Fix issue where extendedusertype was applied to any further profiles (#2

) * Fix issue where extendedusertype was applied to any further profiles creating issues as of re-formatting from json while it was already parsed * Increment version for next release
CoderDojo · Dec 14, 2016 · 2930ec1 · 2930ec1
1 parent 4e4e61d
commit 2930ec1
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 18 deletions.
diff --git a/lib/check_permissions.js b/lib/check_permissions.js
@@ -26,6 +26,7 @@ function checkPermissions (args, cb) {
   var origin = args.role;
   var rules = seneca.permConfig[origin];
   var httpErr = {};
+  var extendedUserTypes = [];
 
   function getProfilesByActName (waterfallCb) {
     var profiles = {};
@@ -34,7 +35,7 @@ function checkPermissions (args, cb) {
   }
 
   //  TODO : error msg with multiple profiles
-  function checkProfiles(profiles, waterfallCb) {
+  function checkProfiles (profiles, waterfallCb) {
     if(_.isEmpty(profiles)){
       //  Not define = public call
       seneca.log.debug('No rule defined for this call');
@@ -53,17 +54,17 @@ function checkPermissions (args, cb) {
    * The validity is global to every check, while the error is passed as callback of every check
    * @param  {Object} profile    Instance of an act profile containing minimal status to use this act
    */
-  function checkValidity(profile, validityCb) {
+  function checkValidity (profile, validityCb) {
     var actions = [];
     var allowed = true; // This is a local validity to each rule/profile
 
-    if(profile.role) actions.push(isRoleAllowed);
-    if(profile.extendedUserTypes) actions.push(getAssociatedUserTypes);
-    if(profile.userType) actions.push(isUserTypeAllowed);
-    if(profile.customValidator) actions.push(applyCustomValidator);
+    if (profile.role) actions.push(isRoleAllowed);
+    if (profile.extendedUserTypes) actions.push(getAssociatedUserTypes);
+    if (profile.userType) actions.push(isUserTypeAllowed);
+    if (profile.customValidator) actions.push(applyCustomValidator);
 
     user = args.user ? args.user : {roles: ['none']} ;
-    async.waterfall(actions, function(err, validities){
+    async.waterfall(actions, function (err, validities) {
       // We can't return err as httpErr because if one of the profiles fails, it stops the other possible profiles tests
       return validityCb(null, allowed);
     });
@@ -97,21 +98,22 @@ function checkPermissions (args, cb) {
         status: 403
       };
       var profileDepth = getTreeDepth(permissions.userTypeHierarchy, profile.userType);
+      var userTypes = profile.extendedUserTypes ? extendedUserTypes : user.initUserType;
 
-      if(!_.isObject(user.initUserType)){
-        var initType = JSON.parse(user.initUserType);
-        if( initType.name ){
-          user.initUserType = [initType.name];
+      if (!_.isObject(userTypes)) {
+        var initType = JSON.parse(userTypes);
+        if (initType.name){
+          userTypes = [initType.name];
         }
-      }else if(!_.isArray(user.initUserType)){
-        user.initUserType = _.keys(user.initUserType);
+      } else if (!_.isArray(userTypes)) {
+        userTypes = _.keys(userTypes);
       }
-      var userRoleDepth = getHighestTreeMatch(permissions.userTypeHierarchy, _.toArray(user.initUserType));
+      var userRoleDepth = getHighestTreeMatch(permissions.userTypeHierarchy, _.toArray(userTypes));
 
       if (profileDepth >= userRoleDepth.value) {
         allowed = allowed && true;
         httpErr = null;
-      }else {
+      } else {
         allowed = false;
       }
 
@@ -128,7 +130,7 @@ function checkPermissions (args, cb) {
               userTypes.push(userType);
             });
           });
-          user.initUserType = _.uniq(userTypes);
+          extendedUserTypes = _.uniq(userTypes);
           return done(err);
       });
     }
@@ -184,7 +186,7 @@ function checkPermissions (args, cb) {
       }
       //  Flatten our object (lodash doesn't support flattening of object, only arrays)
       var tempTree = {};
-      _.each(_.keys(localTree), function(key) {
+      _.each(_.keys(localTree), function (key) {
          _.merge(tempTree, localTree[key]);
       });
       localTree = tempTree ;

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "cp-permissions-plugin",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "Handle permissions of users with a configuration-oriented behavior",
   "main": "index.js",
   "repository": {