MCPcopy Index your code
hub / github.com/share/sharedb / setupOpMiddleware

Function setupOpMiddleware

test/middleware.js:242–264  ·  view source on GitHub ↗
(backend)

Source from the content-addressed store, hash-verified

240
241 describe('access control', function() {
242 function setupOpMiddleware(backend) {
243 backend.use('apply', function(request, next) {
244 request.priorAccountId = request.snapshot.data && request.snapshot.data.accountId;
245 next();
246 });
247 backend.use('commit', function(request, next) {
248 var accountId = (request.snapshot.data) ?
249 // For created documents, get the accountId from the document data
250 request.snapshot.data.accountId :
251 // For deleted documents, get the accountId from before
252 request.priorAccountId;
253 // Store the accountId for the document on the op for efficient access control
254 request.op.accountId = accountId;
255 next();
256 });
257 backend.use('op', function(request, next) {
258 if (request.op.accountId === request.agent.accountId) {
259 return next();
260 }
261 var err = {message: 'op accountId does not match', code: 'ERR_OP_READ_FORBIDDEN'};
262 return next(err);
263 });
264 }
265
266 it('is possible to cache add additional top-level fields on ops for access control', function(done) {
267 setupOpMiddleware(this.backend);

Callers 1

middleware.jsFile · 0.85

Calls 1

nextFunction · 0.85

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…