frodovdr/node-red
1
0
Fork 0
mirror of https://github.com/node-red/node-red.git synced 2025-03-01 10:36:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add needsPermission protection to core nodes

Browse Source
This commit is contained in:
Nick O'Leary
2015-02-06 13:57:15 +00:00
parent d1fe997bf7
commit c7f13e3d0c
6 changed files with 25 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
red/nodes/credentials.js
View File

@@ -17,6 +17,7 @@
var when = require("when");
var log = require("../log");
var needsPermission = require("../api/auth").needsPermission;
var credentialCache = {};
var storage = null;
@@ -27,7 +28,7 @@ var redApp = null;
* Adds an HTTP endpoint to allow look up of credentials for a given node id.
*/
function registerEndpoint(type) {
redApp.get('/credentials/' + type + '/:id', function (req, res) {
redApp.get('/credentials/' + type + '/:id', needsPermission(type+".read"), function (req, res) {
// TODO: This could be a generic endpoint with the type value
// parameterised.
//