Home Explore Help
Sign In
kris
/
Musare
mirror of https://github.com/Musare/Musare.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 11e7dd41c5
Branches Tags
Musare
/
backend
/
logic
/
actions
/
hooks
/
ownerRequired.js

ownerRequired.js 2.0 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 
  1. import async from "async";
    2. 

  2. 

  3. // eslint-disable-next-line
    4. 

  4. import moduleManager from "../../../index";
    5. 

  5. 

  6. const DBModule = moduleManager.modules.db;
    7. 

  7. const CacheModule = moduleManager.modules.cache;
    8. 

  8. const UtilsModule = moduleManager.modules.utils;
    9. 

  9. const StationsModule = moduleManager.modules.stations;
    10. 

  10. 

  11. export default destination =>
    12. 

  12. 	async function ownerRequired(session, stationId, ...args) {
    13. 

  13. 		const userModel = await DBModule.runJob("GET_MODEL", { modelName: "user" }, this);
    14. 

  14. 

  15. 		const cb = args[args.length - 1];
    16. 

  16. 

  17. 		async.waterfall(
    18. 

  18. 			[
    19. 

  19. 				next => {
    20. 

  20. 					CacheModule.runJob(
    21. 

  21. 						"HGET",
    22. 

  22. 						{
    23. 

  23. 							table: "sessions",
    24. 

  24. 							key: session.sessionId
    25. 

  25. 						},
    26. 

  26. 						this
    27. 

  27. 					)
    28. 

  28. 						.then(session => next(null, session))
    29. 

  29. 						.catch(next);
    30. 

  30. 				},
    31. 

  31. 				(session, next) => {
    32. 

  32. 					if (!session || !session.userId) return next("Login required.");
    33. 

  33. 					return userModel.findOne({ _id: session.userId }, next);
    34. 

  34. 				},
    35. 

  35. 				(user, next) => {
    36. 

  36. 					if (!user) return next("Login required.");
    37. 

  37. 					if (user.role === "admin") return next(true);
    38. 

  38. 

  39. 					if (!stationId) return next("Please provide a stationId.");
    40. 

  40. 

  41. 					return StationsModule.runJob("GET_STATION", { stationId }, this)
    42. 

  42. 						.then(station => next(null, station))
    43. 

  43. 						.catch(next);
    44. 

  44. 				},
    45. 

  45. 				(station, next) => {
    46. 

  46. 					if (!station) return next("Station not found.");
    47. 

  47. 					if (station.type === "community" && station.owner === session.userId) return next(true);
    48. 

  48. 					return next("Invalid permissions.");
    49. 

  49. 				}
    50. 

  50. 			],
    51. 

  51. 			async err => {
    52. 

  52. 				if (err !== true) {
    53. 

  53. 					err = await UtilsModule.runJob("GET_ERROR", { error: err }, this);
    54. 

  54. 					this.log(
    55. 

  55. 						"INFO",
    56. 

  56. 						"OWNER_REQUIRED",
    57. 

  57. 						`User failed to pass owner required check for station "${stationId}". "${err}"`
    58. 

  58. 					);
    59. 

  59. 					return cb({ status: "error", message: err });
    60. 

  60. 				}
    61. 

  61. 				this.log(
    62. 

  62. 					"INFO",
    63. 

  63. 					"OWNER_REQUIRED",
    64. 

  64. 					`User "${session.userId}" passed owner required check for station "${stationId}"`,
    65. 

  65. 					false
    66. 

  66. 				);
    67. 

  67. 

  68. 				return destination.apply(this, [session, stationId].concat(args));
    69. 

  69. 			}
    70. 

  70. 		);
    71. 

  71. 	};
    72.