Open ghost opened 10 years ago
Interesting idea, how about:
roles.use('edit user', ['userID'], fn)
That way you could add additional parameters to the array to match against multiple parameters.
You could already do something very similar to this as:
roles.use('edit user', function (req) {
if (req.params.userID) {
// check access to the userID here
}
});
This would work because connect-roles passes through the existing params anyway. It might be nice to have an easier way to encode that list of params though. We could then do something like:
roles.use('edit user', ['userID'], function (req, userID) {
// check access to the userID here
});
I'd be happy to accept a pull request for this.
Okay. I'll do it asap I have time to do it.
Maybe some api like this.
instead of
Express has 'param' method. http://expressjs.com/api.html#app.param