//Call for testing if a particular user has a particular permission over a // particular object. Returns true or false. // //Requiremenst for checking data in DB const checkmemb= require('../helpfunctions/checkmemb'); const condTest = (req, res, db) => { //Parsing req body const { reqowner, reqobjname, reqtype} =req.body; //Checking for owner with particular permission over a particular object db.transaction (trx => { trx.select('objname') .from('permissions') //First checking for directly associated permissions .where('owner', 'ilike', reqowner) //Checking only for users .andWhere('ownertype', 'ilike', 'user') .andWhere('objname', 'ilike', reqobjname) .andWhere('type', 'ilike', reqtype) .then (found => { if (found.length !==0) { return res.json(true); } //Checking for permissions inherited from groups return trx('permissions') .returning('owner') //Checking only for groups .where('ownertype', 'ilike', 'group') //Checking for existance of group with particular permission over a particular object .andWhere('objname', 'ilike', reqobjname) .andWhere('type', 'ilike', reqtype) .then (found => { //? console.log('found', found); //Found is an array of objects (rows from permissions table) where group has needed permisions //Check for every group if user is a member found.forEach( (row, index) => { //? console.log('row.owner', row.owner); // Check if our user is in found group and have inherited permission return trx('groups') .returning('*') .where('username', 'ilike', reqowner) .andWhere('groupname', 'ilike', 'admins') .then ( data => { console.log('data', data); if (data.length!==0) { return res.json(true); } }) .then(trx.commit) .catch(trx.rollback) }); return res.json(false); }) }) .then(trx.commit) .catch(trx.rollback) .catch (err => res.status(400).json('Error accesing database.')) }) } module.exports = { condTest }