Skip to content

Commit d6b70b6

Browse files
bourgeoabourgeoa
committed
accessDeniedForAccessTo()
1 parent e142d78 commit d6b70b6

File tree

1 file changed

+8
-8
lines changed

1 file changed

+8
-8
lines changed

lib/acl-checker.js

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -87,15 +87,18 @@ class ACLChecker {
8787
}
8888
let accessDenied = aclCheck.accessDenied(acl.graph, resource, directory, aclFile, agent, modes, agentOrigin, trustedOrigins, originTrustedModes)
8989

90+
function accessDeniedForAccessTo (mode) {
91+
const accessDeniedAccessTo = aclCheck.accessDenied(acl.graph, directory, null, aclFile, agent, [ACL(mode)], agentOrigin, trustedOrigins, originTrustedModes)
92+
const accessResult = !accessDenied && !accessDeniedAccessTo
93+
accessDenied = accessResult ? false : accessDenied || accessDeniedAccessTo
94+
// debugCache('accessDenied result ' + accessDenied)
95+
}
9096
// For create and update HTTP methods
9197
if ((method === 'PUT' || method === 'PATCH' || method === 'COPY') && directory) {
9298
// if resource and acl have same parent container,
9399
// and resource does not exist, then accessTo Append from parent is required
94100
if (directory.value === dirname(aclFile.value) + '/' && !resourceExists) {
95-
const accessDeniedAccessTo = aclCheck.accessDenied(acl.graph, directory, null, aclFile, agent, [ACL('Append')], agentOrigin, trustedOrigins, originTrustedModes)
96-
const accessResult = !accessDenied && !accessDeniedAccessTo
97-
accessDenied = accessResult ? false : accessDenied || accessDeniedAccessTo
98-
// debugCache('accessDenied result ' + accessDenied)
101+
accessDeniedForAccessTo('Append')
99102
}
100103
}
101104

@@ -104,10 +107,7 @@ class ACLChecker {
104107
// if resource and acl have same parent container,
105108
// then accessTo Write from parent is required
106109
if (directory.value === dirname(aclFile.value) + '/') {
107-
const accessDeniedAccessTo = aclCheck.accessDenied(acl.graph, directory, null, aclFile, agent, [ACL('Write')], agentOrigin, trustedOrigins, originTrustedModes)
108-
const accessResult = !accessDenied && !accessDeniedAccessTo
109-
accessDenied = accessResult ? false : accessDenied || accessDeniedAccessTo
110-
// debugCache('accessDenied result ' + accessDenied)
110+
accessDeniedForAccessTo('Write')
111111
}
112112
}
113113
if (accessDenied && user) {

0 commit comments

Comments
 (0)