39 lines
1.1 KiB
TypeScript
39 lines
1.1 KiB
TypeScript
|
|
||
|
|
import { FastifyRequest, FastifyReply } from 'fastify';
|
||
|
|
import { Message } from '../../../../browser/messages/Message';
|
||
|
|
import { RequestRequirement } from '../../requirements/RequestRequirement';
|
||
|
|
import { Permission } from '../../permissions/Permission';
|
||
|
|
|
||
|
|
export class UserCanUseApp extends RequestRequirement
|
||
|
|
{
|
||
|
|
|
||
|
|
async handle( request:FastifyRequest, reply:FastifyReply ):Promise<Message[]>
|
||
|
|
{
|
||
|
|
let requestBody = request.body;
|
||
|
|
let appData = requestBody as { token:string, appID:string };
|
||
|
|
|
||
|
|
if ( ! appData )
|
||
|
|
{
|
||
|
|
return this.sendError( "No token data" );
|
||
|
|
}
|
||
|
|
|
||
|
|
if ( this.ums._settings.userApps.indexOf( appData.appID ) == -1 )
|
||
|
|
{
|
||
|
|
return this.sendError( "Invalid app id: " + appData.appID + ". Defined apps:" + this.ums._settings.userApps.join( ", " ) );
|
||
|
|
}
|
||
|
|
|
||
|
|
let user = await this.ums.getUser( request );
|
||
|
|
|
||
|
|
let appPermissionID = "apps." + appData.appID;
|
||
|
|
|
||
|
|
let hasPermission = await this.ums.userDB.hasPermission( user, appPermissionID );
|
||
|
|
|
||
|
|
if ( ! hasPermission )
|
||
|
|
{
|
||
|
|
return this.sendError( "Permission for app not found" );
|
||
|
|
}
|
||
|
|
|
||
|
|
return this.giveOK();
|
||
|
|
}
|
||
|
|
}
|