api/utils/rights

Module for validation functions that manage access rights to application data. Divided in parts access for Global Admins, Admins and Users.

Source:

Methods

(static) dbUserHasAccessToCollection(params, collection, callback) → {function}

Source:

Check user has access to collection

Parameters:
Name Type Description
params object

params object

collection string

collection will be checked for access

callback function

callback method includes boolean variable as argument

Returns:

returns callback

Type
function

(static) validateGlobalAdmin(params, callback, callbackParam) → {Promise}

Source:

Validate user for global admin access by api_key (required parameter for the request). User must exist, must not be locked, must pass plugin validation (if any) and have global admin access. If user does not pass validation, it outputs error to request. In case validation passes, provided callback is called. Additionally populates params with member information.

Parameters:
Name Type Description
params params

params object

callback function

function to call only if validation passes

callbackParam any

parameter to pass to callback function (params is automatically passed to callback function, no need to include that)

Returns:

promise

Type
Promise

(static) validateUser(params, callback, callbackParam) → {Promise}

Source:

Basic user validation by api_key (required parameter for the request), mostly used for custom validation afterwards (like multi app access). User must exist, must not be locked and must pass plugin validation (if any). If user does not pass validation, it outputs error to request. In case validation passes, provided callback is called. Additionally populates params with member information.

Parameters:
Name Type Description
params params

params object

callback function

function to call only if validation passes

callbackParam any

parameter to pass to callback function (params is automatically passed to callback function, no need to include that)

Returns:

promise

Type
Promise

(static) validateUserForRead(params, callback, callbackParam) → {Promise}

Source:

Validate user for read access by api_key for provided app_id (both required parameters for the request). User must exist, must not be locked, must pass plugin validation (if any) and have at least user access to the provided app (which also must exist). If user does not pass validation, it outputs error to request. In case validation passes, provided callback is called. Additionally populates params with member information and app information.

Parameters:
Name Type Description
params params

params object

callback function

function to call only if validation passes

callbackParam any

parameter to pass to callback function (params is automatically passed to callback function, no need to include that)

Returns:

promise

Type
Promise

(static) validateUserForWrite(params, callback, callbackParam) → {Promise}

Source:

Validate user for write access by api_key for provided app_id (both required parameters for the request). User must exist, must not be locked, must pass plugin validation (if any) and have at least admin access to the provided app (which also must exist). If user does not pass validation, it outputs error to request. In case validation passes, provided callback is called. Additionally populates params with member information and app information.

Parameters:
Name Type Description
params params

params object

callback function

function to call only if validation passes

callbackParam any

parameter to pass to callback function (params is automatically passed to callback function, no need to include that)

Returns:

promise

Type
Promise

(inner) dbLoadEventsData(params, apps, callback)

Source:

Get events data A helper function for db access check

Parameters:
Name Type Description
params object

params object

apps array

array with each element being app document

callback function

callback method

(inner) validate_token_if_exists(params) → {Promise}

Source:

Validate if token exists and is not expired(uzing authorize.js)

Parameters:
Name Type Description
params object

params

Properties
Name Type Description
qstring.auth_token string

authentication token

req.headers.countly-token string

{string} authentication token

fullPath string

current full path

Returns:

promise

Type
Promise

(inner) wrapCallback(params, callback, callbackParam, func) → {Promise}

Source:

Wrap callback using promise

Parameters:
Name Type Description
params params

params object

callback function

function to call only if validation passes

callbackParam any

parameter to pass to callback function

func function

promise function

Returns:

promise

Type
Promise