1 |
|
2 |
|
3 | var mongoose = require('mongoose')
|
4 | ,async = require('async')
|
5 | ,_ = require('underscore');
|
6 |
|
7 | var Schema = new mongoose.Schema({
|
8 | name : {type:String, required:true}
|
9 | });
|
10 |
|
11 | Schema.methods.toString = function(){
|
12 | return this.name;
|
13 | };
|
14 |
|
15 | exports.model = mongoose.model('_MongooseAdminPermission',Schema);
|
16 |
|
17 | var permodel_permission = ['view','delete','create','update','order'];
|
18 |
|
19 | var permissions_by_name = {};
|
20 |
|
21 | exports.registerModel = function(modelName,permissions,callback)
|
22 | {
|
23 | if(typeof(permissions) == 'function' || typeof(permissions) == 'undefined')
|
24 | {
|
25 | callback = permissions;
|
26 | permissions = permodel_permission;
|
27 | }
|
28 | async.forEach(permissions,function(action,callback)
|
29 | {
|
30 | exports.model.update({name:modelName + '_' + action},{$set:{name:modelName + '_' + action}},{upsert:true},function(err,count)
|
31 | {
|
32 | if(err)
|
33 | callback(err);
|
34 | else
|
35 | exports.model.findOne({name:modelName + '_' + action},function(err,doc)
|
36 | {
|
37 | if(doc)
|
38 | permissions_by_name[doc.name] = doc.id;
|
39 | callback(err);
|
40 | });
|
41 | });
|
42 | },callback||function(){});
|
43 | };
|
44 |
|
45 | exports.getPermission = function(modelName,action)
|
46 | {
|
47 | return permissions_by_name[modelName + '_' + action];
|
48 | };
|
49 |
|
50 | exports.hasPermissions = function(user,modelName,action)
|
51 | {
|
52 | if(user.fields)
|
53 | user = user.fields;
|
54 | return user.is_superuser || _.indexOf(user.permissions,exports.getPermission(modelName,action)) > -1;
|
55 | }; |
\ | No newline at end of file |