From ef6f2e8d62a2322b9172edf0f7d07e2fe66b85c9 Mon Sep 17 00:00:00 2001
From: mayjs <johannes.may@udo.edu>
Date: Mon, 15 May 2017 19:43:15 +0200
Subject: Added a simple authorization function

---
 server/authentication.js | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/server/authentication.js b/server/authentication.js
index 6fee8649..a67b64aa 100644
--- a/server/authentication.js
+++ b/server/authentication.js
@@ -27,5 +27,17 @@ Meteor.startup(() => {
     }
   };
 
+  // An admin should be authorized to access everything, so we use a separate check for admins
+  // This throws an error if otherReq is false and the user is not an admin
+  Authentication.checkAdminOrCondition = function(userId, otherReq) {
+    if(otherReq) return;
+    const admin = Users.findOne({ _id: userId, isAdmin: true });
+    if (admin === undefined) {
+      const error = new Meteor.Error('Forbidden', 'Forbidden');
+      error.statusCode = 403;
+      throw error;
+    }
+  }
+
 });
 
-- 
cgit v1.2.3-1-g7c22