MCPcopy
hub / github.com/wg-easy/wg-easy / definePermissionEventHandler

Function definePermissionEventHandler

src/server/utils/handler.ts:29–64  ·  view source on GitHub ↗
(
  resource: Resource,
  action: Permissions[Resource]['action'],
  handler: PermissionHandler<TReq, TRes, Resource>
)

Source from the content-addressed store, hash-verified

27 * get current user
28 */
29export const definePermissionEventHandler = <
30 TReq extends EventHandlerRequest,
31 TRes extends EventHandlerResponse,
32 Resource extends keyof Permissions,
33>(
34 resource: Resource,
35 action: Permissions[Resource]['action'],
36 handler: PermissionHandler<TReq, TRes, Resource>
37) => {
38 return defineEventHandler(async (event) => {
39 const user = await getCurrentUser(event);
40
41 const permissions = hasPermissionsWithData(user, resource, action);
42
43 // if no data is required, check permissions
44 if (permissions.isBoolean()) {
45 permissions.check();
46 }
47
48 const response = await handler({
49 event,
50 user,
51 checkPermissions: permissions.check,
52 });
53
54 // if data is required, make sure permissions were checked
55 if (!permissions.checked) {
56 throw createError({
57 statusCode: 500,
58 statusMessage: 'Permission was not checked',
59 });
60 }
61
62 return response;
63 });
64};
65
66// which api route is allowed for each setup step
67// 0 is done, 1 is start

Callers 15

index.post.tsFile · 0.85
index.get.tsFile · 0.85
disable.post.tsFile · 0.85
enable.post.tsFile · 0.85
qrcode.svg.get.tsFile · 0.85
index.post.tsFile · 0.85
index.delete.tsFile · 0.85
index.get.tsFile · 0.85
index.post.tsFile · 0.85
totp.post.tsFile · 0.85

Calls 2

hasPermissionsWithDataFunction · 0.90
getCurrentUserFunction · 0.85

Tested by

no test coverage detected