Express.js/Mongoose user roles and permissions

Question

I am creating a fairly simple site with Node, Express and Mongoose. The site needs to have have user roles and permissions. My thoughts are that i\'ll validate permissions based

Answer 1

Yes, you can access that through the request argument.

app.use(function(req,res,next){
     console.log(req.method);
});

http://nodejs.org/api/http.html#http_message_method

Edit:

Misread your question. It would probably just be better to assign user permissions and allow access to the database based upon the permissions. I don't understand what you mean by validate by means of interaction with the database. If you are already allowing them to interact with the database and they don't have the proper permissions to do so, isn't that a security issue?