1
00:00:00,210 --> 00:00:00,630
Beautiful.

2
00:00:00,840 --> 00:00:04,050
So how do we set up check permissions functionality?

3
00:00:04,420 --> 00:00:11,250
Well, like I mentioned, previous video Well, check for user I.D. God is available on Iraq, that

4
00:00:11,250 --> 00:00:15,750
user that is coming with our authentication maneuver.

5
00:00:16,610 --> 00:00:22,430
And then we'll compare it to instance, Marco's job and created by.

6
00:00:23,000 --> 00:00:26,570
But before we start typing away, let me mention two things.

7
00:00:26,660 --> 00:00:31,640
First of all, yes, we can check it right here in the video.

8
00:00:32,119 --> 00:00:35,990
And essentially, if they don't match, we go with an authorized error.

9
00:00:36,320 --> 00:00:42,470
And then what we need to keep in mind that we won't essentially trigger dysfunctionality.

10
00:00:42,920 --> 00:00:46,610
So if we check for machines and by the way, I need to move this up.

11
00:00:46,880 --> 00:00:50,870
And if we trigger the error, then reverse moron.

12
00:00:51,410 --> 00:00:52,820
That's the entire point.

13
00:00:53,300 --> 00:00:57,920
Now, even though we can do it directly in the there job.

14
00:00:58,430 --> 00:01:02,480
Well, we also might want to use it in different controllers, correct?

15
00:01:02,660 --> 00:01:05,269
Now, because that is going to be the lead job controller.

16
00:01:06,150 --> 00:01:12,390
And since that's the case, we might as well set up a separate function now, second control we need

17
00:01:12,390 --> 00:01:20,310
to be aware of is the fact that user I.D. will be strong and job created by will be an object.

18
00:01:20,940 --> 00:01:27,270
So if you just compare them like show, then it's not going to make any sense.

19
00:01:27,840 --> 00:01:29,460
Essentially, the functionality won't work.

20
00:01:29,850 --> 00:01:31,590
And just to quickly showcase that.

21
00:01:32,550 --> 00:01:39,360
I'll grab both of these ones, and I'll set it up in jobs controller just so I can see that I'm not

22
00:01:39,360 --> 00:01:40,320
making this up again.

23
00:01:40,650 --> 00:01:47,670
Make sure that you move the truck permissions up because we want to do that before we actually update

24
00:01:47,670 --> 00:01:48,150
the job.

25
00:01:48,540 --> 00:01:51,930
So let's go back to the postman and let's send it.

26
00:01:52,290 --> 00:01:59,010
And now I'm not really bothered about the response when I want to see here is the council and notice.

27
00:01:59,010 --> 00:02:06,390
Like I said, first one will be a string and the second one will be an object and therefore cannot compare

28
00:02:06,390 --> 00:02:09,880
them flat out like I showcased in the room.

29
00:02:10,259 --> 00:02:14,970
Where we want to do is turn the created by into a string.

30
00:02:15,300 --> 00:02:19,230
But before we go any further, let's also set up our function.

31
00:02:19,350 --> 00:02:25,260
So I already know that the name will be checked permissions if we take a look at the read me.

32
00:02:25,740 --> 00:02:29,310
And essentially, we want to go with UTOS folder.

33
00:02:29,490 --> 00:02:35,220
We want to create check permissions that we want to import in the jobs controller.

34
00:02:35,580 --> 00:02:41,130
And the functionality is going to look something like this where we want to grab this unauthorized error

35
00:02:41,730 --> 00:02:42,780
from the errors.

36
00:02:43,300 --> 00:02:48,090
And this function is going to be looking for two things for the entire user object.

37
00:02:48,540 --> 00:02:50,700
And I'll talk about it in a second.

38
00:02:51,000 --> 00:02:55,500
And also the resource meaning an archives job user ID.

39
00:02:56,640 --> 00:03:00,840
And then why we're looking for the entire object, because again, you might have a situation where

40
00:03:00,840 --> 00:03:07,860
you have the admin, if you are comparing there is not going to make much sense since the admin did

41
00:03:07,860 --> 00:03:14,160
not create the resource, but admin should be able to update or delete the resource and therefore it

42
00:03:14,160 --> 00:03:17,120
will check for the entire user object and in there.

43
00:03:17,130 --> 00:03:23,040
If the role is happening, then we simply return, which means that we proceed with the functionality.

44
00:03:23,460 --> 00:03:32,520
And if the I.D. does not match to whatever we have in a resource turned into a string, then we throw

45
00:03:32,520 --> 00:03:33,030
the error.

46
00:03:33,360 --> 00:03:36,540
Hopefully this functionality is again, we don't have the admin.

47
00:03:36,810 --> 00:03:44,000
This is just a showcase why we're grabbing the entire user object instead of just the user I.D..

48
00:03:44,490 --> 00:03:48,660
So if they match, we return from the function and we proceed.

49
00:03:49,170 --> 00:03:53,070
We proceed with our functionality, which is updating the job horror.

50
00:03:53,460 --> 00:03:58,170
If they don't match, then we throw the error.

51
00:03:59,010 --> 00:04:02,880
So let's start working on that and I'm going to go with your folder.

52
00:04:03,450 --> 00:04:06,880
I'm looking for utils in this case, utils.

53
00:04:07,360 --> 00:04:08,880
And let's go here.

54
00:04:09,390 --> 00:04:10,830
Let's say check.

55
00:04:11,910 --> 00:04:13,050
Permissions.

56
00:04:14,150 --> 00:04:18,529
Jess Start are just setting up the functionality.

57
00:04:18,920 --> 00:04:26,840
I guess I'm going to go with my error first, so that is equal to from online and we want to go one

58
00:04:26,840 --> 00:04:27,350
level up.

59
00:04:27,890 --> 00:04:33,490
I want to go to errors and remember we need to go with index jazz then as far as the function set up

60
00:04:33,500 --> 00:04:34,270
concert and.

61
00:04:34,760 --> 00:04:35,240
Check.

62
00:04:36,050 --> 00:04:36,760
Permissions.

63
00:04:37,850 --> 00:04:40,040
Like I said, I'm going to look for a request.

64
00:04:40,850 --> 00:04:42,050
Request user.

65
00:04:42,500 --> 00:04:45,290
So I want to get the entire thing Quest user.

66
00:04:45,530 --> 00:04:52,580
Com Online resource user and I.D. cards is going to be the name of my primer.

67
00:04:52,970 --> 00:04:57,830
And for the time being, I'm just going to return since I first want to pass them in just so I can see

68
00:04:58,040 --> 00:04:58,730
what is happening.

69
00:04:59,150 --> 00:05:07,600
Now I have a issue here with the syntax, so I've missed it and now let's explore that and export default.

70
00:05:08,120 --> 00:05:12,310
And we're looking for check permissions, not serve it.

71
00:05:12,320 --> 00:05:14,840
And now we want to go back through the jumps controller.

72
00:05:15,390 --> 00:05:19,160
And I think I'll try to do that with auto import where?

73
00:05:20,110 --> 00:05:25,960
I'm going to leave the council just for a second, just so I can grab both of these properties here,

74
00:05:26,260 --> 00:05:30,820
and then let's go check permissions and let's see whether we have just one.

75
00:05:30,830 --> 00:05:35,320
It looks like everything worked and now we want to pass in those two things.

76
00:05:35,320 --> 00:05:40,160
Like I said, we want to pass in the entire user object, right?

77
00:05:40,180 --> 00:05:44,620
That user and yes, technically in our case, we could pass the I.D., but I already covered.

78
00:05:44,800 --> 00:05:47,350
Why would you want to pass in the entire user object?

79
00:05:47,350 --> 00:05:54,280
Because then of course, you can check for the rolls as well, and then we will go with job online created

80
00:05:54,580 --> 00:05:55,210
and then by.

81
00:05:55,510 --> 00:05:59,590
So what is that resource user ID?

82
00:06:00,690 --> 00:06:07,230
When we invoke it, and if everything is correct, shouldn't get any errors, but in this case, I do

83
00:06:07,230 --> 00:06:11,900
have on authorized error is not coming from errors and in.

84
00:06:12,990 --> 00:06:16,230
So does not provide expert name on authorized error.

85
00:06:16,500 --> 00:06:18,000
So let me double check my errors.

86
00:06:18,900 --> 00:06:20,310
Let's see where I went wrong.

87
00:06:20,310 --> 00:06:22,470
So I'm going to go over here.

88
00:06:22,470 --> 00:06:24,000
Two errors index.

89
00:06:24,810 --> 00:06:27,740
And yep, it is on authenticated error.

90
00:06:27,750 --> 00:06:28,530
My apologies.

91
00:06:29,130 --> 00:06:30,630
I'm going to go back over here.

92
00:06:31,630 --> 00:06:35,110
And let's copy and paste and now everything should work.

93
00:06:35,290 --> 00:06:36,790
So let's go back to the postman.

94
00:06:37,030 --> 00:06:43,360
And if everything is correct and if I have the exclamation point, then we still have the functionality

95
00:06:43,360 --> 00:06:43,840
in place.

96
00:06:44,380 --> 00:06:49,510
So at the moment, what we're simply doing, we're just invoking check permissions.

97
00:06:49,780 --> 00:06:51,760
And if we return from this function?

98
00:06:52,000 --> 00:06:52,480
Awesome.

99
00:06:53,150 --> 00:06:59,740
Now, if there's going to be our will for all year, so we'll never get to this update job one.

100
00:07:00,250 --> 00:07:08,170
And as far as the functionality, well, here I'll just start by checking whether the user ID is equal

101
00:07:08,170 --> 00:07:14,020
to a resource user ID, turn into strength and then let's throw the error again.

102
00:07:14,020 --> 00:07:15,400
I'm not going to add the admin.

103
00:07:15,580 --> 00:07:18,370
The admin functionality is already in the read me.

104
00:07:18,670 --> 00:07:20,870
So let's set up our condition where I'm going to go.

105
00:07:21,070 --> 00:07:22,120
Request the user.

106
00:07:22,240 --> 00:07:31,720
Remember that is rec user when I'm looking for user ID and I'm checking if it matches the resource user

107
00:07:31,720 --> 00:07:34,150
I.D. But we need to turn this into a string.

108
00:07:34,630 --> 00:07:35,950
Otherwise, they'll never match.

109
00:07:36,100 --> 00:07:39,910
And then you all the time have the unauthorized error.

110
00:07:40,240 --> 00:07:44,560
So if they match, we return, so we proceed updating the research.

111
00:07:45,760 --> 00:07:50,920
Now I can remove the third one from here, and then let's just say throw new.

112
00:07:51,460 --> 00:07:58,630
And we're looking for an authorized error or my apologies unauthenticated and that will say not.

113
00:08:00,030 --> 00:08:06,030
Authorized to access the truth, and once we have this functionality in place, if everything is correct.

114
00:08:06,600 --> 00:08:10,530
Back in our post, we should get back to 401.

115
00:08:10,890 --> 00:08:11,790
So it's solid.

116
00:08:12,310 --> 00:08:17,760
And what do you know now I have 401 and not authorized to access this drug.

117
00:08:18,180 --> 00:08:24,180
So in this way, we can set up the permissions where we check the user I.D. on that user, which is

118
00:08:24,180 --> 00:08:32,309
again coming from our middleware and to see whether it matches to the resource user I.D. turn into the

119
00:08:32,309 --> 00:08:32,700
string.

120
00:08:33,150 --> 00:08:35,730
If it does, then everything is great.

121
00:08:36,120 --> 00:08:40,440
We update the job and the next example delayed the jump.

122
00:08:40,860 --> 00:08:45,720
If not, then we throw the error and the response is for a one.