ssebro · March 26, 2015 17:38
diff --git a/extended_dsl+auth_as_add-on_middleware.js b/extended_dsl+auth_as_add-on_middleware.js
 'use strict';

 var Joi = require('joi');

 //##OPTION A: authorization as add-on middleware
 module.exports = function (harvestApp, mustbeConfig) {

    var harvestApp = harvestApp
        .resource('category', {
            name: Joi.string().required().description('a name'),
            links: {
                foo: 'foo'
            }
        });


    mustbeConfig.activities(function (activities) {

        activities.can("category.get", permission('category.get'));
        activities.can("category.mutate", function (identity, params, cb) {
            // do some logic
            cb(null, true);
        });
    });

    var authorizeCategoryGet = mustbe.authorized("category.get");
    var authorizeCategoryMutate = mustbe.authorized("category.mutate");

    var customJoiValidationSchema = {query: {myAwesomeParam: Joi.string().required().description('My awesome parameter')}};
    
    harvestApp
        .validate({post:customJoiSchema})
        //.validate() only needed when you want to override/augment defaults
        .addMiddleware({
            get:[authorizeCategoryGet],
            getById:[authorizeCategoryGet],
            getChangeEventsStreaming:[authorizeCategoryGet],
            delete:[authorizeCategoryMutate, beforeDelete]})
        .swagger({get:{summary: 'all the lovely categories by id'}});
        //.swagger()  only needed when you want to override standard swagger spec
        
    function beforeDelete(req, res, next) {
        // do some checks with req.
        if ('untouchable'===req.body.categories[0].name) {
            next(new harvester.JSONAPI_Err({status: 400, detail: 'untouchable category'}));
        } else {
            next();
        }
    }


 };
	'use strict';

	var Joi = require('joi');

	//##OPTION A: authorization as add-on middleware
	module.exports = function (harvestApp, mustbeConfig) {

	var harvestApp = harvestApp
	.resource('category', {
	name: Joi.string().required().description('a name'),
	links: {
	foo: 'foo'
	}
	});


	mustbeConfig.activities(function (activities) {

	activities.can("category.get", permission('category.get'));
	activities.can("category.mutate", function (identity, params, cb) {
	// do some logic
	cb(null, true);
	});
	});

	var authorizeCategoryGet = mustbe.authorized("category.get");
	var authorizeCategoryMutate = mustbe.authorized("category.mutate");

	var customJoiValidationSchema = {query: {myAwesomeParam: Joi.string().required().description('My awesome parameter')}};

	harvestApp
	.validate({post:customJoiSchema})
	//.validate() only needed when you want to override/augment defaults
	.addMiddleware({
	get:[authorizeCategoryGet],
	getById:[authorizeCategoryGet],
	getChangeEventsStreaming:[authorizeCategoryGet],
	delete:[authorizeCategoryMutate, beforeDelete]})
	.swagger({get:{summary: 'all the lovely categories by id'}});
	//.swagger() only needed when you want to override standard swagger spec

	function beforeDelete(req, res, next) {
	// do some checks with req.
	if ('untouchable'===req.body.categories[0].name) {
	next(new harvester.JSONAPI_Err({status: 400, detail: 'untouchable category'}));
	} else {
	next();
	}
	}


	};