feat: implement board access control (#349)

* feat: implement board access control * fix: deepsource issues * wip: address pull request feedback * chore: address pull request feedback * fix: format issue * test: improve tests * fix: type and lint issue * chore: address pull request feedback * refactor: rename board procedures
2024-04-30 21:32:55 +02:00
parent 56388eb8ef
commit 7ab9dc2501
50 changed files with 1020 additions and 324 deletions
--- a/packages/auth/permissions/board-permissions.ts
+++ b/packages/auth/permissions/board-permissions.ts
@@ -0,0 +1,35 @@
+import type { Session } from "@auth/core/types";
+
+export type BoardPermissionsProps = (
+  | {
+      creator: {
+        id: string;
+      } | null;
+    }
+  | {
+      creatorId: string | null;
+    }
+) & {
+  permissions: {
+    permission: string;
+  }[];
+  isPublic: boolean;
+};
+
+export const constructBoardPermissions = (
+  board: BoardPermissionsProps,
+  session: Session | null,
+) => {
+  const creatorId = "creator" in board ? board.creator?.id : board.creatorId;
+
+  return {
+    hasFullAccess: session?.user?.id === creatorId,
+    hasChangeAccess:
+      session?.user?.id === creatorId ||
+      board.permissions.some(({ permission }) => permission === "board-change"),
+    hasViewAccess:
+      session?.user?.id === creatorId ||
+      board.permissions.length >= 1 ||
+      board.isPublic,
+  };
+};