1.0.1 • Published 7 years ago

sails-hook-routes-permissions v1.0.1

Weekly downloads
3
License
MIT
Repository
github
Last release
7 years ago

sails-hook-routes-permissions

NPM Version NPM Downloads Build Status Code Climate Issue Count bitHound Overall Score bitHound Dependencies bitHound Dev Dependencies bitHound Code Codacy Badge

About

A sails hook for multi-model auth

Settings

Install

npm install sails-hook-routes-permissions

Define at config/routesPermissions.js

module.exports.routesPermissions = {
  'post /categories/time_products': { //some method and url
    minLevel: 0, //add some validations
    owners: ['player'] //who can access
  },

  'get /categories/:id/available_timetable': {
    minLevel: 0,
    owners: ['player']
  }
}

And define some policie o middleware

module.exports = function(req, res, next) {
  var fullPath = req.method.toLowerCase() + " " + req.url;
  sails.permissions.permissionRoutes(fullPath, function(err, routePermissions){
    if(err){
      // handle error
    }
    var accessKey = req.accessKey;  // define some access method
    var hasValidLevel = routePermissions.minLevel <= accessKey.level; //check your validations
    var hasPermission = routePermissions.owners.indexOf(req.ownerData.ownerModel) != -1; // check if had access
    if (hasPermission && hasValidLevel){
      return next();
    }else if (!hasPermission){
      //handle unauth access
    }
  });
};
sailshookroutesmodelspermissions
lazy.js
@infinitebrahmanuniverse/nolb-sails@everything-registry/sub-chunk-2702
1.0.1

7 years ago

1.0.0

7 years ago