(req)
| 52 | }; |
| 53 | |
| 54 | const checkAccess = (req) => { |
| 55 | let gProject; |
| 56 | return projectController.findById(req.params.project_id) |
| 57 | .then((project) => { |
| 58 | gProject = project; |
| 59 | |
| 60 | if (req.params.connection_id) { |
| 61 | return connectionController.findById(req.params.connection_id); |
| 62 | } |
| 63 | |
| 64 | return teamController.getTeamRole(project.team_id, req.user.id); |
| 65 | }) |
| 66 | .then((data) => { |
| 67 | if (!req.params.connection_id) return Promise.resolve(data); |
| 68 | |
| 69 | if (data.project_id !== gProject.id) { |
| 70 | return new Promise((resolve, reject) => reject(new Error(401))); |
| 71 | } |
| 72 | |
| 73 | return teamController.getTeamRole(gProject.team_id, req.user.id); |
| 74 | }); |
| 75 | }; |
| 76 | |
| 77 | const checkPermissions = (actionType = "readOwn") => { |
| 78 | return async (req, res, next) => { |
no test coverage detected