tellform/app/controllers/users/users.authorization.server.controller.js

'use strict';

/**
 * Module dependencies.
 */
var _ = require('lodash'),
	mongoose = require('mongoose'),
	User = mongoose.model('User');

/**
 * User middleware
 */
exports.userByID = function (req, res, next, id) {
  if (!mongoose.Types.ObjectId.isValid(id)) {
    return res.status(400).send({
      message: 'User is invalid'
    });
  }

  User.findOne({
    _id: id
  }).exec(function (err, user) {
    if (err) {
      return next(err);
    } else if (!user) {
		return res.status(404).send({
			message: 'User does not exist'
		});
    }

    req.profile = user;
    next();
  });
};

/**
 * Require login routing middleware
 */
exports.requiresLogin = function(req, res, next) {
	if (!req.isAuthenticated()) {
		return res.status(401).send({
			message: 'User is not logged in'
		});
	} else {
		return next();
	}
};

/**
 * User authorizations routing middleware
 */
exports.hasAuthorization = function(roles) {
	var _this = this;

	return function(req, res, next) {
		_this.requiresLogin(req, res, function() {
			if (_.intersection(req.user.roles, roles).length) {
				return next();
			} else {
				return res.status(403).send({
					message: 'User is not authorized'
				});
			}
		});
	};
};
first commit 2015-06-29 22:51:29 +00:00			`'use strict';`

			`/**`
			`* Module dependencies.`
			`*/`
			`var _ = require('lodash'),`
			`mongoose = require('mongoose'),`
			`User = mongoose.model('User');`

			`/**`
			`* User middleware`
			`*/`
fixed user permissions problem 2015-10-30 18:40:02 +00:00			`exports.userByID = function (req, res, next, id) {`
			`if (!mongoose.Types.ObjectId.isValid(id)) {`
			`return res.status(400).send({`
			`message: 'User is invalid'`
			`});`
			`}`

			`User.findOne({`
			`_id: id`
			`}).exec(function (err, user) {`
			`if (err) {`
			`return next(err);`
			`} else if (!user) {`
added all routes to swagger 2016-08-26 22:09:16 +00:00			`return res.status(404).send({`
			`message: 'User does not exist'`
			`});`
fixed user permissions problem 2015-10-30 18:40:02 +00:00			`}`

			`req.profile = user;`
			`next();`
			`});`
first commit 2015-06-29 22:51:29 +00:00			`};`

			`/**`
			`* Require login routing middleware`
			`*/`
			`exports.requiresLogin = function(req, res, next) {`
			`if (!req.isAuthenticated()) {`
			`return res.status(401).send({`
			`message: 'User is not logged in'`
			`});`
got all tests to run 2016-03-30 03:45:16 +00:00			`} else {`
added stuff 2015-11-06 01:22:16 +00:00			`return next();`
first commit 2015-06-29 22:51:29 +00:00			`}`
			`};`

			`/**`
			`* User authorizations routing middleware`
			`*/`
			`exports.hasAuthorization = function(roles) {`
			`var _this = this;`

			`return function(req, res, next) {`
			`_this.requiresLogin(req, res, function() {`
			`if (_.intersection(req.user.roles, roles).length) {`
			`return next();`
			`} else {`
			`return res.status(403).send({`
			`message: 'User is not authorized'`
			`});`
			`}`
			`});`
			`};`
			`};`