MCPcopy
hub / github.com/Peppermint-Lab/peppermint / hasPermission

Function hasPermission

apps/api/src/lib/roles.ts:23–61  ·  view source on GitHub ↗
(
  user: UserWithRoles,
  requiredPermissions: Permission | Permission[],
  requireAll: boolean = true
)

Source from the content-addressed store, hash-verified

21 * @returns boolean
22 */
23export function hasPermission(
24 user: UserWithRoles,
25 requiredPermissions: Permission | Permission[],
26 requireAll: boolean = true
27): boolean {
28 // Admins have all permissions
29 if (user?.isAdmin) {
30 return true;
31 }
32
33 // Convert single permission to array for consistent handling
34 const permissions = Array.isArray(requiredPermissions)
35 ? requiredPermissions
36 : [requiredPermissions];
37
38 // Combine all permissions from user's roles and default role
39 const userPermissions = new Set<Permission>();
40
41 // Add permissions from default role if it exists
42 const defaultRole = user.roles.find((role) => role.isDefault);
43 if (defaultRole) {
44 defaultRole.permissions.forEach((perm) =>
45 userPermissions.add(perm as Permission)
46 );
47 }
48
49 // Add permissions from additional roles
50 user.roles.forEach((role) => {
51 role.permissions.forEach((perm) => userPermissions.add(perm as Permission));
52 });
53
54 if (requireAll) {
55 // Check if user has ALL required permissions
56 return permissions.every((permission) => userPermissions.has(permission));
57 } else {
58 // Check if user has AT LEAST ONE of the required permissions
59 return permissions.some((permission) => userPermissions.has(permission));
60 }
61}
62
63/**
64 * Authorization middleware that checks for required permissions

Callers 1

requirePermissionFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected