UNPKG

@speckle/shared

Version:

Shared code between various Speckle JS packages

speckle.systems

specklesystems/speckle-server

41 lines 1.9 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.canUpdateProjectVersionPolicy = void 0; const result_1 = require("true-myth/result"); const authErrors_js_1 = require("../../../domain/authErrors.js"); const projects_js_1 = require("../../../fragments/projects.js"); const constants_js_1 = require("../../../../core/constants.js"); const canUpdateProjectVersionPolicy = (loaders) => async ({ projectId, versionId, userId }) => { // Ensure general write access const ensuredWriteAccess = await (0, projects_js_1.ensureImplicitProjectMemberWithWriteAccessFragment)(loaders)({ userId, projectId }); if (ensuredWriteAccess.isErr) { return (0, result_1.err)(ensuredWriteAccess.error); } // Must be author or project owner to update version const version = await loaders.getVersion({ versionId, projectId }); if (!version) { return (0, result_1.err)(new authErrors_js_1.VersionNotFoundError()); } if (!version.authorId || version.authorId !== userId) { // Not author - validate that user is project owner const ensuredOwner = await (0, projects_js_1.ensureMinimumProjectRoleFragment)(loaders)({ userId: userId, projectId, role: constants_js_1.Roles.Stream.Owner }); if (ensuredOwner.isErr) { switch (ensuredOwner.error.code) { case authErrors_js_1.ProjectNoAccessError.code: return (0, result_1.err)(new authErrors_js_1.ProjectNoAccessError("You do not have access to update other contributors' versions in this project")); default: return (0, result_1.err)(ensuredOwner.error); } } } return (0, result_1.ok)(); }; exports.canUpdateProjectVersionPolicy = canUpdateProjectVersionPolicy; //# sourceMappingURL=canUpdate.js.map