MCPcopy Index your code
hub / github.com/chartbrew/chartbrew / checkPermissions

Function checkPermissions

server/api/SavedQueryRoute.js:10–35  ·  view source on GitHub ↗
(actionType = "readAny")

Source from the content-addressed store, hash-verified

8 const teamController = new TeamController();
9
10 const checkPermissions = (actionType = "readAny") => {
11 return async (req, res, next) => {
12 const { team_id } = req.params;
13
14 // Fetch the TeamRole for the user
15 const teamRole = await teamController.getTeamRole(team_id, req.user.id);
16
17 if (!teamRole) {
18 return res.status(403).json({ message: "Access denied" });
19 }
20
21 const permission = accessControl.can(teamRole.role)[actionType]("savedQuery");
22 if (!permission.granted) {
23 return res.status(403).json({ message: "Access denied" });
24 }
25
26 const { role } = teamRole;
27
28 // Handle permissions for teamOwner and teamAdmin
29 if (["teamOwner", "teamAdmin"].includes(role)) {
30 req.user.isEditor = true;
31 }
32
33 return next();
34 };
35 };
36
37 /**
38 * [MASTER] Route to get all saved queries

Callers 1

SavedQueryRoute.jsFile · 0.70

Calls 1

getTeamRoleMethod · 0.80

Tested by

no test coverage detected