MCPcopy Index your code
hub / github.com/chartbrew/chartbrew / checkPermissions

Function checkPermissions

server/api/TeamRoute.js:25–60  ·  view source on GitHub ↗
(actionType = "readOwn", entity = "team")

Source from the content-addressed store, hash-verified

23 const userController = new UserController();
24
25 const checkPermissions = (actionType = "readOwn", entity = "team") => {
26 return async (req, res, next) => {
27 const { id } = req.params;
28
29 // Fetch the TeamRole for the user
30 const teamRole = await teamController.getTeamRole(id, req.user.id);
31
32 if (!teamRole) {
33 return res.status(403).json({ message: "Access denied" });
34 }
35
36 const permission = accessControl.can(teamRole.role)[actionType](entity);
37 if (!permission.granted) {
38 return res.status(403).json({ message: "Access denied" });
39 }
40
41 const { role } = teamRole;
42
43 // Handle permissions for teamOwner and teamAdmin
44 if (["teamOwner", "teamAdmin"].includes(role)) {
45 req.user.isEditor = true;
46 return next();
47 }
48
49 if (role === "projectAdmin" || role === "projectViewer" || role === "projectEditor") {
50 // const connections = await connectionController.findByProjects(projects);
51 // if (!connections || connections.length === 0) {
52 // return res.status(404).json({ message: "No connections found" });
53 // }
54
55 return next();
56 }
57
58 return res.status(403).json({ message: "Access denied" });
59 };
60 };
61
62 /**
63 * Get all teams based on the authentication token

Callers 1

TeamRoute.jsFile · 0.70

Calls 1

getTeamRoleMethod · 0.80

Tested by

no test coverage detected