30 lines
899 B
JavaScript
30 lines
899 B
JavaScript
"use strict";
|
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
exports.defineAbilityFor = defineAbilityFor;
|
|
const ability_1 = require("@casl/ability");
|
|
function defineAbilityFor(role) {
|
|
const { can, cannot, build } = new ability_1.AbilityBuilder(ability_1.createMongoAbility);
|
|
switch (role) {
|
|
case 'owner':
|
|
can('manage', 'all');
|
|
break;
|
|
case 'admin':
|
|
can('manage', 'all');
|
|
cannot('delete', 'Organization');
|
|
cannot('manage', 'License');
|
|
can('read', 'License');
|
|
break;
|
|
case 'member':
|
|
can('create', ['Session', 'Finding', 'Report']);
|
|
can('read', 'all');
|
|
can('update', 'Finding');
|
|
break;
|
|
case 'viewer':
|
|
can('read', 'all');
|
|
break;
|
|
default:
|
|
break;
|
|
}
|
|
return build();
|
|
}
|