Skip to content

Commit

Permalink
added ForbidSelfHarm role
Browse files Browse the repository at this point in the history
  • Loading branch information
@Andcool-Systems
Andcool-Systems committed Oct 3, 2024
1 parent e7c4699 commit 3242fe4
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 2 deletions.
4 changes: 2 additions & 2 deletions src/auth/auth.service.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,10 +74,10 @@ const generateCookie = (session: string, exp: number): string => {
return `sessionId=${session}; Path=/; Expires=${date.toUTCString()}; SameSite=Strict`;
}

export const hasAccess = (user: UserFull | undefined, level: number) => {
export const hasAccess = (user: UserFull | undefined, level: number, skipSuperAdmin?: boolean) => {
if (!user) return false;
const user_roles = user.AccessRoles.map(role => role.level);
return user_roles.includes(level) || user_roles.includes(RolesEnum.SuperAdmin);
return user_roles.includes(level) || (!skipSuperAdmin ? user_roles.includes(RolesEnum.SuperAdmin) : false);
}

const generateSnowflake = (increment: bigint): string => {
Expand Down
1 change: 1 addition & 0 deletions src/interfaces/types.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ type ValueOf<T> = T[keyof T];

export const RolesEnum = {
SuperAdmin: 99,
ForbidSelfHarm: 4, // 😁
UpdateUsers: 3,
ManageBandages: 1,
Default: 0
Expand Down
16 changes: 16 additions & 0 deletions src/workshop/bandage.service.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -300,6 +300,8 @@ export class BandageService {
if (bandage.categories.some(val => val.id === 4)) check = "under review";
if (bandage.categories.some(val => val.id === 13)) check = "denied";

if (hasAccess(session.user, RolesEnum.ForbidSelfHarm, true)) permissions_level = 0;

return {
statusCode: 200,
data: {
Expand Down Expand Up @@ -348,6 +350,13 @@ export class BandageService {
}
}

if (hasAccess(session.user, RolesEnum.ForbidSelfHarm, true)) {
return {
statusCode: 403,
message: "Forbidden"
};
}

let title = undefined;
let description = undefined;
let categories = undefined;
Expand Down Expand Up @@ -441,6 +450,13 @@ export class BandageService {
};
}

if (hasAccess(session.user, RolesEnum.ForbidSelfHarm, true)) {
return {
statusCode: 403,
message: "Forbidden"
};
}

await this.prisma.bandage.delete({ where: { id: bandage.id } });
return {
statusCode: 200,
Expand Down

0 comments on commit 3242fe4

Please sign in to comment.