-/*jshint indent:2, curly:true, eqeqeq:true, immed:true, latedef:true,
+/*jshint node:true, indent:2, curly:true, eqeqeq:true, immed:true, latedef:true,
newcap:true, noarg:true, regexp:true, undef:true, strict:true, trailing:true,
white:true*/
-/*global SYS:true, XM:true, Backbone:true, _:true */
+/*global SYS:true, XM:true, Backbone:true, _:true, X: true */
(function () {
"use strict";
+ var async = require("async");
+
/**
@class
SYS.User = XM.SimpleModel.extend({
/** @scope SYS.User.prototype */
- recordType: 'SYS.User'
-
+ recordType: 'SYS.User',
+
+ checkPrivilege: function (privName, database, callback) {
+ var privCheck = _.find(this.get("grantedPrivileges"), function (model) {
+ return model.privilege === privName;
+ });
+ if (privCheck) {
+ callback(); // the user has this privilege!
+ return;
+ }
+ // this gets a little dicey: check all the user's roles for the priv, which
+ // requires async.map
+ var roles = _.map(this.get("grantedUserAccountRoles"), function (grantedRole) {
+ return grantedRole.userAccountRole;
+ });
+ var checkRole = function (roleName, next) {
+ var role = new SYS.UserAccountRole();
+ role.fetch({
+ id: roleName,
+ username: X.options.databaseServer.user,
+ database: database,
+ success: function (roleModel, results) {
+ var rolePriv = _.find(roleModel.get("grantedPrivileges"), function (grantedPriv) {
+ return grantedPriv.privilege === privName;
+ });
+ next(null, rolePriv);
+ }
+ });
+ };
+ async.map(roles, checkRole, function (err, results) {
+ // if any of the roles give the priv, then the user has the priv
+ var result = _.reduce(results, function (memo, priv) {
+ return priv || memo;
+ }, false);
+ console.log(result);
+ if (err || !result) {
+ callback({message: "_insufficientPrivileges"});
+ return;
+ }
+ callback(); // success!
+ });
+ }
});
/**
id: username,
username: X.options.databaseServer.user,
database: database,
- success: function (model, results) {
- // TODO: also check role-granted privileges
- var privCheck = _.find(model.get("grantedPrivileges"), function (model) {
- return model.privilege === "InstallExtension";
- });
- if (privCheck) {
- callback(); // the user has this privilege!
- return;
- }
- // this gets a little dicey: check all the user's roles for the priv, which
- // requires async.map
- var roles = _.map(model.get("grantedUserAccountRoles"), function (grantedRole) {
- return grantedRole.userAccountRole;
- });
- var checkRole = function (roleName, next) {
- var role = new SYS.UserAccountRole();
- role.fetch({
- id: roleName,
- username: X.options.databaseServer.user,
- database: database,
- success: function (roleModel, results) {
- var rolePriv = _.find(roleModel.get("grantedPrivileges"), function (grantedPriv) {
- return grantedPriv.privilege === "InstallExtension";
- });
- next(null, rolePriv);
- }
- });
- };
- async.map(roles, checkRole, function (err, results) {
- // if any of the roles give the priv, then the user has the priv
- var result = _.reduce(results, function (memo, priv) {
- return priv || memo;
- }, false);
- if (err || !result) {
- callback({message: "_insufficientPrivileges"});
- return;
- }
- callback(); // success!
- });
+ success: function (userModel, results) {
+ userModel.checkPrivilege("InstallExtension", database, callback);
},
error: function () {
- callback({message: "_restoreError"});
+ callback({message: "_privilegeCheckError"});
}
});
},