diff options
| author | mayjs <johannes.may@udo.edu> | 2017-05-15 19:43:15 +0200 |
|---|---|---|
| committer | mayjs <johannes.may@udo.edu> | 2017-05-15 19:43:15 +0200 |
| commit | ef6f2e8d62a2322b9172edf0f7d07e2fe66b85c9 (patch) | |
| tree | 24cb78e7a22f991fccb248016c907bf86adca624 /server/authentication.js | |
| parent | 1bdc28bf9cffa311ba0955760c3a2013f23dce83 (diff) | |
| download | wekan-ef6f2e8d62a2322b9172edf0f7d07e2fe66b85c9.tar.gz wekan-ef6f2e8d62a2322b9172edf0f7d07e2fe66b85c9.tar.bz2 wekan-ef6f2e8d62a2322b9172edf0f7d07e2fe66b85c9.zip | |
Added a simple authorization function
Diffstat (limited to 'server/authentication.js')
| -rw-r--r-- | server/authentication.js | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/server/authentication.js b/server/authentication.js index 6fee8649..a67b64aa 100644 --- a/server/authentication.js +++ b/server/authentication.js @@ -27,5 +27,17 @@ Meteor.startup(() => { } }; + // An admin should be authorized to access everything, so we use a separate check for admins + // This throws an error if otherReq is false and the user is not an admin + Authentication.checkAdminOrCondition = function(userId, otherReq) { + if(otherReq) return; + const admin = Users.findOne({ _id: userId, isAdmin: true }); + if (admin === undefined) { + const error = new Meteor.Error('Forbidden', 'Forbidden'); + error.statusCode = 403; + throw error; + } + } + }); |