.user.public)) {
return res.status(403).send({
message: errorHandler.getErrorMessageByKey('forbidden')
});
}
*/
// Check for user roles
var roles = (req.user && req.user.roles) ? req.user.roles : ['guest'];
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function(err, isAllowed) {
if(err) {
// An authorization error occurred.
return res.status(500).send({
message: 'Unexpected authorization error'
});
} else {
if(isAllowed) {
// Access granted! Invoke next middleware
return next();
} else {
return res.status(403).json({
message: errorHandler.getErrorMessageByKey('forbidden')
});
}
}
});
};
exports.isAllowed = function(req, res, next) {
// No messages feature for un-published users
if(req.user && req.user.public !== true) {
return res.status(403).json({
message: errorHandler.getErrorMessageByKey('forbidden')
});
}
// Check for user roles
var roles = (req.user && req.user.roles) ? req.user.roles : ['guest'];
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function(err, isAllowed) {
if (err) {
// An authorization error occurred.
return res.status(500).json({
message: 'Unexpected authorization error'
});
} else {
if (isAllowed) {
// Access granted! Invoke next middleware
return next();
} else {
return res.status(403).json({
message: errorHandler.getErrorMessageByKey('forbidden')
});
}
}
});
};
exports.isAllowed = function(req, res, next) {
// No offers for non-authenticated nor for authenticated but un-published users
if (!req.user || (req.user && !req.user.public)) {
return res.status(403).send({
message: errorHandler.getErrorMessageByKey('forbidden')
});
}
// If an offer is being processed and the current user owns it, then allow any manipulation
if (req.offer && req.user && req.offer.user === req.user._id) {
return next();
}
// Check for user roles
var roles = (req.user && req.user.roles) ? req.user.roles : ['guest'];
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function(err, isAllowed) {
if (err) {
// An authorization error occurred.
return res.status(500).send({
message: 'Unexpected authorization error'
});
} else {
if (isAllowed) {
// Access granted! Invoke next middleware
return next();
} else {
return res.status(403).json({
message: errorHandler.getErrorMessageByKey('forbidden')
});
}
}
});
};
exports.isAllowed = function (req, res, next) {
var roles = (req.user) ? req.user.roles : ['guest'];
// If an Ambiente is being processed and the current user created it then allow any manipulation
if (req.ambiente && req.user && req.ambiente.user && req.ambiente.user.id === req.user.id) {
return next();
}
// Check for user roles
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
if (err) {
// An authorization error occurred
return res.status(500).send('Unexpected authorization error');
} else {
if (isAllowed) {
// Access granted! Invoke next middleware
return next();
} else if(!req.user || !req.ambiente.user){ //JOEL: testa se nao possui usuario logado retorna erro 401
return res.status(401).send('Not user logged');
}else {
return res.status(403).json({
message: 'User is not authorized'
});
}
}
});
};
function allowed(req, res, next) {
var roles = (req.user) ? req.user.roles : ['guest'];
//TODO Need to check this policy. The resource should probably be /api/users etc. I am guessing the / may be bad.
// Check for user roles
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase())
.then(function (allowed) {
if (allowed) {
return next();
} else {
return res.status(403).json({
message: 'User is not authorized'
});
}
})
.catch(function (err) {
return res.status(500).send('Unexpected authorization error');
});
}
exports.isAllowed = function (req, res, next) {
var roles = (req.user) ? req.user.roles : ['guest'];
// Check for user roles
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
if (err) {
// An authorization error occurred.
return res.status(500).send('Erro Inesperado de Autorização');
} else {
if (isAllowed) {
// Access granted! Invoke next middleware
return next();
} else {
return res.status(403).json({
message: 'Usuário não autorizado'
});
}
}
});
};
exports.isAllowed = function (req, res, next) {
// No contacts for un-published users
if (req.user && req.user.public !== true) {
return res.status(403).json({
message: errorService.getErrorMessageByKey('forbidden')
});
}
// If an contact is being processed and the current user is
// other party of the connection, then allow any manipulation
// 'Delete' gets allowed here
if (req.contact && req.user &&
(
req.contact.userFrom._id.equals(req.user._id.valueOf()) ||
req.contact.userTo._id.equals(req.user._id.valueOf())
)
) {
return next();
}
// Check for user roles
var roles = (req.user && req.user.roles) ? req.user.roles : ['guest'];
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
if (err) {
// An authorization error occurred.
return res.status(500).json({
message: 'Unexpected authorization error'
});
} else {
if (isAllowed) {
// Access granted! Invoke next middleware
return next();
} else {
return res.status(403).json({
message: errorService.getErrorMessageByKey('forbidden')
});
}
}
});
};
exports.isAllowed = function (req, res, next) {
var userGuest = ['guest'];
var roles = (req.user && req.user.roles) ? _.union(userGuest, req.user.roles.split(',')) : userGuest;
// Check for user roles
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
if (err) {
// An authorization error occurred.
return res.status(500).send('Unexpected authorization error');
} else {
if (isAllowed) {
// Access granted! Invoke next middleware
return next();
} else {
return res.status(403).json({
message: 'User is not authorized'
});
}
}
});
};
exports.isAllowed = function(req,res,next){
var roles = (req.user) ? req.user.roles : ['guest'];
//handle deleste case
if(req.listing && req.user && req.listing.author.id === req.user.id && req.method.toLowerCase() === 'delete'){
return next();
}
//handle other cases
acl.areAnyRolesAllowed(roles,req.route.path, req.method.toLowerCase(), function(err, isAllowed){
if(err){
return res.status(500).send('Unexpected authorization error');
} else {
if(isAllowed){
return next();
} else {
return res.status(403).json({
message: 'User is not authorized'
});
}
}
});
};
exports.isAllowed = function (req, res, next) {
var roles = (req.user) ? req.user.roles : ['guest'];
// If an team is being processed and the current user created it then allow any manipulation
if (req.team && req.user && req.team.teamLead && req.team.teamLead.id === req.user.id) {
return next();
}
if(req.team && req.user && req.team.teamLeads && req.team.teamLeads.length > 0) {
var indexL = _.findIndex(req.team.teamLeads, function(l) {
var leadId = (l && l._id) ? l._id : l;
return leadId.toString() === req.user._id.toString();
});
if(indexL >= 0) { return next(); }
}
// Check for user roles
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
if (err) {
// An authorization error occurred
return res.status(500).send('Unexpected authorization error');
} else {
if (isAllowed) {
// Access granted! Invoke next middleware
return next();
} else {
if (authHelper.isLoggedIn(roles)) {
return res.status(403).json({
message: 'User is not authorized'
});
} else {
return res.status(401).json({
message: 'User logged out'
});
}
}
}
});
};
exports.isAllowed = function (req, res, next) { // eslint-disable-line consistent-return
const roles = (req.user) ? req.user.roles : ['guest'];
// If an gateway is being processed and the current user created it then allow any manipulation
if (req.gateway && req.user && req.gateway.user && req.gateway.user.id === req.user.id) {
return next();
}
// Check for user roles
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), (err, isAllowed) => {
if (err) {
// An authorization error occurred
return res.status(500).send('Unexpected authorization error');
}
if (isAllowed) {
// Access granted! Invoke next middleware
return next();
}
return res.status(403).json({
message: 'User is not authorized',
});
});
};
exports.isAllowed = function (req, res, next) {
// Non-public profiles are invisible
if (req.profile && !req.profile.public && req.user && !req.profile._id.equals(req.user._id)) {
return res.status(404).json({
message: errorService.getErrorMessageByKey('not-found')
});
}
// No profile browsing for non-public users
if (req.profile && req.user && !req.user.public && !req.profile._id.equals(req.user._id)) {
return res.status(403).json({
message: errorService.getErrorMessageByKey('forbidden')
});
}
// Check for user roles
var roles = (req.user && req.user.roles) ? req.user.roles : ['guest'];
acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
if (err) {
// An authorization error occurred
return res.status(500).json({
message: 'Unexpected authorization error'
});
} else {
if (isAllowed) {
// Access granted! Invoke next middleware
return next();
} else {
return res.status(403).json({
message: errorService.getErrorMessageByKey('forbidden')
});
}
}
});
};