MCPcopy
hub / github.com/epicweb-dev/epic-stack / requireUserWithPermission

Function requireUserWithPermission

app/utils/permissions.server.ts:6–41  ·  view source on GitHub ↗
(
	request: Request,
	permission: PermissionString,
)

Source from the content-addressed store, hash-verified

4import { type PermissionString, parsePermissionString } from './user.ts'
5
6export async function requireUserWithPermission(
7 request: Request,
8 permission: PermissionString,
9) {
10 const userId = await requireUserId(request)
11 const permissionData = parsePermissionString(permission)
12 const user = await prisma.user.findFirst({
13 select: { id: true },
14 where: {
15 id: userId,
16 roles: {
17 some: {
18 permissions: {
19 some: {
20 ...permissionData,
21 access: permissionData.access
22 ? { in: permissionData.access }
23 : undefined,
24 },
25 },
26 },
27 },
28 },
29 })
30 if (!user) {
31 throw json(
32 {
33 error: 'Unauthorized',
34 requiredPermission: permissionData,
35 message: `Unauthorized: required permissions: ${permission}`,
36 },
37 { status: 403 },
38 )
39 }
40 return user.id
41}
42
43export async function requireUserWithRole(request: Request, name: string) {
44 const userId = await requireUserId(request)

Callers 1

actionFunction · 0.90

Calls 2

requireUserIdFunction · 0.90
parsePermissionStringFunction · 0.90

Tested by

no test coverage detected