6fb87ac80a
* Refactor swagger docs * Scaffold refactor * Refactor crud tasks * fixup! Refactor crud tasks * Break down task layout * fixup! Break down task layout * fixup! fixup! Break down task layout * Cleanup comments * fixup! Cleanup comments * Cleanup obsolete code * Remove helpers
61 lines
1.5 KiB
JavaScript
61 lines
1.5 KiB
JavaScript
const { Project, Task } = require('../../../models');
|
|
const permissionsService = require('../../../services/permissionsService');
|
|
|
|
async function validateProjectAccess(projectId, userId) {
|
|
if (!projectId || !projectId.toString().trim()) {
|
|
return null;
|
|
}
|
|
|
|
const project = await Project.findOne({ where: { id: projectId } });
|
|
if (!project) {
|
|
throw new Error('Invalid project.');
|
|
}
|
|
|
|
const projectAccess = await permissionsService.getAccess(
|
|
userId,
|
|
'project',
|
|
project.uid
|
|
);
|
|
const isOwner = project.user_id === userId;
|
|
const canWrite =
|
|
isOwner || projectAccess === 'rw' || projectAccess === 'admin';
|
|
|
|
if (!canWrite) {
|
|
throw new Error('Forbidden');
|
|
}
|
|
|
|
return projectId;
|
|
}
|
|
|
|
async function validateParentTaskAccess(parentTaskId, userId) {
|
|
if (!parentTaskId || !parentTaskId.toString().trim()) {
|
|
return null;
|
|
}
|
|
|
|
const parentTask = await Task.findOne({
|
|
where: { id: parentTaskId, user_id: userId },
|
|
});
|
|
if (!parentTask) {
|
|
throw new Error('Invalid parent task.');
|
|
}
|
|
|
|
const parentAccess = await permissionsService.getAccess(
|
|
userId,
|
|
'task',
|
|
parentTask.uid
|
|
);
|
|
const isOwner = parentTask.user_id === userId;
|
|
const canWrite =
|
|
isOwner || parentAccess === 'rw' || parentAccess === 'admin';
|
|
|
|
if (!canWrite) {
|
|
throw new Error('Invalid parent task.');
|
|
}
|
|
|
|
return parentTaskId;
|
|
}
|
|
|
|
module.exports = {
|
|
validateProjectAccess,
|
|
validateParentTaskAccess,
|
|
};
|