Node.js NodeJS+；使用自定义ACL路由

我是nodeJS的新手。我对路线有意见

SiteRoutes.js

module.exports = (app, express) => {
    const router = express.Router();
    const Globals = require("../../configs/Globals");
    const SiteController = require("../controllers/SiteController") ;
    router.post('/changeStateSite', Globals.isAdminAuthorised, (req, res, next) => {
        const siteObj = new SiteController().boot(req, res);
        return siteObj.statusSite();
    });
    app.use(config.baseApiUrl, router);
}

static async isAdminAuthorised(req, res, next) {
  // checking the role. currently only admin  role consider so we have set a static role as a admin.
}

Globle.js

module.exports = (app, express) => {
    const router = express.Router();
    const Globals = require("../../configs/Globals");
    const SiteController = require("../controllers/SiteController") ;
    router.post('/changeStateSite', Globals.isAdminAuthorised, (req, res, next) => {
        const siteObj = new SiteController().boot(req, res);
        return siteObj.statusSite();
    });
    app.use(config.baseApiUrl, router);
}

static async isAdminAuthorised(req, res, next) {
  // checking the role. currently only admin  role consider so we have set a static role as a admin.
}

现在，

Globals.isAdminauthorized

用于ACL，但我需要在该函数中传递自定义用户角色，如

Globals.isAdminauthorized（['admin'，'customer']）

，那么我该怎么做呢

当我传递相同的消息时，抛出如下错误：

---

请帮我一个忙。

您可以使该中间件成为一个函数，返回带有

（req，res，next）

签名的处理函数，因此基本上它将该数组作为一个参数

// e.g roles is that array that you can pass to do authorization logic based on that
static async isAdminAuthorised(roles) {
   return function (req, res, next) {
    // check if the roles are included in that array for example or whatever...
  }
}

然后你可以在你的路由器里执行这个功能，就像你在上面写的那样

router.post('/changeStateSite', Globals.isAdminAuthorised(['admin', 'customer']), (req, res, next) => {...}

选中此项：