streaper2/maaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

prettier fixes #16

Browse Source
This commit is contained in:
Michael Dausmann
2023-10-24 21:18:03 +11:00
parent dc9d64ebf5
commit a7f8c37f99
56 changed files with 1706 additions and 935 deletions
Download Patch File Download Diff File Expand all files Collapse all files

119
server/trpc/trpc.ts
View File

@@ -7,7 +7,7 @@
* @see https://trpc.io/docs/v10/router
* @see https://trpc.io/docs/v10/procedures
*/
import { initTRPC, TRPCError } from '@trpc/server'
import { initTRPC, TRPCError } from '@trpc/server';
import { Context } from './context';
import { ACCOUNT_ACCESS } from '~~/prisma/account-access-enum';
import superjson from 'superjson';
@@ -15,7 +15,7 @@ import { AccountLimitError } from '~~/lib/services/errors';
const t = initTRPC.context<Context>().create({
transformer: superjson,
errorFormatter: (opts)=> {
errorFormatter: opts => {
const { shape, error } = opts;
if (!(error.cause instanceof AccountLimitError)) {
return shape;
@@ -26,10 +26,10 @@ const t = initTRPC.context<Context>().create({
...shape.data,
httpStatus: 401,
code: 'UNAUTHORIZED'
},
}
};
}
})
});
/**
* auth middlewares
@@ -40,58 +40,97 @@ const isAuthed = t.middleware(({ next, ctx }) => {
}
return next({
ctx: {
user: ctx.user,
},
user: ctx.user
}
});
});
const isMemberWithAccessesForActiveAccountId = (access: ACCOUNT_ACCESS[]) =>
t.middleware(({ next, ctx }) => {
if (!ctx.dbUser || !ctx.activeAccountId) {
throw new TRPCError({
code: 'UNAUTHORIZED',
message: 'no user or active account information was found'
});
}
const activeMembership = ctx.dbUser.memberships.find(
membership => membership.account_id == ctx.activeAccountId
);
const isMemberWithAccessesForActiveAccountId = (access: ACCOUNT_ACCESS[]) => t.middleware(({ next, ctx }) => {
if (!ctx.dbUser || !ctx.activeAccountId) {
throw new TRPCError({ code: 'UNAUTHORIZED', message: 'no user or active account information was found' });
}
const activeMembership = ctx.dbUser.memberships.find(membership => membership.account_id == ctx.activeAccountId);
console.log(
`isMemberWithAccessesForActiveAccountId(${access}) activeMembership?.access:${activeMembership?.access}`
);
console.log(`isMemberWithAccessesForActiveAccountId(${access}) activeMembership?.access:${activeMembership?.access}`);
if (!activeMembership) {
throw new TRPCError({
code: 'UNAUTHORIZED',
message: `user is not a member of the active account`
});
}
if(!activeMembership) {
throw new TRPCError({ code: 'UNAUTHORIZED', message:`user is not a member of the active account` });
}
if (activeMembership.pending) {
throw new TRPCError({
code: 'UNAUTHORIZED',
message: `membership ${activeMembership?.id} is pending approval`
});
}
if(activeMembership.pending) {
throw new TRPCError({ code: 'UNAUTHORIZED', message:`membership ${activeMembership?.id} is pending approval` });
}
if (access.length > 0 && !access.includes(activeMembership.access)) {
throw new TRPCError({
code: 'UNAUTHORIZED',
message: `activeMembership ${activeMembership?.id} has insufficient access (${activeMembership?.access})`
});
}
if(access.length > 0 && !access.includes(activeMembership.access)) {
throw new TRPCError({ code: 'UNAUTHORIZED', message:`activeMembership ${activeMembership?.id} has insufficient access (${activeMembership?.access})` });
}
return next({ ctx });
});
return next({ ctx });
});
export const isAccountWithFeature = (feature: string) => t.middleware(({ next, ctx }) => {
if (!ctx.dbUser || !ctx.activeAccountId) {
throw new TRPCError({ code: 'UNAUTHORIZED' });
}
const activeMembership = ctx.dbUser.memberships.find(membership => membership.account_id == ctx.activeAccountId);
export const isAccountWithFeature = (feature: string) =>
t.middleware(({ next, ctx }) => {
if (!ctx.dbUser || !ctx.activeAccountId) {
throw new TRPCError({ code: 'UNAUTHORIZED' });
}
const activeMembership = ctx.dbUser.memberships.find(
membership => membership.account_id == ctx.activeAccountId
);
console.log(`isAccountWithFeature(${feature}) activeMembership?.account.features:${activeMembership?.account.features}`);
if(!activeMembership?.account.features.includes(feature)){
throw new TRPCError({ code: 'UNAUTHORIZED', message: `Account does not have the ${feature} feature` });
}
return next({ ctx });
});
console.log(
`isAccountWithFeature(${feature}) activeMembership?.account.features:${activeMembership?.account.features}`
);
if (!activeMembership?.account.features.includes(feature)) {
throw new TRPCError({
code: 'UNAUTHORIZED',
message: `Account does not have the ${feature} feature`
});
}
return next({ ctx });
});
/**
* Procedures
**/
export const publicProcedure = t.procedure;
export const protectedProcedure = t.procedure.use(isAuthed);
export const memberProcedure = protectedProcedure.use(isMemberWithAccessesForActiveAccountId([]));
export const readWriteProcedure = protectedProcedure.use(isMemberWithAccessesForActiveAccountId([ACCOUNT_ACCESS.READ_WRITE, ACCOUNT_ACCESS.ADMIN, ACCOUNT_ACCESS.OWNER]));
export const adminProcedure = protectedProcedure.use(isMemberWithAccessesForActiveAccountId([ACCOUNT_ACCESS.ADMIN, ACCOUNT_ACCESS.OWNER]));
export const ownerProcedure = protectedProcedure.use(isMemberWithAccessesForActiveAccountId([ACCOUNT_ACCESS.OWNER]));
export const memberProcedure = protectedProcedure.use(
isMemberWithAccessesForActiveAccountId([])
);
export const readWriteProcedure = protectedProcedure.use(
isMemberWithAccessesForActiveAccountId([
ACCOUNT_ACCESS.READ_WRITE,
ACCOUNT_ACCESS.ADMIN,
ACCOUNT_ACCESS.OWNER
])
);
export const adminProcedure = protectedProcedure.use(
isMemberWithAccessesForActiveAccountId([
ACCOUNT_ACCESS.ADMIN,
ACCOUNT_ACCESS.OWNER
])
);
export const ownerProcedure = protectedProcedure.use(
isMemberWithAccessesForActiveAccountId([ACCOUNT_ACCESS.OWNER])
);
export const accountHasSpecialFeature = isAccountWithFeature('SPECIAL_FEATURE');
export const router = t.router;