'use strict'; const globalHooks = require('../../../hooks'); const hooks = require('feathers-hooks'); const auth = require('feathers-authentication').hooks; var _feathersErrors = require('feathers-errors'); var _feathersErrors2 = _interopRequireDefault(_feathersErrors); function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } function validateRoleOnCreate () { return function(hook) { var _this = this; var userRole = hook.params.user && hook.params.user.role; return new Promise(function (resolve, reject) { // Set provider as undefined so we avoid an infinite loop if this hook is // set on the resource we are requesting. var params = Object.assign({}, hook.params, { provider: undefined }); if (! hook.data.role) { hook.data.role = 'user' resolve(hook); } if (userRole && userRole.toString() === 'user') { reject(new _feathersErrors2.default.Forbidden('You do not have permission to create new users.')); } else if (userRole && userRole.toString() === 'manager' && hook.data.role.toString() !== 'user') { reject(new _feathersErrors2.default.Forbidden('You do not have permission to change this user\'s role.')); } else { resolve(hook); } }); } } function validateRoleOnUpdate () { return function(hook) { var _this = this; var userRole = hook.params.user.role; return new Promise(function (resolve, reject) { // Set provider as undefined so we avoid an infinite loop if this hook is // set on the resource we are requesting. var params = Object.assign({}, hook.params, { provider: undefined }); return _this.get(hook.id, params).then(function (data) { if (data.toJSON) { data = data.toJSON(); } else if (data.toObject) { data = data.toObject(); } var dataRole = data.role; if (userRole.toString() === 'user' && dataRole.toString() !== 'user') { reject(new _feathersErrors2.default.Forbidden('You do not have permission to change your role.')); } else if (userRole.toString() === 'manager' && dataRole.toString() === 'admin') { reject(new _feathersErrors2.default.Forbidden('You do not have permission to change this user\'s role.')); } else { resolve(hook); } }).catch(reject); }); } } function removeUserMeals () { return function(hook) { var _this = this; return new Promise(function (resolve, reject) { // Set provider as undefined so we avoid an infinite loop if this hook is // set on the resource we are requesting. var params = Object.assign({}, hook.params, { provider: undefined }); return hook.app.service('meals').remove(null, { userid: hook.user.id }).then(function (data) { resolve(hook); }).catch(reject); }); } } const roleConfig = { fieldName: 'role', roles: ['manager','admin'], owner: true, ownerField: 'id' } exports.before = { all: [], find: [ auth.verifyToken(), auth.populateUser(), auth.restrictToAuthenticated(), ], get: [ auth.verifyToken(), auth.populateUser(), auth.restrictToAuthenticated(), auth.restrictToRoles(roleConfig), ], create: [ auth.hashPassword(), validateRoleOnCreate(), ], update: [ auth.verifyToken(), auth.populateUser(), auth.restrictToAuthenticated(), auth.restrictToRoles(roleConfig), validateRoleOnUpdate(), ], patch: [ auth.verifyToken(), auth.populateUser(), auth.restrictToAuthenticated(), validateRoleOnUpdate(), ], remove: [ auth.verifyToken(), auth.populateUser(), auth.restrictToAuthenticated(), validateRoleOnUpdate(), removeUserMeals(), ] }; exports.after = { all: [hooks.remove('password')], find: [], get: [], create: [], update: [], patch: [], remove: [], };