UNPKG

areto/filter/AccessControl.js

Version:

1.52 kBJavaScriptView Raw

1/**
* @copyright Copyright (c) 2019 Maxim Khorin <maksimovichu@gmail.com>
*/
4'use strict';
5
6const Base = require('./ActionFilter');
7
8module.exports = class AccessControl extends Base {
9
  constructor (config) {
      super({
          // rules: [] rule configurations
          // deny: [fn(action, user)]
          AccessRule,
          ...config
      });
  }
18
  getRules () {
      if (!this._rules) {
          this._rules = this.createRules();
      }
      return this._rules;
  }
25
  createRules () {
      const rules = [];
      for (const config of this.rules) {
          config.Class = config.Class || this.AccessRule;
          rules.push(this.spawn(config));
      }
      return rules;
  }
34
  async beforeAction (action) {
      // check rules until the first result [allow or deny]
      for (const rule of this.getRules()) {
          const access = await rule.can(action);
          if (access === false) {
              return this.denyAccess(rule, action);
          }
          if (access === true) {
              return;
          }
      }
  }
47
  async denyAccess (rule, action) {
      if (rule.deny) {
          return rule.deny(action);
      }
      if (this.deny) {
          return this.deny(action);
      }
      throw new Forbidden;
  }
57};
58
59const AccessRule = require('./AccessRule');
60const Forbidden = require('../error/http/Forbidden');
\No newline at end of file

1	`/**`
2	`* @copyright Copyright (c) 2019 Maxim Khorin <maksimovichu@gmail.com>`
3	`*/`
4	`'use strict';`
5
6	`const Base = require('./ActionFilter');`
7
8	`module.exports = class AccessControl extends Base {`
9
10	`constructor (config) {`
11	`super({`
12	`// rules: [] rule configurations`
13	`// deny: [fn(action, user)]`
14	`AccessRule,`
15	`...config`
16	`});`
17	`}`
18
19	`getRules () {`
20	`if (!this._rules) {`
21	`this._rules = this.createRules();`
22	`}`
23	`return this._rules;`
24	`}`
25
26	`createRules () {`
27	`const rules = [];`
28	`for (const config of this.rules) {`
29	`config.Class = config.Class \|\| this.AccessRule;`
30	`rules.push(this.spawn(config));`
31	`}`
32	`return rules;`
33	`}`
34
35	`async beforeAction (action) {`
36	`// check rules until the first result [allow or deny]`
37	`for (const rule of this.getRules()) {`
38	`const access = await rule.can(action);`
39	`if (access === false) {`
40	`return this.denyAccess(rule, action);`
41	`}`
42	`if (access === true) {`
43	`return;`
44	`}`
45	`}`
46	`}`
47
48	`async denyAccess (rule, action) {`
49	`if (rule.deny) {`
50	`return rule.deny(action);`
51	`}`
52	`if (this.deny) {`
53	`return this.deny(action);`
54	`}`
55	`throw new Forbidden;`
56	`}`
57	`};`
58
59	`const AccessRule = require('./AccessRule');`
60	`const Forbidden = require('../error/http/Forbidden');`
\	No newline at end of file