Merge branch 'dev' into Feat-sublevel-crud

2021-12-29 14:41:11 +05:30
parent 66ac295bdc c7a4d04e69
commit 4a577de9c5
22 changed files with 1222 additions and 97 deletions
--- a/src/controller/utils/authorize.js
+++ b/src/controller/utils/authorize.js
@@ -1,11 +1,44 @@
+const jwt = require("jsonwebtoken");
+const User = require("../../models/User");
 const UserRole = require("../../models/UserRole");
-const { AuthorizeUser } = require("../../config/auth");
-const { SUPER_ADMIN_ROLE, AUTHORIZATION_FAILURE_ERROR_MESSAGE } = require("../../config/constants");
+const {
+  SUPER_ADMIN_ROLE,
+  AUTHORIZATION_FAILURE_ERROR_MESSAGE,
+} = require("../../config/constants");
+const { JWT_SECRET } = require("../../config/env");
+const constants = require("../../config/constants");
+
+const authenticate = async (token) => {
+  const decodedToken = jwt.verify(token, JWT_SECRET);
+  if (decodedToken) {
+    return await User.findById(decodedToken.id)
+      .populate({ path: "roles", populate: "permissions" })
+      .populate("permissions");
+  }
+};
+
+const authorize = async (
+  user,
+  requiredRoles = [],
+  requiredPermissions = []
+) => {
+  const userRoles = user.roles.map((_) => _._id);
+  const userPermissions = [
+    ...user.permissions.map((_) => _._id),
+    ...userRoles.map((_) => _.permissions).flat(),
+  ];
+
+  return (
+    user != undefined &&
+    requiredRoles.every((_) => userRoles.includes(_)) &&
+    requiredPermissions.every((_) => userPermissions.includes(_))
+  );
+};

 module.exports = {
  SuperAdminCheck: async (req, res, next) => {
    const SuperAdmin = await UserRole.findOne({ name: SUPER_ADMIN_ROLE });
-    if (AuthorizeUser(req.locals.user, [SuperAdmin.id])) {
+    if (authorize(req.locals.user, [SuperAdmin.id])) {
      next();
    } else {
      res
@@ -13,4 +46,23 @@ module.exports = {
        .send({ success: false, error: AUTHORIZATION_FAILURE_ERROR_MESSAGE });
    }
  },
+  AuthenticateMiddleware: async (req, res, next) => {
+    try {
+      const token = req.headers.authorization || "";
+      if (token) {
+        const user = authenticate(token);
+        res.locals.user = user;
+        next();
+      } else {
+        throw new Error("Not Authenticated user!");
+      }
+    } catch (error) {
+      res.status(401).send({
+        success: false,
+        error: constants.AUTHENTICATION_FAILURE_ERROR_MESSAGE,
+      });
+    }
+  },
+
+  AuthorizeUser: authorize,
 };
--- a/src/controller/utils/sublevel.js
+++ b/src/controller/utils/sublevel.js
@@ -1,4 +1,4 @@
-const SubLevel = require("../../models/Sublevel");
+const Sublevel = require("../../models/Sublevel");
 const Level = require("../../models/Level");

 // exports.moveSublevel = async (sub_level_id, under_sub_or_level_id, isMainLevel) => {
@@ -10,7 +10,7 @@ exports.deleteSubLevelTreeFromRoot = async (root_sub_level_id) => {
  let temp_sub_level_ids = [root_sub_level_id];

  while (temp_sub_level_ids.length > 0) {
-    const level_sub_level_data = await SubLevel.find({
+    const level_sub_level_data = await Sublevel.find({
      _id: temp_sub_level_ids,
    });

@@ -24,7 +24,7 @@ exports.deleteSubLevelTreeFromRoot = async (root_sub_level_id) => {
    });
  }

-  await SubLevel.deleteMany({ _id: sub_level_ids });
+  await Sublevel.deleteMany({ _id: sub_level_ids });
  console.log("Deleting sub-level tree", { sub_level_ids });
  return sub_level_ids;
 };