(project, user)
| 72 | }; |
| 73 | |
| 74 | const hasProjectReadAccess = async (project, user) => { |
| 75 | if (!project || !user?.id) { |
| 76 | return false; |
| 77 | } |
| 78 | |
| 79 | const teamRole = await teamController.getTeamRole(project.team_id, user.id); |
| 80 | if (!teamRole?.role) { |
| 81 | return false; |
| 82 | } |
| 83 | |
| 84 | const permission = accessControl.can(teamRole.role).readOwn("chart"); |
| 85 | if (!permission.granted) { |
| 86 | return false; |
| 87 | } |
| 88 | |
| 89 | user.teamRole = teamRole; |
| 90 | |
| 91 | if (["teamOwner", "teamAdmin"].includes(teamRole.role)) { |
| 92 | return true; |
| 93 | } |
| 94 | |
| 95 | if (teamRole?.projects?.length > 0) { |
| 96 | const hasProjectAccess = teamRole.projects.some((projectId) => `${projectId}` === `${project.id}`); |
| 97 | if (hasProjectAccess || project.ghost) { |
| 98 | user.projects = teamRole.projects; |
| 99 | return true; |
| 100 | } |
| 101 | } |
| 102 | |
| 103 | return false; |
| 104 | }; |
| 105 | |
| 106 | const checkPublicAccess = async (req, requiredAccess) => { |
| 107 | const chart = await chartController.findById(req.params.chart_id); |
no test coverage detected