Skip to content

Commit bf912ed

Browse files
RubenVerborghRubenVerborgh
committed
Move getPermissionSet into separate method.
1 parent c9b1c0e commit bf912ed

File tree

1 file changed

+24
-17
lines changed

1 file changed

+24
-17
lines changed

lib/acl-checker.js

Lines changed: 24 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -112,30 +112,17 @@ class ACLChecker {
112112
*/
113113
checkAccess (graph, user, mode, resource, accessType, acl, options = {}) {
114114
const debug = this.debug
115-
if (!graph || graph.length === 0) {
116-
debug('ACL ' + acl + ' is empty')
117-
return Promise.reject(new Error('No policy found - empty ACL'))
118-
}
119-
let isContainer = accessType.startsWith('default')
120-
let aclOptions = {
121-
aclSuffix: this.suffix,
122-
graph: graph,
123-
host: options.host,
124-
origin: options.origin,
125-
rdf: rdf,
126-
strictOrigin: this.strictOrigin,
127-
isAcl: uri => this.isAcl(uri),
128-
aclUrlFor: uri => this.aclUrlFor(uri)
129-
}
130-
let acls = new PermissionSet(resource, acl, isContainer, aclOptions)
115+
const isContainer = accessType.startsWith('default')
116+
const acls = this.getPermissionSet(graph, resource, isContainer, acl, options)
117+
131118
return acls.checkAccess(resource, user, mode)
132119
.then(hasAccess => {
133120
if (hasAccess) {
134121
debug(`${mode} access permitted to ${user}`)
135122
return true
136123
} else {
137124
debug(`${mode} access NOT permitted to ${user}` +
138-
aclOptions.strictOrigin ? ` and origin ${options.origin}` : '')
125+
this.strictOrigin ? ` and origin ${options.origin}` : '')
139126
throw new Error('ACL file found but no matching policy found')
140127
}
141128
})
@@ -146,6 +133,26 @@ class ACLChecker {
146133
})
147134
}
148135

136+
// Gets the permission set for the given resource
137+
getPermissionSet (graph, resource, isContainer, acl, options = {}) {
138+
const debug = this.debug
139+
if (!graph || graph.length === 0) {
140+
debug('ACL ' + acl + ' is empty')
141+
throw new Error('No policy found - empty ACL')
142+
}
143+
const aclOptions = {
144+
aclSuffix: this.suffix,
145+
graph: graph,
146+
host: options.host,
147+
origin: options.origin,
148+
rdf: rdf,
149+
strictOrigin: this.strictOrigin,
150+
isAcl: uri => this.isAcl(uri),
151+
aclUrlFor: uri => this.aclUrlFor(uri)
152+
}
153+
return new PermissionSet(resource, acl, isContainer, aclOptions)
154+
}
155+
149156
aclUrlFor (uri) {
150157
if (this.isAcl(uri)) {
151158
return uri

0 commit comments

Comments
 (0)