Home Explore Help
Sign In
kris
/
Musare
mirror of https://github.com/Musare/Musare.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: e8647dbbbf
Branches Tags
Musare
/
backend
/
logic
/
actions
/
hooks
/
ownerRequired.js

ownerRequired.js 2.0 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 
  1. import async from "async";
    2. 

  2. 

  3. import moduleManager from "../../../index";
    4. 

  4. 

  5. const DBModule = moduleManager.modules.db;
    6. 

  6. const CacheModule = moduleManager.modules.cache;
    7. 

  7. const UtilsModule = moduleManager.modules.utils;
    8. 

  8. const StationsModule = moduleManager.modules.stations;
    9. 

  9. 

  10. export default destination =>
    11. 

  11. 	async function ownerRequired(session, stationId, ...args) {
    12. 

  12. 		const userModel = await DBModule.runJob("GET_MODEL", { modelName: "user" }, this);
    13. 

  13. 

  14. 		const cb = args[args.length - 1];
    15. 

  15. 

  16. 		async.waterfall(
    17. 

  17. 			[
    18. 

  18. 				next => {
    19. 

  19. 					CacheModule.runJob(
    20. 

  20. 						"HGET",
    21. 

  21. 						{
    22. 

  22. 							table: "sessions",
    23. 

  23. 							key: session.sessionId
    24. 

  24. 						},
    25. 

  25. 						this
    26. 

  26. 					)
    27. 

  27. 						.then(session => next(null, session))
    28. 

  28. 						.catch(next);
    29. 

  29. 				},
    30. 

  30. 				(session, next) => {
    31. 

  31. 					if (!session || !session.userId) return next("Login required.");
    32. 

  32. 					return userModel.findOne({ _id: session.userId }, next);
    33. 

  33. 				},
    34. 

  34. 				(user, next) => {
    35. 

  35. 					if (!user) return next("Login required.");
    36. 

  36. 					if (user.role === "admin") return next(true);
    37. 

  37. 

  38. 					if (!stationId) return next("Please provide a stationId.");
    39. 

  39. 

  40. 					return StationsModule.runJob("GET_STATION", { stationId }, this)
    41. 

  41. 						.then(station => next(null, station))
    42. 

  42. 						.catch(next);
    43. 

  43. 				},
    44. 

  44. 				(station, next) => {
    45. 

  45. 					if (!station) return next("Station not found.");
    46. 

  46. 					if (station.type === "community" && station.owner === session.userId) return next(true);
    47. 

  47. 					return next("Invalid permissions.");
    48. 

  48. 				}
    49. 

  49. 			],
    50. 

  50. 			async err => {
    51. 

  51. 				if (err !== true) {
    52. 

  52. 					err = await UtilsModule.runJob("GET_ERROR", { error: err }, this);
    53. 

  53. 					this.log(
    54. 

  54. 						"INFO",
    55. 

  55. 						"OWNER_REQUIRED",
    56. 

  56. 						`User failed to pass owner required check for station "${stationId}". "${err}"`
    57. 

  57. 					);
    58. 

  58. 					return cb({ status: "error", message: err });
    59. 

  59. 				}
    60. 

  60. 				this.log(
    61. 

  61. 					"INFO",
    62. 

  62. 					"OWNER_REQUIRED",
    63. 

  63. 					`User "${session.userId}" passed owner required check for station "${stationId}"`,
    64. 

  64. 					false
    65. 

  65. 				);
    66. 

  66. 

  67. 				return destination.apply(this, [session, stationId].concat(args));
    68. 

  68. 			}
    69. 

  69. 		);
    70. 

  70. 	};
    71.