'use strict';
const _ = require('lodash');
const { BusinessError, ErrorCode } = require('naf-core').Error;
module.exports = options => {
  return async function tenantCheck(ctx, next) {
    const request = ctx.request;
    if (request.method !== 'GET') {
      const tenant = _.get(request, 'header.x-tenant');
      // 该中间只能通过master的权限进行增删改
      if (tenant !== 'master') throw new BusinessError(ErrorCode.ACCESS_DENIED, '您没有访问的权限!');
    }
    await next();
  };
};