34 lines
1.1 KiB
JavaScript
34 lines
1.1 KiB
JavaScript
|
'use strict';
|
||
|
|
||
|
angular.module('users').service('Authorizer', function(APP_PERMISSIONS, USER_ROLES) {
|
||
|
return function(user) {
|
||
|
return {
|
||
|
canAccess: function(permissions) {
|
||
|
var i, len, permission;
|
||
|
if (!angular.isArray(permissions)) {
|
||
|
permissions = [permissions];
|
||
|
}
|
||
|
for (i = 0, len = permissions.length; i < len; i++) {
|
||
|
permission = permissions[i];
|
||
|
if (APP_PERMISSIONS[permission] === null) {
|
||
|
throw 'Bad permission value';
|
||
|
}
|
||
|
if (user && user.roles) {
|
||
|
switch (permission) {
|
||
|
case APP_PERMISSIONS.viewAdminSettings:
|
||
|
case APP_PERMISSIONS.editAdminSettings:
|
||
|
return user.roles.indexOf(USER_ROLES.admin) > -1;
|
||
|
case APP_PERMISSIONS.viewPrivateForm:
|
||
|
case APP_PERMISSIONS.editForm:
|
||
|
return user.roles.indexOf(USER_ROLES.admin) > -1 || user.roles.indexOf(USER_ROLES.normal) > -1;
|
||
|
}
|
||
|
} else {
|
||
|
return false;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return false;
|
||
|
}
|
||
|
};
|
||
|
};
|
||
|
});
|