28 lines
612 B
JavaScript
28 lines
612 B
JavaScript
'use strict';
|
|
|
|
|
|
let check = (requiredPermission, actualPermission, res, next) => {
|
|
if (actualPermission >= requiredPermission) {
|
|
return next();
|
|
}
|
|
return res.status(403).send({
|
|
success: false,
|
|
message: 'permission denied',
|
|
});
|
|
};
|
|
|
|
module.exports = {
|
|
checkSql: (req, res, next) => {
|
|
check(1, req.user.permission, res, next);
|
|
},
|
|
checkHl: (req, res, next) => {
|
|
check(2, req.user.permission, res, next);
|
|
},
|
|
checkMT: (req, res, next) => {
|
|
check(3, req.user.permission, res, next);
|
|
},
|
|
checkAdmin: (req, res, next) => {
|
|
check(4, req.user.permission, res, next);
|
|
},
|
|
};
|