| 37 | } |
| 38 | |
| 39 | async function getAuthorizedAdminUserId() { |
| 40 | const session = await getSession() |
| 41 | if (!session?.user?.id) return null |
| 42 | |
| 43 | const [currentUser] = await db |
| 44 | .select({ |
| 45 | role: user.role, |
| 46 | superUserModeEnabled: settings.superUserModeEnabled, |
| 47 | }) |
| 48 | .from(user) |
| 49 | .leftJoin(settings, eq(settings.userId, user.id)) |
| 50 | .where(eq(user.id, session.user.id)) |
| 51 | .limit(1) |
| 52 | |
| 53 | const authorized = currentUser?.role === 'admin' && (currentUser.superUserModeEnabled ?? false) |
| 54 | return authorized ? session.user.id : null |
| 55 | } |
| 56 | |
| 57 | /** |
| 58 | * Proxy to the mothership admin API. |