yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-07-23 09:00:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
strapi/packages/core/content-manager/server/policies/hasPermissions.js
Dieter Stinglhamber 3c1dcbe76d refactor policy API
2021-09-24 09:35:25 +02:00

34 lines
838 B
JavaScript
Raw Blame History

'use strict';
const {
policy: { createPolicyFactory },
} = require('@strapi/utils');
const { validateHasPermissionsInput } = require('../validation/policies/hasPermissions');
module.exports = createPolicyFactory(
({ actions = [], hasAtLeastOne = false } = {}) => ({ ctx, strapi }) => {
const {
state: { userAbility, isAuthenticatedAdmin },
params: { model },
} = ctx;
if (!isAuthenticatedAdmin || !userAbility) {
return true;
}
const isAuthorized = hasAtLeastOne
? actions.some(action => userAbility.can(action, model))
: actions.every(action => userAbility.can(action, model));
if (!isAuthorized) {
throw strapi.errors.forbidden();
}
return true;
},
{
validator: validateHasPermissionsInput,
name: 'plugin::content-manager.hasPermissions',
}
);
Reference in New Issue View Git Blame Copy Permalink