* 身份验证 * @param {*} id type对应的id * @param {*} type enum[interface, project, group] * @param {*} action enum[ danger, edit, view ] danger只有owner或管理员才能操作,edit只要是dev或以上就能执行
(id, type, action)
| 295 | * @param {*} action enum[ danger, edit, view ] danger只有owner或管理员才能操作,edit只要是dev或以上就能执行 |
| 296 | */ |
| 297 | async checkAuth(id, type, action) { |
| 298 | let role = await this.getProjectRole(id, type); |
| 299 | |
| 300 | if (action === 'danger') { |
| 301 | if (role === 'admin' || role === 'owner') { |
| 302 | return true; |
| 303 | } |
| 304 | } else if (action === 'edit') { |
| 305 | if (role === 'admin' || role === 'owner' || role === 'dev') { |
| 306 | return true; |
| 307 | } |
| 308 | } else if (action === 'view') { |
| 309 | if (role === 'admin' || role === 'owner' || role === 'dev' || role === 'guest') { |
| 310 | return true; |
| 311 | } |
| 312 | } |
| 313 | return false; |
| 314 | } |
| 315 | } |
| 316 | |
| 317 | module.exports = baseController; |
no test coverage detected