1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
/**
* Module dependencies
*/
var mongoose = require('mongoose')
, Schema = mongoose.Schema;
/**
* Schema
*
* Permissions:
* 3 = normal
* 6 = admin
* 9 = owner
* These permissions are set in steps of three, in case
* we need to add more permissions later.
*/
var AccessSchema = new Schema({
user: { type: Schema.ObjectId, ref: 'User' },
creator: { type: Schema.ObjectId, ref: 'User' },
project: { type: Schema.ObjectId, ref: 'Project' },
permissions: { type: Number, default: '3' },
created: { type: Date, default: Date.now },
updated: { type: Date, default: Date.now }
});
// the four validations below only apply if you are signing up traditionally
AccessSchema.statics = {
/**
* Load ALL accesses for a single user
*
* @param {ObjectId} id
* @param {Function} callback
* @api private
*/
loadUser: function(id, callback) {
this.find({ user: id })
.populate('project')
.sort({ 'created': -1 }) // sort by date
.exec(callback);
},
/**
* Check to see if user has access to a particular project
*
* @param {ObjectId} user
* @param {ObjectId} project
* @param {Number} permissisons
* @param {Function} callback
* @api private
*/
checkAccess: function(user, project, permissions, callback) {
if (typeof(permissions) === 'undefined') permissions = 0;
console.log('inni checkPermissions!')
this.findOne({ user: user })
.where('project').equals(project)
.where('permissions').gte(permissions)
.exec(callback);
}
}
mongoose.model('Access', AccessSchema);
|
