X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=otf-frontend%2Fserver%2Fsrc%2Ffeathers%2Fhooks%2FcheckPermissions.js;fp=otf-frontend%2Fserver%2Fsrc%2Ffeathers%2Fhooks%2FcheckPermissions.js;h=fb02fa3d581b89313ce1b9a9ff5c25a74921d67d;hb=6f7e46b4562b31f748670be8947d315963240ddd;hp=0000000000000000000000000000000000000000;hpb=f49bd1efeaaddd4891c1f329b18d8cfb28b3e75b;p=it%2Fotf.git

diff --git a/otf-frontend/server/src/feathers/hooks/checkPermissions.js b/otf-frontend/server/src/feathers/hooks/checkPermissions.js
new file mode 100644
index 0000000..fb02fa3
--- /dev/null
+++ b/otf-frontend/server/src/feathers/hooks/checkPermissions.js
@@ -0,0 +1,42 @@
+/*  Copyright (c) 2019 AT&T Intellectual Property.                             #
+#                                                                              #
+#   Licensed under the Apache License, Version 2.0 (the "License");            #
+#   you may not use this file except in compliance with the License.           #
+#   You may obtain a copy of the License at                                    #
+#                                                                              #
+#       http://www.apache.org/licenses/LICENSE-2.0                             #
+#                                                                              #
+#   Unless required by applicable law or agreed to in writing, software        #
+#   distributed under the License is distributed on an "AS IS" BASIS,          #
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
+#   See the License for the specific language governing permissions and        #
+#   limitations under the License.                                             #
+##############################################################################*/
+
+
+module.exports = function () {
+    return async context => {
+		let group = {};
+		if(context.data.parentGroupId){
+			//get the groups from the group service
+			//check if the user is an Admin in the parent group 
+			await context.app.services[context.app.get('base-path') + 'groups']
+			.get(context.data.parentGroupId, context.params)
+			.then( result => {	
+				group = result;
+			});
+			
+			if(group.members){
+				for(let i = 0; i < group.members.length; i++){
+					if(group.members[i].userId.toString() === context.params.user._id.toString()){
+						if(!group.members[i].roles.includes("admin")){
+							throw new Error('Can not create child group. You must be an admin of the parent group.');
+						}
+					}
+				}
+			}else{
+				throw new Error('Can not create child group. You must be an admin of the parent group.');
+			}
+		}
+	}
+}
\ No newline at end of file