shared/rooms/user-can-join-room.js

   1 'use strict';
   2
   3 /*
   4 Some context: It is possible for a non-github user to follow a link to a public
   5 room that doesn't allow non-github users to join. In that case the frontend
   6 must know to not allow the user to join and the backend/API must prevent that
   7 from happening.
   8 */
   9 function userCanJoinRoom(userProviders, troupeProviders) {
  10   // By default (undefined or null or empty array) all providers are allowed
  11   // why all three? Because you might not have set it (undefined) or because it
  12   // came back from the db and got upgraded to an empty array because of the
  13   // new schema
  14   if (!troupeProviders || !troupeProviders.length) {
  15     return true;
  16   }
  17
  18   // To be safe, we assume the user has no identity which is non-sensical, but
  19   // safer than picking one as that will mask bugs.
  20   userProviders = userProviders || [];
  21
  22   // If the user has at least one provider that's allowed, then she can join
  23   // the room.
  24   return userProviders.some(up => {
  25     return troupeProviders.some(tp => {
  26       return up === tp;
  27     });
  28   });
  29 }
  30 module.exports = userCanJoinRoom;