Restrict access to certain subroutes under main route

Question

Restrict access to certain subroutes under main route

Closed this issue 6 years ago · 4 comments

Assume : Following are the 2 routes in express APP:

GET /user/:user_id
GET /user/:user_id/approve

I want to give access to route no 1 to system admin but route no 2 to super admin only. How can I achieve that with this library?

I have version 1.0.0 installed on my system, I reviewed the code of Module. I think, if I will allow GET USER permission to any user, user will be able to access all child routes under user endpoint.

Answer 1 · 2017-01-13T09:40:06.000Z

@techgyani The functionality you are referring to is not possible at the moment but it is something worth looking into. Do you have any suggestion on how we could go about this?

Answer 2 · 2017-01-13T09:56:38.000Z

I dug deeper in express code and I think this is not possible until you write a route middleware. Value of route path comes in route middleware under req.route.path.

Answer 3 · 2017-01-19T20:09:02.000Z

@bhupendra-mp Do you have any suggestion on a way we can approach this problem? I am looking into it but ideas are welcome.

Answer 4 · 2018-03-27T21:27:31.000Z

@techgyani This functionality has been fulfilled on this PR #91