mirror of
https://github.com/yu-i-i/overleaf-cep.git
synced 2026-05-26 18:51:50 +02:00
c881829e04
[web] admin privilege does not imply staffAccess GitOrigin-RevId: 89760c7a9a8f0b0c82ebee40ca3236e9894ab9fa
27 lines
579 B
JavaScript
27 lines
579 B
JavaScript
const UserMembershipAuthorization = {
|
|
hasStaffAccess(requiredStaffAccess) {
|
|
return req => {
|
|
if (!req.user) {
|
|
return false
|
|
}
|
|
return (
|
|
requiredStaffAccess &&
|
|
req.user.staffAccess &&
|
|
req.user.staffAccess[requiredStaffAccess]
|
|
)
|
|
}
|
|
},
|
|
|
|
hasEntityAccess() {
|
|
return req => {
|
|
if (!req.entity) {
|
|
return false
|
|
}
|
|
return req.entity[req.entityConfig.fields.access].some(accessUserId =>
|
|
accessUserId.equals(req.user._id)
|
|
)
|
|
}
|
|
},
|
|
}
|
|
module.exports = UserMembershipAuthorization
|