@rufous/aem 1.1.17 → 1.1.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/build/index.d.ts
CHANGED
|
@@ -10,6 +10,7 @@ export * from './errors/security-error';
|
|
|
10
10
|
export * from './middlewares/current-user';
|
|
11
11
|
export * from './middlewares/error-handler';
|
|
12
12
|
export * from './middlewares/require-auth';
|
|
13
|
+
export * from './middlewares/required-permissions';
|
|
13
14
|
export * from './middlewares/require-candidate-auth';
|
|
14
15
|
export * from './middlewares/require-company-employee-auth';
|
|
15
16
|
export * from './middlewares/require-company-employee-manager-auth';
|
|
@@ -114,6 +115,7 @@ export * from './events/job-matched-count-event';
|
|
|
114
115
|
export * from './events/partner-job-matched-candidates-count-event';
|
|
115
116
|
export * from './events/team-created-event';
|
|
116
117
|
export * from './events/employee-group-created-event';
|
|
118
|
+
export * from './events/user-role-created-event';
|
|
117
119
|
export * from './types/access-level';
|
|
118
120
|
export * from './types/asset-status';
|
|
119
121
|
export * from './types/asset-allocation-status';
|
package/build/index.js
CHANGED
|
@@ -23,6 +23,7 @@ __exportStar(require("./errors/security-error"), exports);
|
|
|
23
23
|
__exportStar(require("./middlewares/current-user"), exports);
|
|
24
24
|
__exportStar(require("./middlewares/error-handler"), exports);
|
|
25
25
|
__exportStar(require("./middlewares/require-auth"), exports);
|
|
26
|
+
__exportStar(require("./middlewares/required-permissions"), exports);
|
|
26
27
|
__exportStar(require("./middlewares/require-candidate-auth"), exports);
|
|
27
28
|
__exportStar(require("./middlewares/require-company-employee-auth"), exports);
|
|
28
29
|
__exportStar(require("./middlewares/require-company-employee-manager-auth"), exports);
|
|
@@ -127,6 +128,7 @@ __exportStar(require("./events/job-matched-count-event"), exports);
|
|
|
127
128
|
__exportStar(require("./events/partner-job-matched-candidates-count-event"), exports);
|
|
128
129
|
__exportStar(require("./events/team-created-event"), exports);
|
|
129
130
|
__exportStar(require("./events/employee-group-created-event"), exports);
|
|
131
|
+
__exportStar(require("./events/user-role-created-event"), exports);
|
|
130
132
|
__exportStar(require("./types/access-level"), exports);
|
|
131
133
|
__exportStar(require("./types/asset-status"), exports);
|
|
132
134
|
__exportStar(require("./types/asset-allocation-status"), exports);
|
|
@@ -0,0 +1,2 @@
|
|
|
1
|
+
import { Request, Response, NextFunction } from "express";
|
|
2
|
+
export declare const requirePermissions: (accessType: string | undefined, permissionType: string[] | undefined, userModel: any, permissionsModel: any, req: Request, res: Response, next: NextFunction) => Response<any> | undefined;
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.requirePermissions = void 0;
|
|
7
|
+
var not_authorized_error_1 = require("../errors/not-authorized-error");
|
|
8
|
+
var user_status_1 = require("../types/user-status");
|
|
9
|
+
var mongoose_1 = __importDefault(require("mongoose"));
|
|
10
|
+
exports.requirePermissions = function (accessType, permissionType, userModel, permissionsModel, req, res, next) {
|
|
11
|
+
if (accessType === void 0) { accessType = "read"; }
|
|
12
|
+
if (permissionType === void 0) { permissionType = []; }
|
|
13
|
+
if (!req.currentUser) {
|
|
14
|
+
throw new not_authorized_error_1.NotAuthorizedError();
|
|
15
|
+
}
|
|
16
|
+
if (req.currentUser.ust === user_status_1.UserStatus.Suspended) {
|
|
17
|
+
throw new not_authorized_error_1.NotAuthorizedError();
|
|
18
|
+
}
|
|
19
|
+
var user = req.currentUser;
|
|
20
|
+
var userDetails = mongoose_1.default.model(userModel).findById(user.id);
|
|
21
|
+
var ispermExist = false;
|
|
22
|
+
if (!userDetails) {
|
|
23
|
+
throw new not_authorized_error_1.NotAuthorizedError();
|
|
24
|
+
}
|
|
25
|
+
else if (userDetails.roles) {
|
|
26
|
+
var permissions = mongoose_1.default
|
|
27
|
+
.model(permissionsModel)
|
|
28
|
+
.find({ roles: { $in: userDetails.roles } });
|
|
29
|
+
var permissionsArr = permissions
|
|
30
|
+
.filter(function (perm) { return perm[accessType]; })
|
|
31
|
+
.map(function (perm) { return perm.name; });
|
|
32
|
+
ispermExist = permissionsArr.some(function (perm) {
|
|
33
|
+
return permissionType.includes(perm);
|
|
34
|
+
});
|
|
35
|
+
}
|
|
36
|
+
if (!ispermExist) {
|
|
37
|
+
return res.status(403).json({
|
|
38
|
+
error: "Sorry, you don't have access.",
|
|
39
|
+
});
|
|
40
|
+
}
|
|
41
|
+
else {
|
|
42
|
+
next();
|
|
43
|
+
}
|
|
44
|
+
};
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@rufous/aem",
|
|
3
|
-
"version": "1.1.
|
|
3
|
+
"version": "1.1.19",
|
|
4
4
|
"main": "./build/index.js",
|
|
5
5
|
"types": "./build/index.d.ts",
|
|
6
6
|
"files": [
|
|
@@ -21,9 +21,11 @@
|
|
|
21
21
|
"@types/cookie-session": "^2.0.41",
|
|
22
22
|
"@types/express": "^4.17.3",
|
|
23
23
|
"@types/jsonwebtoken": "^8.5.0",
|
|
24
|
+
"@types/mongoose": "5.7.8",
|
|
24
25
|
"cookie-session": "^1.4.0",
|
|
25
26
|
"express": "^4.17.1",
|
|
26
27
|
"express-validator": "^6.6.0",
|
|
28
|
+
"mongoose": "5.10.19",
|
|
27
29
|
"express-winston": "^4.0.5",
|
|
28
30
|
"jsonwebtoken": "^8.5.1",
|
|
29
31
|
"node-nats-streaming": "^0.3.2",
|