Windshaft-cartodb/lib/cartodb/middleware/context/authorize.js

module.exports = function authorizeMiddleware (authApi) {
    return function (req, res, next) {
        req.profiler.done('req2params.setup');

        authApi.authorize(req, res, (err, authorized) => {
            req.profiler.done('authorize');
            if (err) {
                return next(err);
            }

            if(!authorized) {
                err = new Error("Sorry, you are unauthorized (permission denied)");
                err.http_status = 403;
                return next(err);
            }

            return next();
        });
    };
};
Split prepare context middleware and fix unit test 2017-09-25 19:40:22 +08:00			`module.exports = function authorizeMiddleware (authApi) {`
			`return function (req, res, next) {`
			`req.profiler.done('req2params.setup');`

using res.locals instead of params in AuthApi 2017-10-05 17:28:41 +08:00			`authApi.authorize(req, res, (err, authorized) => {`
Split prepare context middleware and fix unit test 2017-09-25 19:40:22 +08:00			`req.profiler.done('authorize');`
			`if (err) {`
			`return next(err);`
			`}`

			`if(!authorized) {`
			`err = new Error("Sorry, you are unauthorized (permission denied)");`
			`err.http_status = 403;`
			`return next(err);`
			`}`

			`return next();`
			`});`
			`};`
			`};`