moving ownerIsHelloRunnable check into new middleware module/file

Author: cflynn07

lib/middlewares/owner-is-hello-runnable.js

@@ -0,0 +1,26 @@
+'use strict';
+
+var Boom = mw.Boom;
+var User = require('models/mongo/user');
+var createMongooseMiddleware = require('middlewares/create-mongoose-middleware');
+var keypather = require('keypather')();
+var mw = require('dat-middleware');
+
+module.exports = createMongooseMiddleware(User, 'sessionUser', {
+  isHelloRunnable: function (modelKey) {
+    return function (req, res, next) {
+      var model = keypather.get(req, modelKey);
+      var modelGithubId = model.owner.github;
+      var userGithubId = req.sessionUser.accounts.github.id;
+      if (modelGithubId === process.env.HELLO_RUNNABLE_GITHUB_ID) {
+        next();
+      }
+      else if (userGithubId === process.env.HELLO_RUNNABLE_GITHUB_ID) {
+        next();
+      }
+      else {
+        next(Boom.forbidden('Access denied (!owner)', { githubId: modelGithubId }));
+      }
+    };
+  }
+}).isHelloRunnable;

lib/routes/instances/index.js

@@ -11,6 +11,7 @@ var flow = require('middleware-flow');
 var mw = require('dat-middleware');
 
 var me = require('middlewares/me');
+var ownerIsHelloRunnable = require('middlewares/owner-is-hello-runnable');
 var mongoMiddlewares = require('middlewares/mongo');
 var instances = mongoMiddlewares.instances;
 //var users = mongoMiddlewares.users;
@@ -263,7 +264,7 @@ app.get('/instances/',
   mw.query('owner.github').mapValues(transformations.toInt).number(),
   flow.or(
     me.isOwnerOf('query'),
-    me.isHelloRunnable('query')
+    ownerIsHelloRunnable('query')
   ),
   instances.find('query'),
   timers.model.startTimer('getGithubUsername'),
@@ -596,7 +597,7 @@ app.post('/instances/:id/actions/copy',
   findInstance,
   flow.or(
     me.isOwnerOf('instance'),
-    me.isHelloRunnable('instance'),
+    ownerIsHelloRunnable('instance'),
     me.isModerator),
   mw.body('owner.github').require().then(
     mw.body('owner.github').number(),