(team_id, integration_id, user, teamAccess, integrationAccess)
| 7 | const teamController = new TeamController(); |
| 8 | |
| 9 | const checkAccess = (team_id, integration_id, user, teamAccess, integrationAccess) => { |
| 10 | return teamController.getTeamRole(team_id, user.id) |
| 11 | .then((teamRole) => { |
| 12 | const permission = accessControl.can(teamRole.role)[teamAccess]("team"); |
| 13 | if (!permission.granted) { |
| 14 | return new Promise((resolve, reject) => reject(new Error(401))); |
| 15 | } |
| 16 | |
| 17 | if (integration_id) { |
| 18 | const integrationPermission = accessControl.can(teamRole.role)[integrationAccess]("integration"); |
| 19 | if (!integrationPermission.granted) { |
| 20 | return new Promise((resolve, reject) => reject(new Error(401))); |
| 21 | } |
| 22 | } |
| 23 | |
| 24 | return teamRole; |
| 25 | }); |
| 26 | }; |
| 27 | // ---------------------------------------------- |
| 28 | |
| 29 | /* |
no test coverage detected