From f0d2a46a86d0e6c71d4a7b8ff4ed17a54e08d7ca Mon Sep 17 00:00:00 2001 From: Andrew Grosser Date: Thu, 7 Jan 2016 22:32:12 -0800 Subject: [PATCH 1/2] Update PermissionService.js --- api/services/PermissionService.js | 54 +++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) diff --git a/api/services/PermissionService.js b/api/services/PermissionService.js index 6cea006..d3ae1e9 100644 --- a/api/services/PermissionService.js +++ b/api/services/PermissionService.js @@ -298,6 +298,60 @@ module.exports = { return ok; }, + //Performs checks first so the DB doesn't fill with duplicates + grantRole: function(options) { + var action = options.action; + var model = options.model; + var role = options.role; + var where = undefined; + var blacklist = undefined; + if (typeof options.criteria !== 'undefined' && options.criteria) { + where = options.critera.where; + blacklist = options.criteria.blacklist; + } + return this.findRolePermission(action, model, role, where, blacklist).then(function (result) { + if (typeof result === 'undefined' || !result) { + var criteria = {}; + criteria.where = where; + criteria.blacklist = blacklist; + if ((typeof criteria.blacklist === 'undefined' || !criteria.blacklist) && (typeof criteria.where === 'undefined' || !criteria.where)) + criteria = undefined + return this.grant({action: action, model: model, role: role, criteria : criteria}); + } + else + return result; + }); + }, + + findRolePermission: function(action, model, role, where, blacklist) { + var relation = "role"; + return Model.findOneByName(model).then(function (model) { + return Role.findOneByName(role).then(function (role) { + if (typeof model === 'undefined' || !model || typeof role === 'undefined' || !role) + return Promise.reject(new Error("Role/Model missing. Model: " + model + "Role: " + role)); + else { + var promise = Permission.findOne({action: action, model: model.id, role : role.id, relation : relation}); + var criteria = {}; + var hasCriteria = false; + if (typeof blacklist !== 'undefined' && blacklist && blacklist.length > 0) + criteria.blacklist = blacklist; + if (typeof where !== 'undefined' && where && where.length > 0) + criteria.where = where; + if ((typeof criteria.blacklist !== 'undefined' && criteria.blacklist) || (typeof criteria.where !== 'undefined' && criteria.where)) { + promise = query.populate('criteria', criteria); + hasCriteria = true; + } + return promise.then(function (result) { + if (hasCriteria && result.criteria.length === 0) + return undefined; + return result; + }); + } + }); + }); + }, + + /** * add one or more users to a particular role * TODO should this work with multiple roles? From 2a637969095ae5455bd2f812ff6293e5624f3c65 Mon Sep 17 00:00:00 2001 From: Andrew Grosser Date: Fri, 8 Jan 2016 01:31:17 -0800 Subject: [PATCH 2/2] Update PermissionService.js --- api/services/PermissionService.js | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/api/services/PermissionService.js b/api/services/PermissionService.js index d3ae1e9..c9fe59e 100644 --- a/api/services/PermissionService.js +++ b/api/services/PermissionService.js @@ -299,24 +299,26 @@ module.exports = { }, //Performs checks first so the DB doesn't fill with duplicates - grantRole: function(options) { + grantRole: function(options) { var action = options.action; var model = options.model; var role = options.role; var where = undefined; var blacklist = undefined; + var _this = this; if (typeof options.criteria !== 'undefined' && options.criteria) { where = options.critera.where; blacklist = options.criteria.blacklist; } + return this.findRolePermission(action, model, role, where, blacklist).then(function (result) { if (typeof result === 'undefined' || !result) { var criteria = {}; criteria.where = where; criteria.blacklist = blacklist; if ((typeof criteria.blacklist === 'undefined' || !criteria.blacklist) && (typeof criteria.where === 'undefined' || !criteria.where)) - criteria = undefined - return this.grant({action: action, model: model, role: role, criteria : criteria}); + criteria = undefined + return _this.grant({action: action, model: model, role: role, criteria : criteria}); } else return result;