#31 - Support non admin roles

callmekatootie · callmekatootie · commit db7a85669a18 · 2020-08-06T19:42:26.000+05:30
diff --git a/src/common/es-helper.js b/src/common/es-helper.js
@@ -1042,7 +1042,11 @@ async function searchElasticSearch (resource, ...args) {
   }
 
   // for non-admin, only return entities that the user created
-  if (authUser.roles && !checkIfExists(authUser.roles, [appConst.UserRoles.admin, appConst.UserRoles.administrator])) {
+  if (
+    authUser.roles &&
+    !checkIfExists(authUser.roles, appConst.AdminUser) &&
+    !checkIfExists(authUser.roles, [appConst.UserRoles.ubahn])
+  ) {
     setFilterValueToEsQuery(esQuery, 'createdBy', getAuthUser(authUser), 'createdBy')
   }
 
@@ -1197,7 +1201,11 @@ async function searchUsers (authUser, filter, params) {
   }
 
   // for non-admin, only return entities that the user created
-  if (authUser.roles && !checkIfExists(authUser.roles, [appConst.UserRoles.admin, appConst.UserRoles.administrator])) {
+  if (
+    authUser.roles &&
+    !checkIfExists(authUser.roles, appConst.AdminUser) &&
+    !checkIfExists(authUser.roles, [appConst.UserRoles.ubahn])
+  ) {
     setFilterValueToEsQuery(esQuery, 'createdBy', getAuthUser(authUser), 'createdBy')
   }
 
diff --git a/src/common/service-helper.js b/src/common/service-helper.js
@@ -267,7 +267,11 @@ function getServiceMethods (Model, createSchema, patchSchema, searchSchema, buil
 
     // user token
     // for non-admin users, this endpoint will only return entities that the user has created.
-    if (auth.roles && !checkIfExists(auth.roles, [appConst.UserRoles.admin, appConst.UserRoles.administrator])) {
+    if (
+      auth.roles &&
+      !checkIfExists(auth.roles, appConst.AdminUser) &&
+      !checkIfExists(auth.roles, [appConst.UserRoles.ubahn])
+    ) {
       dbQueries.push(`${Model.tableName}.createdBy = '${getAuthUser(auth)}'`)
     }
     const items = await models.DBHelper.find(Model, dbQueries)

Original file line number	Diff line number	Diff line change
`@@ -1042,7 +1042,11 @@ async function searchElasticSearch (resource, ...args) {`
`1042`	`1042`	`}`
`1043`	`1043`
`1044`	`1044`	`// for non-admin, only return entities that the user created`
`1045`		`- if (authUser.roles && !checkIfExists(authUser.roles, [appConst.UserRoles.admin, appConst.UserRoles.administrator])) {`
	`1045`	`+ if (`
	`1046`	`+ authUser.roles &&`
	`1047`	`+ !checkIfExists(authUser.roles, appConst.AdminUser) &&`
	`1048`	`+ !checkIfExists(authUser.roles, [appConst.UserRoles.ubahn])`
	`1049`	`+ ) {`
`1046`	`1050`	`setFilterValueToEsQuery(esQuery, 'createdBy', getAuthUser(authUser), 'createdBy')`
`1047`	`1051`	`}`
`1048`	`1052`
`@@ -1197,7 +1201,11 @@ async function searchUsers (authUser, filter, params) {`
`1197`	`1201`	`}`
`1198`	`1202`
`1199`	`1203`	`// for non-admin, only return entities that the user created`
`1200`		`- if (authUser.roles && !checkIfExists(authUser.roles, [appConst.UserRoles.admin, appConst.UserRoles.administrator])) {`
	`1204`	`+ if (`
	`1205`	`+ authUser.roles &&`
	`1206`	`+ !checkIfExists(authUser.roles, appConst.AdminUser) &&`
	`1207`	`+ !checkIfExists(authUser.roles, [appConst.UserRoles.ubahn])`
	`1208`	`+ ) {`
`1201`	`1209`	`setFilterValueToEsQuery(esQuery, 'createdBy', getAuthUser(authUser), 'createdBy')`
`1202`	`1210`	`}`
`1203`	`1211`