MCPcopy Index your code
hub / github.com/chartbrew/chartbrew / checkPermissions

Function checkPermissions

server/api/ProjectRoute.js:28–80  ·  view source on GitHub ↗
(actionType = "readOwn")

Source from the content-addressed store, hash-verified

26 const teamController = new TeamController();
27
28 const checkPermissions = (actionType = "readOwn") => {
29 return async (req, res, next) => {
30 const projectId = req.params.id;
31 const teamId = req.params.team_id || req.body?.team_id;
32
33 let teamRole;
34 let project;
35
36 if (projectId) {
37 project = await projectController.findById(projectId);
38 if (!project) return res.status(404).json({ message: "Project not found" });
39 }
40
41 if (teamId) {
42 teamRole = await teamController.getTeamRole(teamId, req.user.id);
43 } else {
44 teamRole = await teamController.getTeamRole(project.team_id, req.user.id);
45 }
46
47 if (!teamRole?.role) {
48 return res.status(403).json({ message: "Access denied" });
49 }
50
51 if (["teamOwner", "teamAdmin"].includes(teamRole.role)) {
52 const permission = accessControl.can(teamRole.role)[actionType]("project");
53 if (!permission.granted) {
54 return res.status(403).json({ message: "Access denied" });
55 }
56
57 return next();
58 }
59
60 if (teamRole?.projects?.length > 0) {
61 if (projectId) {
62 const filteredProjects = teamRole.projects.filter((o) => `${o}` === `${projectId}`);
63 if (filteredProjects.length === 0) {
64 return res.status(403).json({ message: "Access denied" });
65 }
66 }
67
68 const permission = accessControl.can(teamRole.role)[actionType]("project");
69 if (!permission.granted) {
70 return res.status(403).json({ message: "Access denied" });
71 }
72
73 req.user.projects = teamRole.projects;
74
75 return next();
76 }
77
78 return res.status(403).json({ message: "Access denied" });
79 };
80 };
81
82 /*
83 ** [MASTER] Route to get all the projects

Callers 1

ProjectRoute.jsFile · 0.70

Calls 3

getTeamRoleMethod · 0.80
filterMethod · 0.80
findByIdMethod · 0.45

Tested by

no test coverage detected