@live-change/access-control-service 0.8.75 → 0.8.76
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/access.js +1 -1
- package/invite.js +1 -1
- package/package.json +3 -3
- package/request.js +1 -1
package/access.js
CHANGED
|
@@ -11,7 +11,7 @@ export default (definition) => {
|
|
|
11
11
|
|
|
12
12
|
const { /// TODO: per type access config
|
|
13
13
|
hasAny = (roles, client, { objectType, object }) => roles.length > 0,
|
|
14
|
-
isAdmin = (roles, client, { objectType, object }) => roles.includes('
|
|
14
|
+
isAdmin = (roles, client, { objectType, object }) => roles.includes('admin'),
|
|
15
15
|
canInvite = (roles, client, { objectType, object }) => roles.length > 0,
|
|
16
16
|
canRequest = (roles, client, { objectType, object }) => false
|
|
17
17
|
} = config
|
package/invite.js
CHANGED
|
@@ -225,7 +225,7 @@ for(const contactType of config.contactTypes) {
|
|
|
225
225
|
const { roles } = params
|
|
226
226
|
|
|
227
227
|
const myRoles = await access.getClientObjectRoles(client, { objectType, object }, true)
|
|
228
|
-
if(!myRoles.includes('
|
|
228
|
+
if(!myRoles.includes('admin')) {
|
|
229
229
|
for(const requestedRole of roles) {
|
|
230
230
|
if(!myRoles.includes(requestedRole)) throw 'notAuthorized'
|
|
231
231
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@live-change/access-control-service",
|
|
3
|
-
"version": "0.8.
|
|
3
|
+
"version": "0.8.76",
|
|
4
4
|
"description": "",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"scripts": {
|
|
@@ -21,8 +21,8 @@
|
|
|
21
21
|
"url": "https://www.viamage.com/"
|
|
22
22
|
},
|
|
23
23
|
"dependencies": {
|
|
24
|
-
"@live-change/framework": "^0.8.
|
|
24
|
+
"@live-change/framework": "^0.8.76"
|
|
25
25
|
},
|
|
26
|
-
"gitHead": "
|
|
26
|
+
"gitHead": "70c9a5ffb257f57b77754027d9c543584ca3423b",
|
|
27
27
|
"type": "module"
|
|
28
28
|
}
|
package/request.js
CHANGED
|
@@ -45,7 +45,7 @@ definition.action({
|
|
|
45
45
|
visibilityTest || access.clientCanInvite(client, params),
|
|
46
46
|
async execute({ objectType, object, sessionOrUserType, sessionOrUser, roles }, { client, service }, emit) {
|
|
47
47
|
const myRoles = await access.getClientObjectRoles(client, { objectType, object }, true)
|
|
48
|
-
if(!myRoles.includes('
|
|
48
|
+
if(!myRoles.includes('admin')) {
|
|
49
49
|
for(const requestedRole of roles) {
|
|
50
50
|
if(!myRoles.includes(requestedRole)) throw 'notAuthorized'
|
|
51
51
|
}
|