-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathguard.js
22 lines (18 loc) · 764 Bytes
/
guard.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
const handleOverage = require('./overage');
const { hasRequiredGroups, hasOverageOccurred } = require('./permissionUtils');
const routeGuard = (accessMatrix, cache) => {
return async (req, res, next) => {
if (req.authInfo.groups === undefined) {
if (hasOverageOccurred(req.authInfo)) {
return handleOverage(req, res, next, cache);
}
return res.status(403).json({ error: 'No group claim found!' });
} else {
if (!hasRequiredGroups(accessMatrix, req.path, req.method, req.authInfo['groups'])) {
return res.status(403).json({ error: 'User does not have the group, method or path' });
}
}
next();
};
};
module.exports = routeGuard;