barmar/tethys.backend
1
0
Fork 0
forked from geolba/tethys.backend
Code Pull requests Activity

- additional functionality for DatasetController.ts

Browse source 
- additional validation rules like 'uniqueArray'
- additional Lucid models like BaseModel.ts for filling attributes, Title.ts, Description.ts
- npm updates for @adonisjs/core
This commit is contained in:
Kaimbacher 2023-06-22 17:20:04 +02:00
parent c4f4eff0d9
commit e0ff71b117
44 changed files with 2002 additions and 1556 deletions
Download patch file Download diff file Expand all files Collapse all files

100
app/Middleware/Is.ts
View file

@ -1,11 +1,11 @@
import { HttpContextContract } from '@ioc:Adonis/Core/HttpContext'
import Config from '@ioc:Adonis/Core/Config'
import Database from '@ioc:Adonis/Lucid/Database'
import User from 'App/Models/User'
import { HttpContextContract } from '@ioc:Adonis/Core/HttpContext';
import Config from '@ioc:Adonis/Core/Config';
import Database from '@ioc:Adonis/Lucid/Database';
import User from 'App/Models/User';
// import { Exception } from '@adonisjs/core/build/standalone'
const roleTable = Config.get('rolePermission.role_table', 'roles')
const userRoleTable = Config.get('rolePermission.user_role_table', 'user_roles')
const roleTable = Config.get('rolePermission.role_table', 'roles');
const userRoleTable = Config.get('rolePermission.user_role_table', 'user_roles');
/**
* Role authentication to check if user has any of the specified roles
@ -13,54 +13,50 @@ const userRoleTable = Config.get('rolePermission.user_role_table', 'user_roles')
* Should be called after auth middleware
*/
export default class Is {
/**
* Handle request
*/
public async handle(
{ auth, response }: HttpContextContract,
next: () => Promise<void>,
roleNames: string[]
) {
/**
* Check if user is logged-in or not.
* Handle request
*/
let user = await auth.user
if (!user) {
return response.unauthorized({ error: 'Must be logged in' })
public async handle({ auth, response }: HttpContextContract, next: () => Promise<void>, roleNames: string[]) {
/**
* Check if user is logged-in or not.
*/
let user = await auth.user;
if (!user) {
return response.unauthorized({ error: 'Must be logged in' });
}
let hasRole = await this.checkHasRoles(user, roleNames);
if (!hasRole) {
return response.unauthorized({
error: `Doesn't have required role(s): ${roleNames.join(',')}`,
});
// return new Exception(`Doesn't have required role(s): ${roleNames.join(',')}`,
// 401,
// "E_INVALID_AUTH_UID");
}
await next();
}
let hasRole = await this.checkHasRoles(user, roleNames)
if (!hasRole) {
return response.unauthorized({
error: `Doesn't have required role(s): ${roleNames.join(',')}`,
})
// return new Exception(`Doesn't have required role(s): ${roleNames.join(',')}`,
// 401,
// "E_INVALID_AUTH_UID");
private async checkHasRoles(user: User, roleNames: Array<string>): Promise<boolean> {
let rolePlaceHolder = '(';
let placeholders = new Array(roleNames.length).fill('?');
rolePlaceHolder += placeholders.join(',');
rolePlaceHolder += ')';
let {
0: {
0: { roleCount },
},
} = await Database.rawQuery(
'SELECT count(`ur`.`id`) as roleCount FROM ' +
userRoleTable +
' ur INNER JOIN ' +
roleTable +
' r ON ur.role_id=r.id WHERE `ur`.`user_id`=? AND `r`.`name` in ' +
rolePlaceHolder +
' LIMIT 1',
[user.id, ...roleNames],
);
return roleCount > 0;
}
await next()
}
private async checkHasRoles(user: User, roleNames: Array<string>): Promise<boolean> {
let rolePlaceHolder = '('
let placeholders = new Array(roleNames.length).fill('?')
rolePlaceHolder += placeholders.join(',')
rolePlaceHolder += ')'
let {
0: {
0: { roleCount },
},
} = await Database.rawQuery(
'SELECT count(`ur`.`id`) as roleCount FROM ' +
userRoleTable +
' ur INNER JOIN ' +
roleTable +
' r ON ur.role_id=r.id WHERE `ur`.`user_id`=? AND `r`.`name` in ' +
rolePlaceHolder +
' LIMIT 1',
[user.id, ...roleNames]
)
return roleCount > 0
}
}