UNPKG

@budibase/server

Version:

Budibase Web Server

github.com/Budibase/budibase

Budibase/budibase

21 lines (17 loc) 503 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
import { tenancy, utils, context } from "@budibase/backend-core" import { UserCtx } from "@budibase/types" export async function ensureTenantAppOwnershipMiddleware( ctx: UserCtx, next: any ) { const appId = await utils.getAppIdFromCtx(ctx) if (!appId) { ctx.throw(400, "appId must be provided") } const appTenantId = context.getTenantIDFromAppID(appId) const tenantId = tenancy.getTenantId() if (appTenantId !== tenantId) { ctx.throw(403, "Unauthorized") } await next() }