clean up country restrictions to read from jwt

ThomasKranitsas · ThomasKranitsas · commit 9b627eab89d8 · 2022-04-12T12:15:21.000+03:00
diff --git a/app-routes.js b/app-routes.js
@@ -45,20 +45,15 @@ module.exports = (app) => {
           }
         })
 
-        if (def.forbiddenCountries) {
-          actions.push(async (req, res, next) => {
-            if (req.authUser.isMachine) {
-              next()
+        if (def.blockByIp) {
+          actions.push((req, res, next) => {
+            req.authUser.blockIP = _.find(req.authUser, (value, key) => {
+              return (key.indexOf('blockIP') !== -1)
+            })
+            if (req.authUser.blockIP) {
+              throw new errors.ForbiddenError('Access denied')
             } else {
-              try {
-                const user = await helper.getMemberById(_.toInteger(req.authUser.userId))
-                if (!user || _.intersection([user.homeCountryCode, user.competitionCountryCode], def.forbiddenCountries).length > 0) {
-                  throw new errors.ForbiddenError('Access denied')
-                }
-                next()
-              } catch (e) {
-                next()
-              }
+              next()
             }
           })
         }
diff --git a/config/default.js b/config/default.js
@@ -68,25 +68,5 @@ module.exports = {
   RESOURCE_ROLE_CREATE_TOPIC: process.env.RESOURCE_ROLE_CREATE_TOPIC || 'challenge.action.resource.role.create',
   RESOURCE_ROLE_UPDATE_TOPIC: process.env.RESOURCE_ROLE_UPDATE_TOPIC || 'challenge.action.resource.role.update',
 
-  AUTOMATED_TESTING_NAME_PREFIX: process.env.AUTOMATED_TESTING_NAME_PREFIX || 'POSTMANE2E-',
-
-  FORBIDDEN_COUNTRIES: [
-    'Iran',
-    'North Korea',
-    'Cuba',
-    'Sudan',
-    'Syria',
-    'Belarus',
-    'Russia',
-    'Russian Federation'
-  ],
-  FORBIDDEN_COUNTRIES_ALPHA_3: [
-    'IRN',
-    'PRK',
-    'CUB',
-    'SDN', 'SSD', // (south sudan)
-    'SYR',
-    'BLR',
-    'RUS'
-  ]
+  AUTOMATED_TESTING_NAME_PREFIX: process.env.AUTOMATED_TESTING_NAME_PREFIX || 'POSTMANE2E-'
 }
diff --git a/src/routes.js b/src/routes.js
@@ -4,9 +4,7 @@
 
 const constants = require('../app-constants')
 const {
-  SCOPES: { READ, CREATE, DELETE, UPDATE, ALL },
-  FORBIDDEN_COUNTRIES,
-  FORBIDDEN_COUNTRIES_ALPHA_3
+  SCOPES: { READ, CREATE, DELETE, UPDATE, ALL }
 } = require('config')
 
 module.exports = {
@@ -25,7 +23,7 @@ module.exports = {
       auth: 'jwt',
       access: [constants.UserRoles.Admin, constants.UserRoles.Copilot, constants.UserRoles.Manager, constants.UserRoles.User],
       scopes: [CREATE, ALL],
-      forbiddenCountries: [...FORBIDDEN_COUNTRIES, ...FORBIDDEN_COUNTRIES_ALPHA_3]
+      blockByIp: true
     },
     delete: {
       controller: 'ResourceController',
