bigbluebutton-Github/bigbluebutton-html5/imports/api/acl/Acl.js

import { check } from 'meteor/check';
import { Match } from 'meteor/check';
import  deepMerge  from '/imports/utils/deepMerge'

export class Acl {

  constructor(config, Users) {
    this.Users = Users;
    this.config = config;
  }

  can(permission, credentials) {
    check(permission, String);
    const permissions = this.getPermissions(credentials);

    if (permissions) {
      return this.fetchPermission(permission, permissions);
    }
    return false;
  }

  fetchPermission(permission, permissions) {
    if (!permission) return false;

    if (Match.test(permissions, String)) {
      return permissions.indexOf(permission) > -1;
    } else if (Match.test(permissions, Array)) {
      return permissions.some((internalAcl)=>(this.fetchPermission(permission, internalAcl)));
    } else if (Match.test(permissions, Object)) {
      if (permission.indexOf(".") > -1) {
        return this.fetchPermission(permission.substring(permission.indexOf(".") + 1), permissions[permission.substring(0, permission.indexOf("."))]);
      }
      return permissions[permission];
    }
  }

  getPermissions(credentials) {
    if (!credentials) {
      return false;
    }
    let meetingId = credentials.meetingId;
    let userId = credentials.requesterUserId;
    let authToken = credentials.requesterToken;

    const user = this.Users.findOne({
      meetingId,
      userId,
    });

    if (!user) {
      return false;
    }
    const roles = user.user.roles;
    let permissions = {};

    roles.forEach((role)=>{
      permissions = deepMerge(permissions,this.config[role]);
    });
    
    return permissions;
  }
}
Code refactored 2017-06-01 01:54:43 +08:00			`import { check } from 'meteor/check';`
Change ACL to be more extensible 2017-06-03 04:37:22 +08:00			`import { Match } from 'meteor/check';`
Change Acl lookup 2017-06-05 22:16:19 +08:00			`import deepMerge from '/imports/utils/deepMerge'`
Code refactored 2017-06-01 01:54:43 +08:00
			`export class Acl {`

Fix a few review comments 2017-06-02 04:40:55 +08:00			`constructor(config, Users) {`
Code refactored 2017-06-01 01:54:43 +08:00			`this.Users = Users;`
Fix a few review comments 2017-06-02 04:40:55 +08:00			`this.config = config;`
Code refactored 2017-06-01 01:54:43 +08:00			`}`

Change ACL to be more extensible 2017-06-03 04:37:22 +08:00			`can(permission, credentials) {`
			`check(permission, String);`
Change Acl lookup 2017-06-05 22:16:19 +08:00			`const permissions = this.getPermissions(credentials);`
Code refactored 2017-06-01 01:54:43 +08:00
Change Acl lookup 2017-06-05 22:16:19 +08:00			`if (permissions) {`
			`return this.fetchPermission(permission, permissions);`
Code refactored 2017-06-01 01:54:43 +08:00			`}`
			`return false;`
			`}`

Change Acl lookup 2017-06-05 22:16:19 +08:00			`fetchPermission(permission, permissions) {`
Change ACL to be more extensible 2017-06-03 04:37:22 +08:00			`if (!permission) return false;`
Code refactored 2017-06-01 01:54:43 +08:00
Change Acl lookup 2017-06-05 22:16:19 +08:00			`if (Match.test(permissions, String)) {`
			`return permissions.indexOf(permission) > -1;`
			`} else if (Match.test(permissions, Array)) {`
			`return permissions.some((internalAcl)=>(this.fetchPermission(permission, internalAcl)));`
			`} else if (Match.test(permissions, Object)) {`
Change ACL to be more extensible 2017-06-03 04:37:22 +08:00			`if (permission.indexOf(".") > -1) {`
Change Acl lookup 2017-06-05 22:16:19 +08:00			`return this.fetchPermission(permission.substring(permission.indexOf(".") + 1), permissions[permission.substring(0, permission.indexOf("."))]);`
Change ACL to be more extensible 2017-06-03 04:37:22 +08:00			`}`
Change Acl lookup 2017-06-05 22:16:19 +08:00			`return permissions[permission];`
Code refactored 2017-06-01 01:54:43 +08:00			`}`
			`}`

Change Acl lookup 2017-06-05 22:16:19 +08:00			`getPermissions(credentials) {`
Change ACL to be more extensible 2017-06-03 04:37:22 +08:00			`if (!credentials) {`
Code refactored 2017-06-01 01:54:43 +08:00			`return false;`
			`}`
Acl refactor working 2017-06-02 01:32:04 +08:00			`let meetingId = credentials.meetingId;`
			`let userId = credentials.requesterUserId;`
			`let authToken = credentials.requesterToken;`
Code refactored 2017-06-01 01:54:43 +08:00
			`const user = this.Users.findOne({`
			`meetingId,`
			`userId,`
			`});`

Change ACL to be more extensible 2017-06-03 04:37:22 +08:00			`if (!user) {`
Code refactored 2017-06-01 01:54:43 +08:00			`return false;`
			`}`
Change Acl lookup 2017-06-05 22:16:19 +08:00			`const roles = user.user.roles;`
			`let permissions = {};`

			`roles.forEach((role)=>{`
			`permissions = deepMerge(permissions,this.config[role]);`
			`});`

			`return permissions;`
Code refactored 2017-06-01 01:54:43 +08:00			`}`
			`}`