forked from map-egypt/api
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauthorization_utils.js
19 lines (18 loc) · 1.03 KB
/
authorization_utils.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
module.exports = {
INTERNATIONAL_EDITOR: 'international editor',
NATIONAL_EDITOR: 'national editor',
INTERNATIONAL_REVIEWER: 'international reviewer',
NATIONAL_REVIEWER: 'national reviewer',
ADMIN: 'admin',
isAuthorizedEditor: function (roles, projectType) {
return roles.indexOf(this.ADMIN) !== -1 ||
((roles.indexOf(this.INTERNATIONAL_EDITOR) !== -1 || roles.indexOf(this.INTERNATIONAL_REVIEWER) !== -1) && projectType === 'international') ||
((roles.indexOf(this.NATIONAL_EDITOR) !== -1 || roles.indexOf(this.NATIONAL_REVIEWER) !== -1) && projectType === 'national');
},
isAuthorizedReader: function (auth, project) {
const roles = auth.credentials && auth.credentials.roles || [];
return this.isAuthorizedEditor(roles, project.type) || // edit access can see everything
(!project.private && project.published) || // public and published
(auth.isAuthenticated && project.private && project.published); // also show authorized, private, published
}
};