26 lines
731 B
TypeScript
26 lines
731 B
TypeScript
import HttpCodes from "@Common/system/controller-pattern/HttpCodes";
|
|
import { NextFunction, Request, Response } from "express";
|
|
|
|
export default async function ruleHandler(req: Request, response: Response, next: NextFunction) {
|
|
try {
|
|
const rules = req.body.user.rules;
|
|
const service = req.path && req.path.split("/")[4];
|
|
|
|
if (!rules) {
|
|
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized without rules");
|
|
return;
|
|
}
|
|
|
|
if (!rules.includes(req.method + " " + service)) {
|
|
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with those rules");
|
|
return;
|
|
}
|
|
|
|
next();
|
|
} catch (error) {
|
|
console.error(error);
|
|
response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
|
|
return;
|
|
}
|
|
}
|