* Verify access to chat files * Chat files: chat/filename
( cloudKey: string, userId: string, customConfig?: StorageConfig, requireWrite = false )
| 596 | * Chat files: chat/filename |
| 597 | */ |
| 598 | async function verifyChatFileAccess( |
| 599 | cloudKey: string, |
| 600 | userId: string, |
| 601 | customConfig?: StorageConfig, |
| 602 | requireWrite = false |
| 603 | ): Promise<boolean> { |
| 604 | try { |
| 605 | const config: StorageConfig = customConfig || (await getChatStorageConfig()) |
| 606 | |
| 607 | const metadata = await getFileMetadata(cloudKey, config) |
| 608 | const workspaceId = metadata.workspaceId |
| 609 | |
| 610 | if (!workspaceId) { |
| 611 | logger.warn('Chat file missing workspaceId in metadata', { cloudKey, userId }) |
| 612 | return false |
| 613 | } |
| 614 | |
| 615 | const permission = await getUserEntityPermissions(userId, 'workspace', workspaceId) |
| 616 | if (!workspacePermissionSatisfies(permission, requireWrite)) { |
| 617 | logger.warn('User does not have workspace access for chat file', { |
| 618 | userId, |
| 619 | workspaceId, |
| 620 | cloudKey, |
| 621 | }) |
| 622 | return false |
| 623 | } |
| 624 | |
| 625 | logger.debug('Chat file access granted', { userId, workspaceId, cloudKey }) |
| 626 | return true |
| 627 | } catch (error) { |
| 628 | logger.error('Error verifying chat file access', { cloudKey, userId, error }) |
| 629 | return false |
| 630 | } |
| 631 | } |
| 632 | |
| 633 | /** |
| 634 | * Verify access to regular uploads |
no test coverage detected