Last active
August 29, 2015 14:05
-
-
Save tarlepp/9b6c73d3dfb33ec423f3 to your computer and use it in GitHub Desktop.
Revisions
-
tarlepp renamed this gist
Aug 22, 2014 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Aug 22, 2014 . 1 changed file with 69 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,69 @@ 'use strict'; var actionUtil = require('sails/lib/hooks/blueprints/actionUtil'); var _ = require('lodash'); /** * Policy to limit GET /project results to just contain those projects that current * user has access to. * * @param {Request} request Request object * @param {Response} response Response object * @param {Function} next Callback function * * @returns {*} */ module.exports = function(request, response, next) { sails.log.verbose(' POLICY - ' + __filename); // Parse where criteria var where = actionUtil.parseCriteria(request); sails.models['projectuser'] .find() .where({user: request.token}) .populate('project') .then( function(projectUsers) { // Determine valid project ids var validIds = _.map(projectUsers, function(projectUser) { return parseInt(projectUser.project.id, 10); }); // We have id condition set so we need to check if that / those are allowed if (where.id) { // Normalize current ids var currentIds = _.map((!_.isArray(where.id)) ? [where.id] : where.id, function(id) { return parseInt(id, 10); }); // Remove not valid ids where.id = _.intersection(currentIds, validIds); } else { // Otherwise just add id collection to where query where.id = validIds; } // There is no "valid" ids so we need to send 404 back to client if (_.isEmpty(where.id)) { var error = { status: 404 }; return response.negotiate(error); } // Remove existing query delete request.query; // Set new query to request, that blueprints will use after this request.query = { where: where }; return next(); } ) .catch(function(error) { return response.negotiate(error); }); }; -
Aug 22, 2014 . 1 changed file with 46 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,46 @@ 'use strict'; var actionUtil = require('sails/lib/hooks/blueprints/actionUtil'); var _ = require('lodash'); /** * todo * * @param {Request} request Request object * @param {Response} response Response object * @param {Function} next Callback function * * @returns {*} */ module.exports = function(request, response, next) { sails.log.verbose(' POLICY - ' + __filename); // Parse where criteria var where = actionUtil.parseCriteria(request); sails.models['projectuser'] .find() .where({user: request.token}) .populate('project') .then( function(projectUsers) { var validIds = _.map(projectUsers, function(projectUser) { return parseInt(projectUser.project.id, 10); }); // We have id condition set so we need to check if that / those are allowed if (where.id) { var currentIds = _.map((!_.isArray(where.id)) ? [where.id] : where.id, function(id) { return parseInt(id, 10); }); where.id = _.intersection(currentIds, validIds); } else { // Otherwise just add id collection to where query where.id = validIds; } request.query = where; return next(); } ); }; -
Aug 22, 2014 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,34 @@ 'use strict'; var actionUtil = require('sails/lib/hooks/blueprints/actionUtil'); /** * todo * * @param {Request} request Request object * @param {Response} response Response object * @param {Function} next Callback function * * @returns {*} */ module.exports = function(request, response, next) { sails.log.verbose(' POLICY - ' + __filename); // Parse where criteria var where = actionUtil.parseCriteria(request); // We have id condition set so we need to check if that / those are allowed if (where.id) { console.log('ID found'); where.id = 2; } else { // Otherwise just add id collection to where query console.log('ID not found'); where.id = 1; } request.query = where; return next(); };