(request: Request, name: string)
| 41 | } |
| 42 | |
| 43 | export async function requireUserWithRole(request: Request, name: string) { |
| 44 | const userId = await requireUserId(request) |
| 45 | const user = await prisma.user.findFirst({ |
| 46 | select: { id: true }, |
| 47 | where: { id: userId, roles: { some: { name } } }, |
| 48 | }) |
| 49 | if (!user) { |
| 50 | throw json( |
| 51 | { |
| 52 | error: 'Unauthorized', |
| 53 | requiredRole: name, |
| 54 | message: `Unauthorized: required role: ${name}`, |
| 55 | }, |
| 56 | { status: 403 }, |
| 57 | ) |
| 58 | } |
| 59 | return user.id |
| 60 | } |
no test coverage detected