2017-11-27 16:47:16 +01:00
|
|
|
const _ = require('lodash');
|
|
|
|
|
|
|
|
|
|
module.exports = async (ctx, next) => {
|
|
|
|
|
const route = ctx.request.route;
|
|
|
|
|
let role = '1';
|
|
|
|
|
|
|
|
|
|
if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
|
|
|
|
|
try {
|
|
|
|
|
ctx.state.user = await strapi.plugins['users-permissions'].services.jwt.getToken(ctx);
|
|
|
|
|
role = ctx.state.user.role;
|
2017-11-27 16:59:53 +01:00
|
|
|
|
|
|
|
|
if (role.toString() === '0') {
|
|
|
|
|
return await next();
|
|
|
|
|
}
|
2017-11-27 16:47:16 +01:00
|
|
|
} catch (err) {
|
2017-11-27 16:59:53 +01:00
|
|
|
return ctx.unauthorized(err);
|
2017-11-27 16:47:16 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const permission = _.get(_.clone(strapi.plugins['users-permissions'].config), [role.toString(), 'permissions', route.plugin || 'application', 'controllers', route.controller, route.action]);
|
|
|
|
|
|
2017-11-27 17:45:21 +01:00
|
|
|
if (!permission) {
|
|
|
|
|
return await next();
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-27 16:47:16 +01:00
|
|
|
if (permission.enabled && permission.policy) {
|
|
|
|
|
try {
|
|
|
|
|
await require(`./${permission.policy}.js`)(ctx, next);
|
|
|
|
|
} catch (err) {
|
|
|
|
|
ctx.unauthorized(err);
|
|
|
|
|
}
|
|
|
|
|
} else if (permission.enabled) {
|
|
|
|
|
await next();
|
|
|
|
|
} else {
|
|
|
|
|
ctx.unauthorized('Access restricted for this action.');
|
|
|
|
|
}
|
|
|
|
|
};
|
