1 | 'use strict';
|
2 | var u = require('./util')
|
3 |
|
4 | var isArray = Array.isArray
|
5 |
|
6 | function isFunction (f) {
|
7 | return 'function' === typeof f
|
8 | }
|
9 |
|
10 | function join (str) {
|
11 | return Array.isArray(str) ? str.join('.') : str
|
12 | }
|
13 |
|
14 | function toArray(str) {
|
15 | return isArray(str) ? str : str.split('.')
|
16 | }
|
17 |
|
18 | function isPerms (p) {
|
19 | return (
|
20 | p &&
|
21 | isFunction(p.pre) &&
|
22 | isFunction(p.test) &&
|
23 | isFunction(p.post)
|
24 | )
|
25 | }
|
26 |
|
27 |
|
28 |
|
29 |
|
30 |
|
31 |
|
32 |
|
33 |
|
34 |
|
35 |
|
36 |
|
37 |
|
38 |
|
39 |
|
40 |
|
41 |
|
42 |
|
43 |
|
44 |
|
45 |
|
46 |
|
47 |
|
48 |
|
49 |
|
50 |
|
51 |
|
52 |
|
53 |
|
54 |
|
55 |
|
56 |
|
57 |
|
58 |
|
59 | module.exports = function (opts) {
|
60 | if(isPerms(opts)) return opts
|
61 | if(isFunction(opts)) return {pre: opts}
|
62 | var allow = null
|
63 | var deny = {}
|
64 |
|
65 | function perms (opts) {
|
66 | if(opts.allow) {
|
67 | allow = {}
|
68 | opts.allow.forEach(function (path) {
|
69 | u.set(allow, toArray(path), true)
|
70 | })
|
71 | }
|
72 | else allow = null
|
73 |
|
74 | if(opts.deny)
|
75 | opts.deny.forEach(function (path) {
|
76 | u.set(deny, toArray(path), true)
|
77 | })
|
78 | else deny = {}
|
79 |
|
80 | return this
|
81 | }
|
82 |
|
83 | if(opts) perms(opts)
|
84 |
|
85 | perms.pre = function (name, args) {
|
86 | name = isArray(name) ? name : [name]
|
87 | if(allow && !u.prefix(allow, name))
|
88 | return new Error('method:'+name + ' is not in list of allowed methods')
|
89 |
|
90 | if(deny && u.prefix(deny, name))
|
91 | return new Error('method:'+name + ' is on list of disallowed methods')
|
92 | }
|
93 |
|
94 | perms.post = function (err, value) {
|
95 |
|
96 | }
|
97 |
|
98 |
|
99 | perms.test = function (name, args) {
|
100 | return perms.pre(name, args)
|
101 | }
|
102 |
|
103 | perms.get = function () {
|
104 | return {allow: allow, deny: deny}
|
105 | }
|
106 |
|
107 | return perms
|
108 | }
|
109 |
|
110 |
|