All files / server/api/utils policy.js

100% Statements 7/7
100% Branches 8/8
100% Functions 2/2
100% Lines 7/7
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31          1x 1x                 1x 21x 21x                   1x 3x    
/**
 * Utilities to simplify the writing of authorization policies.
 *
 * @module server/api/utils/policy
 */
const errors = require('./errors');
const { ensureRequest } = require('../../utils/express');
 
/**
 * Indicates whether an active user who has the requested role has successfully authenticated.
 *
 * @param {Request} req - An Express request object.
 * @param {string} role - The requested role.
 * @returns {boolean} True if the current user has the specified role, false otherwise.
 */
exports.hasRole = function(req, role) {
  ensureRequest(req);
  return req.currentUser && req.currentUser.isActive() && req.currentUser.hasRole(role);
};
 
/**
 * Indicates whether two database records are the same record (i.e. they have the same ID).
 *
 * @param {Record} r1 - The first database record.
 * @param {Record} r2 - The second database record.
 * @returns {boolean} True if both objects are database records with the same ID, false otherwise.
 */
exports.sameRecord = function(r1, r2) {
  return r1 && r2 && r1.constructor === r2.constructor && r1.get('id') && r1.get('id') === r2.get('id');
};