API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 20th, 2014
149
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.43 KB | None | 0 0
raw download clone embed print report
  1. var mustBe = require("mustbe");
  2.  
  3. mustBe.configure(function(config){
  4.  
  5. // core configuration
  6. // ------------------
  7.  
  8. config.getUser(function(req, cb){
  9. cb(null, req.user);
  10. });
  11.  
  12. config.isAuthenticated(function(user, cb){
  13. cb(null, !!user);
  14. });
  15.  
  16. // what do we do when the user is not authenticated?
  17. config.notAuthenticated(function(req, res){
  18. res.redirect("/login?msg=you are not logged in");
  19. });
  20.  
  21. // what do we do when the user is not authorized?
  22. config.notAuthorized(function(req, res){
  23. res.redirect("/login?msg=you are not authorized");
  24. });
  25.  
  26. // activitiy configuration
  27. // -----------------------
  28.  
  29. config.activities(function(activities){
  30. // 1) check if explicitly denied
  31. // 2) if not explicitly denied, then check explicit allowance
  32. // 3) if not explicitly allowed, then check authorization
  33.  
  34. // explicitly deny anonymous users
  35. activities.deny(function(user, activity){
  36. var isAnonymous = (!!user);
  37. return isAnonymous;
  38. });
  39.  
  40. // explicitly allow admin users
  41. activities.allow(function(user, activity){
  42. var isAdmin = (_.indexOf(user.roles, "admin") >= 0);
  43. return isAdmin;
  44. });
  45.  
  46. // configure an activity with an authorization check
  47. activities.can("view thing", authorizeViewThing);
  48. activities.can("edit thing", authorizeEditThing);
  49. });
  50.  
  51. // an authorization check
  52. function authorizeEditThing(user, params, cb){
  53. var id = params["id"];
  54.  
  55. // do some check to see if the user can
  56. // edit the thing in question
  57. user.someThing(id, function(err, thing){
  58. var hasThing = !!thing;
  59. cb(err, hasThing);
  60. });
  61. }
  62.  
  63. // an authorization check
  64. function authorizeViewThing(user, params, cb){
  65. var id = params["id"];
  66.  
  67. // do some check to see if the user can
  68. // view the thing in question
  69. user.anotherThing(id, function(err, thing){
  70. var hasThing = !!thing;
  71. cb(err, hasThing);
  72. });
  73. }
  74.  
  75. // route -> activity map
  76. // ---------------------
  77.  
  78. config.routes(function(routes){
  79.  
  80. routes.map({
  81. // the activity to authorize
  82. activity: "view thing",
  83.  
  84. // map a request parameters to the params
  85. // that get passed in to the activity
  86. // authorization function
  87. getParams: function(req){
  88. return {
  89. id: req["id"]
  90. }
  91. }
  92. });
  93.  
  94. routes.map({
  95. activity: "edit thing",
  96. getParams: function(req){
  97. return {
  98. id: req["id"]
  99. }
  100. }
  101. });
  102. });
  103.  
  104. });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!