MCPcopy Index your code
hub / github.com/chartbrew/chartbrew / checkPermissions

Function checkPermissions

server/api/UpdateRunRoute.js:11–26  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

9 const teamController = new TeamController();
10
11 const checkPermissions = () => {
12 return async (req, res, next) => {
13 const { team_id } = req.params;
14 const teamRole = await teamController.getTeamRole(team_id, req.user.id);
15
16 if (!teamRole) {
17 return res.status(403).json({ message: "Access denied" });
18 }
19
20 if (!ALLOWED_AUDIT_ROLES.includes(teamRole.role)) {
21 return res.status(403).json({ message: "Access denied" });
22 }
23
24 return next();
25 };
26 };
27
28 app.get("/team/:team_id/update-runs", verifyToken, checkPermissions(), (req, res) => {
29 return updateRunController.findByTeam(req.params.team_id, req.query)

Callers 1

UpdateRunRoute.jsFile · 0.70

Calls 1

getTeamRoleMethod · 0.80

Tested by

no test coverage detected