userInRoles method
Implementation
Future<Response?> userInRoles(Request req, user, List<String> roles) async {
if (user == null) {
return await HttpResponseSender.sendError(
req,
UnauthorizedException(null, 'NOT_SIGNED',
'User must be signed in to perform this operation')
.withStatus(401));
} else {
var authorized = false;
for (var role in roles) {
authorized = authorized || user.roles[role] != null;
}
if (!authorized) {
return await HttpResponseSender.sendError(
req,
UnauthorizedException(
null,
'NOT_IN_ROLE',
'User must be ' +
roles.join(' or ') +
' to perform this operation')
.withDetails('roles', roles)
.withStatus(403));
}
}
}