just_owner Access Strategy

sealcode / sealious

An extensible, declarative node framework

25 stars 2 forks source link

just_owner Access Strategy #198

Closed kuba-orlik closed 9 years ago

arkadiusz-wieczorek commented 9 years ago

Probably we are thinking about something like this: huh?

var access_strategy = new Sealious.ChipTypes.AccessStrategy({
    name: "just_owner",
    checker_function: function(context, item){
        console.log(context.get("user_id"), item.created_context.user_id);
        return new Promise(function (resolve, reject) {
            if(context.get("user_id") === item.created_context.user_id){ //belong_to_user
                ("id ok!");
            } else {
                reject("bad id!");
            };
        });
    },
    item_sensitive: true
});

kuba-orlik commented 9 years ago

I would suggest certain corrections:

var access_strategy = new Sealious.ChipTypes.AccessStrategy({
    name: "just_owner",
    item_sensitive: true,
    checker_function: function(context, item){
        if(context.get("user_id") === item.created_context.user_id){ //belong_to_user
            return Promise.resolve();
        } else {
            return Promise.reject("Only the owner of this resource can perform this operation on this item.");
        };
    }
});

I think in that form it's ready to be added to base chips :)

arkadiusz-wieczorek commented 9 years ago

Ok, I can add to base chips in new branch.

kuba-orlik commented 9 years ago

Ok, waiting for a pull request :)