MCPcopy Index your code
hub / github.com/nodeSolidServer/node-solid-server / allow

Function allow

lib/handlers/allow.mjs:4–79  ·  view source on GitHub ↗
(mode)

Source from the content-addressed store, hash-verified

2// import debug from '../debug.mjs'
3
4export default function allow (mode) {
5 return async function allowHandler (req, res, next) {
6 const ldp = req.app.locals.ldp || {}
7 if (!ldp.webid) {
8 return next()
9 }
10
11 // Set up URL to filesystem mapping
12 const rootUrl = ldp.resourceMapper.resolveUrl(req.hostname)
13
14 // Determine the actual path of the request
15 // (This is used as an ugly hack to check the ACL status of other resources.)
16 let resourcePath = res && res.locals && res.locals.path
17 ? res.locals.path
18 : req.path
19
20 // Check whether the resource exists
21 let stat
22 try {
23 const ret = await ldp.exists(req.hostname, resourcePath)
24 stat = ret.stream
25 } catch (err) {
26 stat = null
27 }
28
29 // Ensure directories always end in a slash
30 if (!resourcePath.endsWith('/') && stat && stat.isDirectory()) {
31 resourcePath += '/'
32 }
33
34 const trustedOrigins = [ldp.resourceMapper.resolveUrl(req.hostname)].concat(ldp.trustedOrigins)
35 if (ldp.multiuser) {
36 trustedOrigins.push(ldp.serverUri)
37 }
38 // Obtain and store the ACL of the requested resource
39 const resourceUrl = rootUrl + resourcePath
40 // Ensure the user has the required permission
41 const userId = req.session.userId
42 try {
43 req.acl = ACL.createFromLDPAndRequest(resourceUrl, ldp, req)
44
45 // if (resourceUrl.endsWith('.acl')) mode = 'Control'
46 const isAllowed = await req.acl.can(userId, mode, req.method, stat)
47 if (isAllowed) {
48 return next()
49 }
50 } catch (error) { next(error) }
51 if (mode === 'Read' && (resourcePath === '' || resourcePath === '/')) {
52 // This is a hack to make NSS check the ACL for representation that is served for root (if any)
53 // See https://github.com/solid/node-solid-server/issues/1063 for more info
54 const representationUrl = `${rootUrl}/index.html`
55 let representationPath
56 try {
57 representationPath = await ldp.resourceMapper.mapUrlToFile({ url: representationUrl })
58 } catch (err) {
59 }
60
61 // We ONLY want to do this when the HTML representation exists

Callers 3

LdpMiddlewareFunction · 0.85
hasReadPermissionsFunction · 0.85

Calls 7

resolveUrlMethod · 0.80
existsMethod · 0.80
canMethod · 0.80
mapUrlToFileMethod · 0.80
isOwnerMethod · 0.80
getErrorMethod · 0.80

Tested by

no test coverage detected