Function hasPermissionForUserResource

  • hasPermissionForUserResource(config, targetField, logger, context): Promise<StatusCodes>

  • Has permission for user resource validator

    Parameters

    • config: {
          authSecrets: AuthSecrets;
          authenticate: AuthenticationFunction;
      }

      injected config use to handle authentication

      • authSecrets: AuthSecrets
      • authenticate: AuthenticationFunction
    • targetField: TargetField

      injected targetField use to get userId

    • logger: Logger

      injected logger use to handle logging

    • context: AdapterHandlerContext

      request context [headers, body, params, query].

    Returns Promise<StatusCodes>

    200 Status OK

    Description

    This validator checks if the user has permission to access the user resource by applying the following steps in sequence:

    1. Get userId from targetField context

    2. Authenticate user

    3. Check if user is app or user is the same as userId

    Throws

    400 NBError Bad Request

    • userId have to be specified in ${targetField.type} ${targetField.name}

    Throws

    401 NBError Unauthorized

    • authenticate error

    Throws

    403 NBError Forbidden

    • User don't have a permission to access to user resource

Settings

Member Visibility

Theme

Generated using TypeDoc