42 строки
1.2 KiB
TypeScript
42 строки
1.2 KiB
TypeScript
//
|
|
// Copyright (c) Microsoft.
|
|
// Licensed under the MIT license. See LICENSE file in the project root for full license information.
|
|
//
|
|
|
|
// This is a Microsoft-specific piece of middleware.
|
|
|
|
import { NextFunction, Response } from 'express';
|
|
|
|
import { ReposAppRequest } from '../../interfaces';
|
|
|
|
export function AuthorizeOnlyFullTimeEmployeesAndInterns(
|
|
req: ReposAppRequest,
|
|
res: Response,
|
|
next: NextFunction
|
|
) {
|
|
const individualContext = req.individualContext;
|
|
if (!individualContext.corporateIdentity || !individualContext.corporateIdentity.username) {
|
|
return next(new Error('This resource is only available to authenticated users.'));
|
|
}
|
|
if (isEmployeeOrIntern(individualContext.corporateIdentity.username)) {
|
|
return next();
|
|
}
|
|
return next(
|
|
new Error(
|
|
`This resource is only available to full-time employees and interns at this time. Username: ${individualContext.corporateIdentity.username}`
|
|
)
|
|
);
|
|
}
|
|
|
|
export function isEmployeeOrIntern(upn: string): boolean {
|
|
if (!upn) {
|
|
return false;
|
|
}
|
|
upn = upn.toLowerCase();
|
|
const dashIndex = upn.indexOf('-');
|
|
if (dashIndex < 0 || upn.startsWith('t-')) {
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|