- remove references to staff access GitOrigin-RevId: 5d7df3ae8bc78aa02b65ec0dac0a323520c3df15
38 lines
1.1 KiB
JavaScript
38 lines
1.1 KiB
JavaScript
import AdminAuthorizationHelper from '../Helpers/AdminAuthorizationHelper.mjs'
|
|
import SessionManager from '../Authentication/SessionManager.mjs'
|
|
|
|
const UserMembershipAuthorization = {
|
|
hasAdminCapability: AdminAuthorizationHelper.hasAdminCapability,
|
|
|
|
hasAdminAccess(req) {
|
|
return AdminAuthorizationHelper.hasAdminAccess(
|
|
SessionManager.getSessionUser(req.session)
|
|
)
|
|
},
|
|
|
|
hasModifyGroupMemberCapability(req, res) {
|
|
return AdminAuthorizationHelper.hasAdminCapability(
|
|
req.entity.managedUsersEnabled
|
|
? 'modify-managed-group-member'
|
|
: 'modify-group-member',
|
|
true
|
|
)(req, res)
|
|
},
|
|
|
|
hasEntityAccess() {
|
|
return req => {
|
|
if (!req.entity) {
|
|
return false
|
|
}
|
|
const fieldAccess = req.entity[req.entityConfig.fields.access]
|
|
const fieldAccessArray = Array.isArray(fieldAccess)
|
|
? fieldAccess
|
|
: [fieldAccess.toString()]
|
|
return fieldAccessArray.some(
|
|
accessUserId => accessUserId.toString() === req.user._id.toString()
|
|
)
|
|
}
|
|
},
|
|
}
|
|
export default UserMembershipAuthorization
|