Role-ACL: Cannot read property ‘granted’ of undefined

  javascript, koa

I’m using the package ‘role-acl’ for Javascript as a Uni exercise to grant any admin user the possibility to access all records of all users from a MySQL database.
The issue arises when I pass a user object to readAll, which grants the user the ability to access the records if its role is admin in the DB.
The result of this function is bound to the variable permission, which should have a property granted, to show if the user has permission for said action or not.

readAll function::

ac.grant('admin').execute('read').on('user');
ac.grant('admin').execute('read').on('users');
ac.grant('admin').execute('update').on('user');
ac.grant('admin').condition({Fn: 'NOT_EQUALS', args:
    {'requester':'$.owner'}}).execute('delete').on('user');

exports.readAll = requester => {
    ac.can(requester.role).execute('read').sync().on('users');
}

Router to get all users:

router.get('/', auth, async (ctx) => {
    console.log(ctx.state.user);
    const permission = can.readAll(ctx.state.user);
    console.log(permission);
    if(!permission.granted) {
        ctx.status = 403;
    } else {
        const result = await model.getAll();
        if(result.length) {
            ctx.body = result;
        }
    }
});

Source: Ask Javascript Questions

LEAVE A COMMENT