@paroicms/server
Version:
The ParoiCMS server
38 lines • 1.3 kB
JavaScript
import { type } from "arktype";
import { appConf } from "../../context.js";
import { ADMIN_PERMISSIONS, EDITOR_PERMISSIONS } from "./authorization.constants.js";
const permissionMap = {
admin: ADMIN_PERMISSIONS,
editor: EDITOR_PERMISSIONS,
};
const RoleRowAT = type({
role: "string",
"+": "reject",
});
export function isSpecialAccountEmail(email) {
if (appConf.localDevAccount?.email === email) {
return true;
}
if (appConf.platformAdminAccounts?.some((acc) => acc.email === email)) {
return true;
}
return false;
}
export async function loadAccountRoles(siteContext, account) {
const roleRows = await siteContext
.cn("PaAccountRole")
.select("role")
.where("accountId", account.id);
const dbRoles = roleRows.map((row) => RoleRowAT.assert(row).role);
if (isSpecialAccountEmail(account.email)) {
const rolesSet = new Set([...dbRoles, "admin"]);
return Array.from(rolesSet);
}
return dbRoles;
}
export async function loadAccountPermissions(siteContext, account) {
const roles = await loadAccountRoles(siteContext, account);
const permissions = [...new Set(roles.flatMap((role) => permissionMap[role] ?? []))];
return permissions;
}
//# sourceMappingURL=special-account.helper.js.map