Share access() function between front and back end.

This is so that any changes to the code are reflected on both sides.

lib/www/client/source/src/lib/organisations/access.js

@@ -0,0 +1 @@
+../../../../../server/lib/organisations/access.js

lib/www/server/lib/db/project/organisations.js

@@ -1,5 +1,6 @@
 const { setSurvey, pool } = require('../connection');
 const { ALERT, ERROR, WARNING, NOTICE, INFO, DEBUG } = require('DOUGAL_ROOT/debug')(__filename);
+const { access } = require('../../organisations');
 
 // Cache the per-project organisations access here
 let projectsCache;
@@ -40,44 +41,6 @@ async function projectOrganisations (pid) {
 	return projectsCache[pid] ?? {}; // Every project should have an `organisations` property, but…
 }
 
-/** Check whether the user has access to the required operation
- * @a userOrgs is the user's organisations
- * @a projectOrgs is the project's organisations
- * @a operation is the desired operation (read, write, etc.)
- *
- * @return `true` is user has access to `operation` through
- * a common organisation, `false` otherwise.
- */
-function access (userOrgs, projectOrgs, operation) {
-	console.log("userOrgs", userOrgs);
-	console.log("projectOrgs", projectOrgs);
-	console.log("operation", operation);
-
-	for (const userOrg in userOrgs) {
-		if (userOrg in projectOrgs) {
-			// Found an organisation in common between user and project
-			// (there might be many)
-			if (projectOrgs[userOrg][operation] == true && userOrgs[userOrg][operation] == true) {
-				// For this one, the project grants the required operation
-				// access to the organisation, and the organisation grants the
-				// required operation access to the user, so authorisation is
-				// given.
-				console.log("Access granted via organisation", userOrg, projectOrgs[userOrg][operation], userOrgs[userOrg][operation]);
-				return true;
-			}
-		}
-	}
-	if ("*" in userOrgs) {
-		// Aha! A wildcard user
-		// Return true if at least one organisation grants access
-		// to this operation
-		console.log("Checking via wildcard");
-		return (Object.values(projectOrgs).some( org => org[operation] ))
-	}
-	return false;
-
-}
-
 /** Check whether a user has access to the project given by `pid`
  */
 async function orgAccess (userOrgs, pid, operation) {

lib/www/server/lib/organisations/access.js

@@ -0,0 +1,47 @@
+
+/** Check whether the user has access to the required operation
+ * @a userOrgs is the user's organisations
+ * @a projectOrgs is the project's organisations
+ * @a operation is the desired operation (read, write, etc.)
+ *
+ * @return `true` is user has access to `operation` through
+ * a common organisation, `false` otherwise.
+ */
+function access (userOrgs, projectOrgs, operation) {
+	// console.log("userOrgs", userOrgs);
+	// console.log("projectOrgs", projectOrgs);
+	// console.log("operation", operation);
+
+	for (const userOrg in userOrgs) {
+		if (userOrg in projectOrgs) {
+			// Found an organisation in common between user and project
+			// (there might be many)
+			if (projectOrgs[userOrg][operation] == true && userOrgs[userOrg][operation] == true) {
+				// For this one, the project grants the required operation
+				// access to the organisation, and the organisation grants the
+				// required operation access to the user, so authorisation is
+				// given.
+				// console.log("Access granted via organisation", userOrg, projectOrgs[userOrg][operation], userOrgs[userOrg][operation]);
+				return true;
+			}
+		}
+	}
+	if ("*" in userOrgs) {
+		// Aha! A wildcard user
+		// Return true if at least one organisation grants access
+		// to this operation
+		// console.log("Checking via wildcard");
+		return (Object.values(projectOrgs).some( org => org[operation] ))
+	}
+	return false;
+
+}
+
+if (typeof module !== 'undefined' && module.exports) {
+    module.exports = access; // CJS export
+}
+
+// ESM export
+if (typeof exports !== 'undefined' && !exports.default) {
+    exports.default = access; // ESM export
+}