np-dms/lcbp3.np-dms.work
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2e6230e7220dd6be65373790162366f527688474
lcbp3.np-dms.work/backend/src/middleware/requirePerm.js
admin 2e6230e722 first commit
2025-09-21 20:29:15 +07:00

26 lines
881 B
JavaScript
Raw Blame History

// src/middleware/requirePerm.js
import { canPerform } from '../utils/rbac.js';
/**
* requirePerm('correspondence.create', { scope: 'org', getOrgId: req => ... })
* scope: 'global' | 'org' | 'project'
*/
export function requirePerm(permCode, { scope = 'global', getOrgId = null, getProjectId = null } = {}) {
return async (req, res, next) => {
try {
const orgId = getOrgId ? await getOrgId(req) : null;
const projectId = getProjectId ? await getProjectId(req) : null;
if (canPerform(req.principal, permCode, { scope, orgId, projectId })) return next();
return res.status(403).json({
error: 'FORBIDDEN',
message: `Require ${permCode} (${scope}-scoped)`,
});
} catch (e) {
console.error('requirePerm error', e);
res.status(500).json({ error: 'Permission check error' });
}
};
}
Reference in New Issue View Git Blame Copy Permalink