The group class for this instance of Tilmeld.
The user class for this instance of Tilmeld.
Private
alreadyUsed to avoid infinite loop.
The Tilmeld config.
The currently logged in user.
The Nymph instance.
If you will be performing authentication functions (logging in/out), you should set these so Tilmeld can read and write cookies and headers.
If you want the user to be authenticated with the cookie and/or header they provide, you should set at least the request. It's better to set both, so the JWT can be updated if needed.
After you set these, call authenticate()
to read user authentication data
from them and fill the user's session.
If you want to support cookie based authentication (which still requires an XSRF token for security), you should enable the cookie parser middleware.
Private
skipSkip the authenticate step of initialization.
Check for TILMELDAUTH and TILMELDSWITCH tokens, and, if set, authenticate from it/them.
You can also call this function after setting response.locals.user
to the
user you want to authenticate. You should check for user.enabled
before
setting this variable, unless you explicitly want to log in as a disabled
user. (The user must be an instance of the User class for this Tilmeld
instance.)
This function will set response.locals.user
to the logged in user on
successful authentication.
Skip the XSRF token check.
True if a user was authenticated, false on any failure.
Check a UID's permissions for a user.
UID functions on the Node.js side are not checked automatically. This function is only run automatically for UID functions run from the client. You should call this function manually if you're running a UID function on the Node.js side and you want it gated.
This will check the Tilmeld config and the user's abilities.
Whether the current user has at least type
permission for the UID.
Check an entity's permissions for a user.
This will check the AC (Access Control) properties of the entity. These include the following properties:
"acUser" refers to the entity's owner, "acGroup" refers to all users in the entity's group and all ancestor groups, and "acOther" refers to any user who doesn't fit these descriptions.
Each of these properties should be either NO_ACCESS, READ_ACCESS, WRITE_ACCESS, or FULL_ACCESS.
These properties default to:
"acRead", "acWrite", and "acFull" are arrays of users and/or groups that also have those permissions.
Only users with FULL_ACCESS have the ability to change any of the ac*, user, and group properties.
The following conditions will result in different checks, which determine whether the check passes:
The entity to check.
The lowest level of permission to consider a pass.
Optional
user: false | User & UserDataThe user to check permissions for. If null, uses the current user. If false, checks for public access.
Whether the current user has at least type
permission for the entity.
Private
initGenerated using TypeDoc
A user and group system for Nymph.js.
Written by Hunter Perrin for SciActive.
Author
Hunter Perrin [email protected]
Copyright
SciActive Inc
See
http://nymph.io/