2020-05-11 19:43:17 +00:00
|
|
|
import AbstractAbility from './abstract';
|
2020-01-27 23:19:03 +00:00
|
|
|
import { computed, get } from '@ember/object';
|
2020-05-11 19:43:17 +00:00
|
|
|
import { or } from '@ember/object/computed';
|
2020-01-27 23:19:03 +00:00
|
|
|
|
2020-05-11 19:43:17 +00:00
|
|
|
export default AbstractAbility.extend({
|
2020-01-27 23:19:03 +00:00
|
|
|
// Map abilities to policy options (which are coarse for nodes)
|
|
|
|
|
// instead of specific behaviors.
|
2020-01-31 00:07:43 +00:00
|
|
|
canWrite: or('bypassAuthorization', 'selfTokenIsManagement', 'policiesIncludeNodeWrite'),
|
2020-01-27 23:19:03 +00:00
|
|
|
|
|
|
|
|
policiesIncludeNodeWrite: computed('token.selfTokenPolicies.[]', function() {
|
|
|
|
|
// For each policy record, extract the Node policy
|
|
|
|
|
const policies = (this.get('token.selfTokenPolicies') || [])
|
|
|
|
|
.toArray()
|
|
|
|
|
.map(policy => get(policy, 'rulesJSON.Node.Policy'))
|
|
|
|
|
.compact();
|
|
|
|
|
|
|
|
|
|
// Node write is allowed if any policy allows it
|
|
|
|
|
return policies.some(policy => policy === 'write');
|
|
|
|
|
}),
|
|
|
|
|
});
|
