@speckle/shared
Version:
Shared code between various Speckle JS packages
41 lines • 1.65 kB
JavaScript
import { err, ok } from 'true-myth/result';
import { ensureImplicitProjectMemberWithWriteAccessFragment, ensureMinimumProjectRoleFragment } from '../../../fragments/projects.js';
import { ReservedModelNotDeletableError, ModelNotFoundError } from '../../../domain/authErrors.js';
import { Roles } from '../../../../core/constants.js';
export const canDeleteModelPolicy = (loaders) => async ({ userId, projectId, modelId }) => {
// Ensure general project write access
const ensureWriteAccess = await ensureImplicitProjectMemberWithWriteAccessFragment(loaders)({
userId,
projectId
});
if (ensureWriteAccess.isErr) {
return err(ensureWriteAccess.error);
}
// Ensure 'main'/'globals' doesn't get deleted
const model = await loaders.getModel({
projectId,
modelId
});
if (!model) {
return err(new ModelNotFoundError());
}
// Model must be owned by author OR user must be project owner
if (!model.authorId || model.authorId !== userId) {
const ensureProjectOwner = await ensureMinimumProjectRoleFragment(loaders)({
userId: userId,
projectId,
role: Roles.Stream.Owner
});
if (ensureProjectOwner.isErr) {
return err(ensureProjectOwner.error);
}
}
if (model.name === 'main') {
return err(new ReservedModelNotDeletableError("The 'main' model cannot be deleted"));
}
if (model.name === 'globals') {
return err(new ReservedModelNotDeletableError("The 'globals' model cannot be deleted"));
}
return ok();
};
//# sourceMappingURL=canDelete.js.map