2025-07-11 22:48:44 +02:00
|
|
|
const { projectOrganisations, orgAccess } = require('../../../lib/db/project/organisations');
|
2020-10-12 19:42:02 +02:00
|
|
|
|
2025-07-11 22:48:44 +02:00
|
|
|
/** Second-order function.
|
|
|
|
|
* Returns a middleware that checks if the user has access to
|
|
|
|
|
* `operation` in the project identified by `req.params.project`
|
2023-11-03 21:22:02 +01:00
|
|
|
*/
|
2025-07-11 22:48:44 +02:00
|
|
|
function operation (operation) {
|
|
|
|
|
return async function (req, res, next) {
|
|
|
|
|
if (req.user) {
|
|
|
|
|
if (req.params.project) {
|
|
|
|
|
if (await orgAccess(req.user.organisations, req.params.project, operation)) {
|
|
|
|
|
next();
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
next();
|
|
|
|
|
return;
|
|
|
|
|
}
|
2023-11-03 21:22:02 +01:00
|
|
|
}
|
|
|
|
|
next({status: 403, message: "Access denied"});
|
2025-07-11 22:48:44 +02:00
|
|
|
}
|
2023-11-03 21:22:02 +01:00
|
|
|
}
|
|
|
|
|
|
2025-07-11 22:48:44 +02:00
|
|
|
const read = operation('read');
|
|
|
|
|
const write = operation('write');
|
|
|
|
|
const edit = operation('edit');
|
|
|
|
|
const admin = edit;
|
|
|
|
|
|
2020-10-12 19:42:02 +02:00
|
|
|
module.exports = {
|
|
|
|
|
read,
|
|
|
|
|
write,
|
2025-07-11 22:48:44 +02:00
|
|
|
edit,
|
2023-11-03 21:22:02 +01:00
|
|
|
admin,
|
2020-10-12 19:42:02 +02:00
|
|
|
};
|
