Made multiple role checking

Author: RichardJECooke

complete-application/routes/index.js

@@ -6,11 +6,11 @@ router.get('/', function (req, res, next) {
   res.render('index', { title: 'Express' });
 });
 
-router.post('/panic', hasRole('teller'), function (req, res, next) {
+router.post('/panic', hasRole(['teller']), function (req, res, next) {
   res.send("We've called the police!");
 });
 
-router.get('/make-change', hasRole('customer'), function (req, res, next) {
+router.get('/make-change', hasRole(['customer', 'teller']), function (req, res, next) {
   const amount = req.query.total;
   const result = { total: 0, nickels: 0, pennies: 0};
   result.total = Math.trunc(parseFloat(amount)*100)/100;

complete-application/services/hasRole.js

@@ -1,11 +1,11 @@
 const jose = require('jose');
 
-function hasRole(role) {
+function hasRole(roles) {
   return (req, res, next) => {
     const decodedToken = jose.decodeJwt(req.cookies['app.at']);
-    if (decodedToken.roles.includes(role)) return next();
+    if (roles.some((role) => decodedToken.roles.includes(role))) return next();
     res.status(500);
-    res.send({ error: `You do not have the ${role} role.` });
+    res.send({ error: `You do not have a role with permissions to do this.` });
   }
 }