Merge branch 'develop' of git://github.com/Pita/etherpad-lite into develop

author: 0ip <me@factor.cc> 2012-04-09 15:10:08 +0200
committer: 0ip <me@factor.cc> 2012-04-09 15:10:08 +0200
commit: 60eea0a3cff5058656913935525bc53d368c78cf (patch)
tree: 64ce00064a955ca4b66cdfc2a2fd60469b030901 /src/node/padaccess.js
parent: 309e3b09942389bd92205fc04d5e73088a30df60 (diff)
parent: 18038ddd5081e052af7ef8fa0c9677826dff61a5 (diff)
download: etherpad-lite-60eea0a3cff5058656913935525bc53d368c78cf.zip
1 files changed, 21 insertions, 0 deletions
diff --git a/src/node/padaccess.js b/src/node/padaccess.js
new file mode 100644
index 00000000..a3d1df33
--- /dev/null
+++ b/src/node/padaccess.js
@@ -0,0 +1,21 @@
+var ERR = require("async-stacktrace");
+var securityManager = require('./db/SecurityManager');
+
+//checks for padAccess
+module.exports = function (req, res, callback) {
+
+  // FIXME: Why is this ever undefined??
+  if (req.cookies === undefined) req.cookies = {};
+
+  securityManager.checkAccess(req.params.pad, req.cookies.sessionid, req.cookies.token, req.cookies.password, function(err, accessObj) {
+    if(ERR(err, callback)) return;
+
+    //there is access, continue
+    if(accessObj.accessStatus == "grant") {
+      callback();
+    //no access
+    } else {
+      res.send("403 - Can't touch this", 403);
+    }
+  });
+}
author	0ip <me@factor.cc>	2012-04-09 15:10:08 +0200
committer	0ip <me@factor.cc>	2012-04-09 15:10:08 +0200
commit	60eea0a3cff5058656913935525bc53d368c78cf (patch)
tree	64ce00064a955ca4b66cdfc2a2fd60469b030901 /src/node/padaccess.js
parent	309e3b09942389bd92205fc04d5e73088a30df60 (diff)
parent	18038ddd5081e052af7ef8fa0c9677826dff61a5 (diff)
download	etherpad-lite-60eea0a3cff5058656913935525bc53d368c78cf.zip