MCPcopy
hub / github.com/OpenPipe/OpenPipe / requireCanViewProject

Function requireCanViewProject

app/src/utils/accessControl.ts:29–69  ·  view source on GitHub ↗
(projectId: string, ctx: TRPCContext)

Source from the content-addressed store, hash-verified

27};
28
29export const requireCanViewProject = async (projectId: string, ctx: TRPCContext) => {
30 ctx.markAccessControlRun();
31
32 const userId = requireUserId(ctx);
33
34 const user = await prisma.user.findFirst({
35 where: {
36 id: userId,
37 },
38 });
39
40 const canView = await prisma.projectUser.findFirst({
41 where: {
42 userId,
43 projectId,
44 },
45 });
46
47 if (user?.role !== "ADMIN" && !canView) {
48 const project = await prisma.project.findFirst({
49 where: {
50 id: projectId,
51 },
52 });
53 // Automatically add the user to the project if it's public
54 if (project?.isPublic) {
55 await prisma.projectUser.create({
56 data: {
57 userId,
58 projectId,
59 role: "VIEWER",
60 },
61 });
62 } else {
63 throw new TRPCError({
64 code: "UNAUTHORIZED",
65 message: "You don't have access to view this project.",
66 });
67 }
68 }
69};
70
71export const requireCanModifyProject = async (projectId: string, ctx: TRPCContext) => {
72 ctx.markAccessControlRun();

Callers 12

monitors.router.tsFile · 0.90
projects.router.tsFile · 0.90
archives.router.tsFile · 0.90
datasets.router.tsFile · 0.90
usage.router.tsFile · 0.90
invoices.router.tsFile · 0.90
nodes.router.tsFile · 0.90

Calls 2

requireUserIdFunction · 0.85
createMethod · 0.45

Tested by

no test coverage detected