Adding support for restricting category read access based on user groups

2025-11-03 20:45:58 +01:00 · 2013-12-17 20:34:21 +00:00
parent 9cb20c3886
commit 35ad3be969
6 changed files with 186 additions and 10 deletions
--- a/src/categoryTools.js
+++ b/src/categoryTools.js
@@ -65,4 +65,56 @@ CategoryTools.privileges = function(cid, uid, callback) {
 	});
 };

-module.exports = CategoryTools;
+CategoryTools.groupPrivileges = function(cid, gid, callback) {
+	async.parallel({
+		"+gr": function(next) {
+			var	key = 'cid:' + cid + ':privileges:+gr';
+			Groups.exists(key, function(err, exists) {
+				if (exists) {
+					async.parallel({
+						isMember: function(next) {
+							Groups.isMemberByGroupName(gid, key, next);
+						},
+						isEmpty: function(next) {
+							Groups.isEmptyByGroupName(key, next);
+						}
+					}, next);
+				} else {
+					next(null, {
+						isMember: false,
+						isEmpty: true
+					});
+				}
+			});
+		},
+		"+gw": function(next) {
+			var	key = 'cid:' + cid + ':privileges:+gw';
+			Groups.exists(key, function(err, exists) {
+				if (exists) {
+					async.parallel({
+						isMember: function(next) {
+							Groups.isMemberByGroupName(gid, key, next);
+						},
+						isEmpty: function(next) {
+							Groups.isEmptyByGroupName(key, next);
+						}
+					}, next);
+				} else {
+					next(null, {
+						isMember: false,
+						isEmpty: true
+					});
+				}
+			});
+		}
+	}, function(err, privileges) {
+		callback(err, !privileges ? null : {
+			"+gr": privileges['+gr'].isMember,
+			"+gw": privileges['+gw'].isMember,
+			read: (privileges['+gr'].isMember || privileges['+gr'].isEmpty),
+			write: (privileges['+gw'].isMember || privileges['+gw'].isEmpty),
+		});
+	});
+};
+
+module.exports = CategoryTools;