( tableId: string, userId: string, level: 'read' | 'write' | 'admin' = 'read' )
| 183 | * Uses workspace permissions only. |
| 184 | */ |
| 185 | export async function checkAccess( |
| 186 | tableId: string, |
| 187 | userId: string, |
| 188 | level: 'read' | 'write' | 'admin' = 'read' |
| 189 | ): Promise<AccessResult> { |
| 190 | const table = await getTableById(tableId) |
| 191 | |
| 192 | if (!table) { |
| 193 | return { ok: false, status: 404 } |
| 194 | } |
| 195 | |
| 196 | const permission = await getUserEntityPermissions(userId, 'workspace', table.workspaceId) |
| 197 | const hasAccess = permissionSatisfies(permission, level) |
| 198 | |
| 199 | return hasAccess ? { ok: true, table } : { ok: false, status: 403 } |
| 200 | } |
| 201 | |
| 202 | export function accessError( |
| 203 | result: { ok: false; status: 404 | 403 }, |
no test coverage detected