Merge branch 'dev-auth0' into dev

Author: mtwomey

src/middlewares/checkRole.js

@@ -12,8 +12,9 @@ const util = require('tc-core-library-js').util(config);
 
 module.exports = function defineCheckRole(roleName) {
   return function checkRoleMiddleware(req, res, next) {
-    if (!req.authUser || !Array.isArray(req.authUser.roles) ||
-      req.authUser.roles.indexOf(roleName) === -1) {
+    const roles = req.authUser ? util.getRoles(req.authUser) : null;
+    if (!Array.isArray(roles) ||
+      roles.indexOf(roleName) === -1) {
       return res.status(403)
         .json(util.wrapErrorResponse(req.id, 403, 'You are not allowed to perform this action.'));
     }

src/routes/projects/update.js

@@ -99,7 +99,7 @@ const validateUpdates = (existingProject, updatedProps, authUser) => {
       //   }
   }
   if (_.has(updatedProps, 'directProjectId') &&
-  _.intersection(authUser.roles, [USER_ROLE.MANAGER, USER_ROLE.TOPCODER_ADMIN]).length === 0) {
+  _.intersection(util.getRoles(authUser), [USER_ROLE.MANAGER, USER_ROLE.TOPCODER_ADMIN]).length === 0) {
     errors.push('Don\'t have permission to update \'directProjectId\' property');
   }
 

src/util.js

@@ -69,7 +69,7 @@ _.assignIn(util, {
    * @return {boolean}      true/false
    */
   hasRole: (req, role) => {
-    let roles = _.get(req, 'authUser.roles', []);
+    let roles = req.authUser ? util.getRoles(req.authUser) : [];
     roles = roles.map(s => s.toLowerCase());
     return _.indexOf(roles, role.toLowerCase()) >= 0;
   },