'use strict';


let check = (requiredPermission, actualPermission, res, next) => {
  if (actualPermission >= requiredPermission) {
    return next();
  }
  return res.status(403).send({
    success: false,
    message: 'permission denied',
  });
};

module.exports = {
  checkSql: (req, res, next) => {
    check(1, req.user.permission, res, next);
  },
  checkHl: (req, res, next) => {
    check(2, req.user.permission, res, next);
  },
  checkMT: (req, res, next) => {
    check(3, req.user.permission, res, next);
  },
  checkAdmin: (req, res, next) => {
    check(4, req.user.permission, res, next);
  },
};