Check user provider type in authorization expression

In the authorization expression of some function, I’d like to check that the user provider type is not anonymous. In plain javascript, that would be:

context.user.identities[0].provider_type != "anon-user"

How can I achieve the same thing in authorization expression? I don’t know how to access the first element of the array. I tried "%%user.identities.first.providerType"and "%%user.identities[0].providerType" but none of these works.

MongoDB team, any idea? Is that possible or not?

Hi Jean-Baptiste,

Please try using %%user.identities[0].provider_type

You could also make the expression call a function and within the function use context.user.identities[0].provider_type to return the value.

Regards
Manny

I couldn’t get either of these suggestions to work. Both returned "rule not matched for function \"myFunction\"".

In the end I had to add a check in the function body, which is a shame because it results in a 200 response. Works though.

// Check that this is a logged in user (not anon)
function isLocalUser() {
  if (!context.user) return false

  const identities = context.user.identities || []

  const localUserIdentities = identities.filter(
    (i) => i["provider_type"] === "local-userpass"
  )

  const isLocalUser = localUserIdentities.length === 1
  return isLocalUser
}

function myFunction() {
  if (context.functions.execute("isLocalUser") !== true) {
    return { error: "Not authorized" }
  }
  
  return { "foo": "bar }
}