async = require('async')
winston = require('winston')
misc = require('smc-util/misc')
{defaults, required} = misc
user_is_in_project_group = (opts) ->
opts = defaults opts,
project_id : required
account_id : undefined
account_groups : undefined
groups : required
database : required
cb : required
dbg = (m) -> winston.debug("user_is_in_project_group -- #{m}")
dbg()
if not opts.account_id?
dbg("not logged in, so for now we just say 'no' -- this may change soon.")
opts.cb(undefined, false)
return
access = false
async.series([
(cb) ->
dbg("check if admin or in appropriate group -- #{misc.to_json(opts.account_groups)}")
if opts.account_groups? and 'admin' in opts.account_groups
access = true
cb()
else
opts.database.user_is_in_project_group
project_id : opts.project_id
account_id : opts.account_id
groups : opts.groups
cb : (err, x) ->
access = x
cb(err)
(cb) ->
if access
cb()
else if opts.account_groups?
cb()
else
opts.database.get_account
columns : ['groups']
account_id : opts.account_id
cb : (err, r) ->
if err
cb(err)
else
access = 'admin' in (r['groups'] ? [])
cb()
], (err) ->
dbg("done with tests -- now access=#{access}, err=#{err}")
opts.cb(err, access)
)
exports.user_has_write_access_to_project = (opts) ->
opts.groups = ['owner', 'collaborator']
user_is_in_project_group(opts)
exports.user_has_read_access_to_project = (opts) ->
opts.groups = ['owner', 'collaborator', 'viewer']
user_is_in_project_group(opts)