2014-02-11 22:40:39 -05:00
|
|
|
var _ = require('lodash'),
|
|
|
|
Models = require('../models'),
|
2014-05-09 05:11:29 -05:00
|
|
|
errors = require('../errors'),
|
2014-03-14 12:36:45 -05:00
|
|
|
User = Models.User,
|
|
|
|
App = Models.App;
|
2014-02-11 22:40:39 -05:00
|
|
|
|
|
|
|
var effective = {
|
|
|
|
user: function (id) {
|
2014-07-09 06:34:38 -05:00
|
|
|
return User.findOne({id: id}, { include: ['permissions', 'roles', 'roles.permissions'] })
|
2014-02-11 22:40:39 -05:00
|
|
|
.then(function (foundUser) {
|
|
|
|
var seenPerms = {},
|
|
|
|
rolePerms = _.map(foundUser.related('roles').models, function (role) {
|
|
|
|
return role.related('permissions').models;
|
|
|
|
}),
|
2014-07-09 06:34:38 -05:00
|
|
|
allPerms = [],
|
|
|
|
user = foundUser.toJSON();
|
|
|
|
|
|
|
|
// TODO: using 'Owner' as return value is a bit hacky.
|
|
|
|
if (user.roles[0] && user.roles[0].name === 'Owner') {
|
|
|
|
return 'Owner';
|
|
|
|
}
|
2014-02-11 22:40:39 -05:00
|
|
|
|
|
|
|
rolePerms.push(foundUser.related('permissions').models);
|
|
|
|
|
|
|
|
_.each(rolePerms, function (rolePermGroup) {
|
|
|
|
_.each(rolePermGroup, function (perm) {
|
|
|
|
var key = perm.get('action_type') + '-' + perm.get('object_type') + '-' + perm.get('object_id');
|
|
|
|
|
|
|
|
// Only add perms once
|
|
|
|
if (seenPerms[key]) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
allPerms.push(perm);
|
|
|
|
seenPerms[key] = true;
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
return allPerms;
|
|
|
|
}, errors.logAndThrowError);
|
|
|
|
},
|
|
|
|
|
|
|
|
app: function (appName) {
|
Consistency in model method naming
- The API has the BREAD naming for methods
- The model now has findAll, findOne, findPage (where needed), edit, add and destroy, meaning it is similar but with a bit more flexibility
- browse, read, update, create, and delete, which were effectively just aliases, have all been removed.
- added jsDoc for the model methods
2014-05-05 10:18:38 -05:00
|
|
|
return App.findOne({name: appName}, { withRelated: ['permissions'] })
|
2014-02-11 22:40:39 -05:00
|
|
|
.then(function (foundApp) {
|
|
|
|
if (!foundApp) {
|
|
|
|
return [];
|
|
|
|
}
|
|
|
|
|
|
|
|
return foundApp.related('permissions').models;
|
|
|
|
}, errors.logAndThrowError);
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
module.exports = effective;
|