filesafe/controllers/permissionController.js

const self = {}

self.permissions = Object.freeze({
  user: 0, // Upload & delete own files, create & delete albums
  vip: 5, // If used with "retentionPeriods" in config, may have additional retention period options
  vvip: 10, // If used with "retentionPeriods" in config, may have additional retention period options
  moderator: 50, // Delete other user's files
  admin: 80, // Manage users (disable accounts) & create moderators
  superadmin: 100 // Create admins
  // Groups will inherit permissions from groups which have lower value
  // You should NOT have multiple groups with exact same values
})

self.keys = Object.freeze(Object.keys(self.permissions))

self.group = user => {
  // root bypass
  if (user.username === 'root') {
    return 'superadmin'
  }
  for (const key of self.keys) {
    if (user.permission === self.permissions[key]) {
      return key
    }
  }
  return null
}

// returns true if user is in the group OR higher
self.is = (user, group) => {
  // root bypass
  if (user.username === 'root') {
    return true
  }
  if (typeof group !== 'string' || !group) {
    return false
  }
  const permission = user.permission || 0
  return permission >= self.permissions[group]
}

self.higher = (user, target) => {
  const userPermission = user.permission || 0
  const targetPermission = target.permission || 0
  return userPermission > targetPermission
}

self.mapPermissions = user => {
  const map = {}
  Object.keys(self.permissions).forEach(group => {
    map[group] = self.is(user, group)
  })
  return map
}

module.exports = self