yuuza/outline
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
07a941a65d5b33c97f2dd74812327699a89a7215
outline/server/policies/apiKey.js
Tom Moor 83f32be6f7 Add missing authorization on views endpoints 
Updated ApiKeys authorization to match elsewhere
2018-02-18 10:56:56 -08:00

15 lines
256 B
JavaScript
Raw Blame History

// @flow
import policy from './policy';
import { ApiKey, User } from '../models';
const { allow } = policy;
allow(User, 'create', ApiKey);
allow(
User,
['read', 'update', 'delete'],
ApiKey,
(user, apiKey) => user && user.id === apiKey.userId
);
Reference in New Issue View Git Blame Copy Permalink