1 |
|
2 |
|
3 |
|
4 | 'use strict';
|
5 |
|
6 | const Base = require('./ActionFilter');
|
7 |
|
8 | module.exports = class AccessControl extends Base {
|
9 |
|
10 | constructor (config) {
|
11 | super({
|
12 |
|
13 |
|
14 | AccessRule,
|
15 | ...config
|
16 | });
|
17 | }
|
18 |
|
19 | getRules () {
|
20 | if (!this._rules) {
|
21 | this._rules = this.createRules();
|
22 | }
|
23 | return this._rules;
|
24 | }
|
25 |
|
26 | createRules () {
|
27 | const rules = [];
|
28 | for (const config of this.rules) {
|
29 | config.Class = config.Class || this.AccessRule;
|
30 | rules.push(this.spawn(config));
|
31 | }
|
32 | return rules;
|
33 | }
|
34 |
|
35 | async beforeAction (action) {
|
36 |
|
37 | for (const rule of this.getRules()) {
|
38 | const access = await rule.can(action);
|
39 | if (access === false) {
|
40 | return this.denyAccess(rule, action);
|
41 | }
|
42 | if (access === true) {
|
43 | return;
|
44 | }
|
45 | }
|
46 | }
|
47 |
|
48 | async denyAccess (rule, action) {
|
49 | if (rule.deny) {
|
50 | return rule.deny(action);
|
51 | }
|
52 | if (this.deny) {
|
53 | return this.deny(action);
|
54 | }
|
55 | throw new Forbidden;
|
56 | }
|
57 | };
|
58 |
|
59 | const AccessRule = require('./AccessRule');
|
60 | const Forbidden = require('../error/http/Forbidden'); |
\ | No newline at end of file |