Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-16 23:40:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Added a simple authorization function

Browse source
This commit is contained in:
mayjs 2017-05-15 19:43:15 +02:00
parent 1bdc28bf9c
commit ef6f2e8d62
1 changed files with 12 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
server/authentication.js
View file

@ -27,5 +27,17 @@ Meteor.startup(() => {
}
};
// An admin should be authorized to access everything, so we use a separate check for admins
// This throws an error if otherReq is false and the user is not an admin
Authentication.checkAdminOrCondition = function(userId, otherReq) {
if(otherReq) return;
const admin = Users.findOne({ _id: userId, isAdmin: true });
if (admin === undefined) {
const error = new Meteor.Error('Forbidden', 'Forbidden');
error.statusCode = 403;
throw error;
}
}
});