AccessValidator.prototype.validate = function()

in source/resources/access-validator/access-validator.js [56:112]

• 47 lines of code
• 13 McCabe index (conditional complexity)

    AccessValidator.prototype.validate = function(packageId, ticket, operation, cb) {
        if (isOpenOperation(operation)) {
            return cb(null, {code: 200, message: "Open Operation"});
        }

        let params = {
            TableName: ddbTable.packages,
            Key: {
                package_id: packageId
            }
        };

        let docClient = new AWS.DynamoDB.DocumentClient(dynamoConfig);
        docClient.get(params, function(err, data) {

            if (err) {
                console.log(err);
                return cb({code: 502, message: "Failed to validade if the user permission."}, null);
            }

            else if ( ticket.auth_status != 'authorized' || _.isEmpty(data) || (data.Item.deleted && !canValidadeAccessToDeletedPackage(operation)) ) {
                let message = "Failed to validade if the user permission. Check if the package exists and if you are authorized to access it.";
                console.log(new Error(message));
                return cb({code: 404, message: message}, null);
            }

            else {
                let isAdmin = (ticket.role.toLowerCase() == 'admin');
                let isPackageOwner = (data.Item.owner == ticket.userid);

                if (isAdmin || isPackageOwner) {
                    return cb(null, data);

                } else if (canValidadeAccessByUserGroups(operation)) {
                    AccessValidator.prototype.getUserGroups(ticket.userid, function(err, userGroupData) {
                        if (!err) {
                            let packageGoups = (data.Item.groups) ? data.Item.groups : [];
                            let userGroups = userGroupData.Groups.map(group => group.GroupName);

                            if (_.intersection(packageGoups, userGroups).length > 0) {
                                return cb(null, data);
                            }
                        }

                        let message = "Failed to validade if the user permission. Check if the package exists and if you are authorized to access it.";
                        console.log(new Error(message));
                        return cb({code: 401, message: message}, null);
                    });

                } else {
                    let message = "Failed to validade if the user permission. Check if the package exists and if you are authorized to access it.";
                    console.log(new Error(message));
                    return cb({code: 401, message: message}, null);
                }
            }
        });
    };