@@ -12,18 +12,18 @@ module.exports = class AccessUtils {
12
12
this . options = _defaults ( { } , options , {
13
13
userModel : 'User' ,
14
14
roleModel : 'Role' ,
15
- accessGroupModel : 'AccessGroup' ,
16
15
groupModel : 'Group' ,
17
- accessGroups : [
16
+ groupAccessModel : 'GroupAccess' ,
17
+ groupRoles : [
18
18
'$group:admin' ,
19
19
'$group:member'
20
20
]
21
21
} ) ;
22
22
// Default the foreignKey to the group model name + Id.
23
23
this . options . foreignKey = this . options . foreignKey || `${ this . options . groupModel . toLowerCase ( ) } Id` ;
24
24
25
- // Validate the format of options.accessGroups ($group:[role]).
26
- this . options . accessGroups . forEach ( name => {
25
+ // Validate the format of options.groupRoles ($group:[role]).
26
+ this . options . groupRoles . forEach ( name => {
27
27
if ( ! this . isValidPrincipalId ( name ) ) {
28
28
throw new Error ( '$name is an invalid access group name.' ) ;
29
29
}
@@ -38,7 +38,7 @@ module.exports = class AccessUtils {
38
38
* Register a dynamic role resolver for each defined access group.
39
39
*/
40
40
setupRoleResolvers ( ) {
41
- this . options . accessGroups . forEach ( accessGroup => {
41
+ this . options . groupRoles . forEach ( accessGroup => {
42
42
this . setupRoleResolver ( accessGroup ) ;
43
43
} ) ;
44
44
}
@@ -137,7 +137,7 @@ module.exports = class AccessUtils {
137
137
const modelClass = this . app . models [ modelName ] ;
138
138
139
139
// TODO: Should we allow the access group model to be treated as a group content model too?
140
- if ( modelName === this . options . accessGroupModel ) {
140
+ if ( modelName === this . options . groupAccessModel ) {
141
141
return ;
142
142
}
143
143
@@ -177,7 +177,7 @@ module.exports = class AccessUtils {
177
177
}
178
178
179
179
// Otherwise lookup from the datastore.
180
- this . app . models [ this . options . accessGroupModel ] . find ( {
180
+ this . app . models [ this . options . groupAccessModel ] . find ( {
181
181
where : {
182
182
userId
183
183
}
@@ -263,7 +263,7 @@ module.exports = class AccessUtils {
263
263
Role . registerResolver ( accessGroup , ( role , context , cb ) => {
264
264
const currentUserId = context . accessToken . userId ;
265
265
const roleName = this . extractRoleName ( role ) ;
266
- const AccessGroup = this . app . models [ this . options . accessGroupModel ] ;
266
+ const GroupAccess = this . app . models [ this . options . groupAccessModel ] ;
267
267
const scope = { } ;
268
268
269
269
// Do not allow anonymous users.
@@ -289,12 +289,12 @@ module.exports = class AccessUtils {
289
289
const conditions = { userId : currentUserId , role : roleName } ;
290
290
291
291
conditions [ this . options . foreignKey ] = currentGroupId ;
292
- actions . push ( AccessGroup . count ( conditions ) ) ;
292
+ actions . push ( GroupAccess . count ( conditions ) ) ;
293
293
294
294
// If this is an attempt to save the item into a new group, check the user has access to the target group.
295
295
if ( targetGroupId && targetGroupId !== currentGroupId ) {
296
296
conditions [ this . options . foreignKey ] = targetGroupId ;
297
- actions . push ( AccessGroup . count ( conditions ) ) ;
297
+ actions . push ( GroupAccess . count ( conditions ) ) ;
298
298
}
299
299
300
300
return actions ;
0 commit comments