yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-07-27 10:56:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
strapi/packages/core/admin/server/policies/hasPermissions.js
Alexandre Bodin cf49ddbbfc Prettier and backend fix
2022-08-11 10:20:49 +02:00

39 lines
1015 B
JavaScript
Raw Blame History

'use strict';
const _ = require('lodash');
const { createPolicy } = require('@strapi/utils').policy;
const { validateHasPermissionsInput } = require('../validation/policies/hasPermissions');
const inputModifiers = [
{
check: _.isString,
transform: (action) => ({ action }),
},
{
check: _.isArray,
transform: (arr) => ({ action: arr[0], subject: arr[1] }),
},
{
// Has to be after the isArray check since _.isObject also matches arrays
check: _.isObject,
transform: (perm) => perm,
},
];
module.exports = createPolicy({
name: 'admin::hasPermissions',
validator: validateHasPermissionsInput,
handler(ctx, config) {
const { actions } = config;
const { userAbility: ability } = ctx.state;
const permissions = actions.map((action) =>
inputModifiers.find((modifier) => modifier.check(action)).transform(action)
);
const isAuthorized = permissions.every(({ action, subject }) => ability.can(action, subject));
return isAuthorized;
},
});
Reference in New Issue View Git Blame Copy Permalink