(projectId: string, ctx: TRPCContext)
| 27 | }; |
| 28 | |
| 29 | export const requireCanViewProject = async (projectId: string, ctx: TRPCContext) => { |
| 30 | ctx.markAccessControlRun(); |
| 31 | |
| 32 | const userId = requireUserId(ctx); |
| 33 | |
| 34 | const user = await prisma.user.findFirst({ |
| 35 | where: { |
| 36 | id: userId, |
| 37 | }, |
| 38 | }); |
| 39 | |
| 40 | const canView = await prisma.projectUser.findFirst({ |
| 41 | where: { |
| 42 | userId, |
| 43 | projectId, |
| 44 | }, |
| 45 | }); |
| 46 | |
| 47 | if (user?.role !== "ADMIN" && !canView) { |
| 48 | const project = await prisma.project.findFirst({ |
| 49 | where: { |
| 50 | id: projectId, |
| 51 | }, |
| 52 | }); |
| 53 | // Automatically add the user to the project if it's public |
| 54 | if (project?.isPublic) { |
| 55 | await prisma.projectUser.create({ |
| 56 | data: { |
| 57 | userId, |
| 58 | projectId, |
| 59 | role: "VIEWER", |
| 60 | }, |
| 61 | }); |
| 62 | } else { |
| 63 | throw new TRPCError({ |
| 64 | code: "UNAUTHORIZED", |
| 65 | message: "You don't have access to view this project.", |
| 66 | }); |
| 67 | } |
| 68 | } |
| 69 | }; |
| 70 | |
| 71 | export const requireCanModifyProject = async (projectId: string, ctx: TRPCContext) => { |
| 72 | ctx.markAccessControlRun(); |
no test coverage detected