blt/api/policies/is-super-admin.js

/**
 * is-super-admin
 *
 * A simple policy that blocks requests from non-super-admins.
 *
 * For more about how to use policies, see:
 *   https://sailsjs.com/config/policies
 *   https://sailsjs.com/docs/concepts/policies
 *   https://sailsjs.com/docs/concepts/policies/access-control-and-permissions
 */
module.exports = async function (req, res, proceed) {

  // First, check whether the request comes from a logged-in user.
  // > For more about where `req.me` comes from, check out this app's
  // > custom hook (`api/hooks/custom/index.js`).
  if (!req.me) {
    return res.unauthorized();
  }//•

  // Then check that this user is a "super admin".
  if (!req.me.isSuperAdmin) {
    return res.forbidden();
  }//•

  // IWMIH, we've got ourselves a "super admin".
  return proceed();

};
Initial project structure with sails.js 2023-11-21 21:57:32 -05:00			`/**`
			`* is-super-admin`
			`*`
			`* A simple policy that blocks requests from non-super-admins.`
			`*`
			`* For more about how to use policies, see:`
			`* https://sailsjs.com/config/policies`
			`* https://sailsjs.com/docs/concepts/policies`
			`* https://sailsjs.com/docs/concepts/policies/access-control-and-permissions`
			`*/`
			`module.exports = async function (req, res, proceed) {`

			`// First, check whether the request comes from a logged-in user.`
			// > For more about where `req.me` comes from, check out this app's
			// > custom hook (`api/hooks/custom/index.js`).
			`if (!req.me) {`
			`return res.unauthorized();`
			`}//•`

			`// Then check that this user is a "super admin".`
			`if (!req.me.isSuperAdmin) {`
			`return res.forbidden();`
			`}//•`

			`// IWMIH, we've got ourselves a "super admin".`
			`return proceed();`

			`};`