How to use the boom.forbidden function in boom
To help you get started, we’ve selected a few boom examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
JKHeadley / appy-backend / server / policies / connectionAuth.js View on Github 
.then(function (result) {
// EXPL: Only the primary user and those with root permissions can update the connection
if (userId === result.primaryUser.toString() || request.auth.credentials.scope.includes('root')) {
return next(null, true);
}
else {
return next(Boom.forbidden("Not primary user."), false);
}
})
}error: Boom.forbidden('No Write Access'),
type: 'dbValue',
method: server.db.threads.getBoardWriteAccess,
args: [threadId, server.plugins.acls.getUserPriority(auth)]
});
// is requester active
var active = server.authorization.build({
error: Boom.forbidden('Account Not Active'),
type: 'isActive',
server: server,
userId: userId
});
// Check that user isn't banned from this board
var notBannedFromBoard = server.authorization.common.isNotBannedFromBoard(Boom.forbidden('You are banned from this board'), server, userId, { threadId: threadId });
// can create poll / ownership
var ownerCond = [
{
// Permission based override
error: Boom.badRequest('not admin'),
type: 'hasPermission',
server: server,
auth: auth,
permission: 'threads.createPoll.bypass.owner.admin'
},
{
// is board moderator
error: Boom.badRequest('not mod'),
type: 'isMod',
method: server.db.moderators.isModeratorWithThreadId,type: 'dbValue',
method: server.db.posts.getPostsBoardInBoardMapping,
args: [postId, server.plugins.acls.getUserPriority(auth)]
});
// write board
var write = server.authorization.build({
error: Boom.forbidden('No Write Access'),
type: 'dbValue',
method: server.db.posts.getBoardWriteAccess,
args: [postId, server.plugins.acls.getUserPriority(auth)]
});
// -- is User Account Active
var active = server.authorization.build({
error: Boom.forbidden('Account Not Active'),
type: 'isActive',
server: server,
userId: userId
});
// final promise
return Promise.all([allowed, owner, deleted, read, write, tLocked, pLocked, active]);
};promise = Promise.join(refPriority, authedPriority, samePriority, lowerPriority, function(referenced, current, same, lower) {
var result = Boom.forbidden('You don\'t have permission to remove the roles from ' + refUsername);
// lower and same are both false, forbidden
if (!same && !lower) { return result; }
// current has same or higher priority than referenced
else if (same && current <= referenced) { result = true; }
// current has higher priority than referenced
else if (lower && current < referenced) { result = true; }
return result;
});
}server.plugins.security.getUser(request).then(function (user) {
// todo: server.log not work here ,why?
server.log(["warn", "onPreHandler事件: user.index"], user);
if(user.index != '*' && index_name != user.index) {
// server.log(["warn", "onPreHandler事件"], "==============索引不匹配==========");
return reply(Boom.forbidden("无权访问"));
}else{
return reply.continue();
}
}, _.flow(wrapError, reply));private async ensureAuthorizedGlobally(action: string, method: string, forbiddenMessage: string) {
const checkPrivileges = this.authorization!.checkPrivilegesWithRequest(this.request);
const { username, hasAllRequested } = await checkPrivileges.globally(action);
if (hasAllRequested) {
this.auditLogger.spacesAuthorizationSuccess(username, method);
return;
} else {
this.auditLogger.spacesAuthorizationFailure(username, method);
throw Boom.forbidden(forbiddenMessage);
}
}return user.getPermissions(pipeline.scmUri).then((permissions) => {
if (!permissions.admin) {
throw boom.forbidden(`User ${username} `
+ 'is not an admin of this repo');
}
if (token.pipelineId !== pipeline.id) {
throw boom.forbidden('Pipeline does not own token');
}
return token.refresh()
.then((refreshed) => {
reply(refreshed.toJson()).code(200);
});
});
})function isAllowed(server, auth) {
return server.authorization.build({
error: Boom.forbidden(),
type: 'hasPermission',
server: server,
auth: auth,
permission: 'users.update.allow'
});
}const onInvalidAccessToken = (request, reply) => {
const clientId = get(request, 'query.client_id') || get(request, 'payload.client_id');
const redirectUri = get(request, 'query.redirect_uri') || get(request, 'payload.redirect_uri');
if (clientId && redirectUri) {
provider.Client.find(clientId).then(client => {
if (!client) {
return reply(Boom.notFound('Client not found'));
}
if (client.redirectUris.indexOf(request.query.redirect_uri) < 0) {
return reply(Boom.forbidden('redirect_uri not in whitelist'));
} else {
return reply.redirect(`${redirectUri}?error=unauthorized&error_description=invalid access token`);
}
});
} else {
return reply(Boom.forbidden('invalid access token'));
}
};
Popular boom functions
- boom.badData
- boom.badGateway
- boom.badImplementation
- boom.badRequest
- boom.boomify
- boom.conflict
- boom.create
- boom.forbidden
- boom.gatewayTimeout
- boom.internal
- boom.isBoom
- boom.methodNotAllowed
- boom.notAcceptable
- boom.notFound
- boom.notImplemented
- boom.preconditionFailed
- boom.serverUnavailable
- boom.unauthorized
- boom.wrap
- boom