-
Notifications
You must be signed in to change notification settings - Fork 157
Expand file tree
/
Copy pathcheckUserPushPermission.ts
More file actions
73 lines (61 loc) · 2.29 KB
/
checkUserPushPermission.ts
File metadata and controls
73 lines (61 loc) · 2.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
import { Action, Step } from '../../actions';
import { getUsers, isUserPushAllowed } from '../../../db';
// Execute if the repo is approved
const exec = async (req: any, action: Action): Promise<Action> => {
const step = new Step('checkUserPushPermission');
const userEmail = action.userEmail;
if (!userEmail) {
step.setError('Push blocked: User not found. Please contact an administrator for support.');
action.addStep(step);
step.error = true;
return action;
}
return await validateUser(userEmail, action, step);
};
/**
* Helper that validates the user's push permission.
* This can be used by other actions that need it.
* @param {string} userEmail The user to validate
* @param {Action} action The action object
* @param {Step} step The step object
* @return {Promise<Action>} The action object
*/
const validateUser = async (userEmail: string, action: Action, step: Step): Promise<Action> => {
let isUserAllowed = false;
// Find the user associated with this email address
const list = await getUsers({ email: userEmail });
if (list.length > 1) {
step.error = true;
step.log(`Multiple users found with email address ${userEmail}, ending`);
step.log(
`Multiple Users have email <${userEmail}> so we cannot uniquely identify the user, ending`,
);
step.setError(
`Your push has been blocked (there are multiple users with email ${action.userEmail})`,
);
action.addStep(step);
return action;
} else if (list.length == 0) {
step.log(`No user with email address ${userEmail} found`);
} else {
isUserAllowed = await isUserPushAllowed(action.url, list[0].username);
}
step.log(`User ${userEmail} permission on Repo ${action.url} : ${isUserAllowed}`);
if (!isUserAllowed) {
step.log('User not allowed to Push');
step.error = true;
step.log(`User ${userEmail} is not allowed to push on repo ${action.url}, ending`);
step.setError(
`Your push has been blocked (${action.userEmail} ` +
`is not allowed to push on repo ` +
`${action.url})`,
);
action.addStep(step);
return action;
}
step.log(`User ${userEmail} is allowed to push on repo ${action.url}`);
action.addStep(step);
return action;
};
exec.displayName = 'checkUserPushPermission.exec';
export { exec, validateUser };