fosrl.pangolin/server/lib/canUserAccessResource.ts

import { db } from "@server/db";
import { and, eq } from "drizzle-orm";
import { roleResources, userResources } from "@server/db";

export async function canUserAccessResource({
    userId,
    resourceId,
    roleId
}: {
    userId: string;
    resourceId: number;
    roleId: number;
}): Promise<boolean> {
    const roleResourceAccess = await db
        .select()
        .from(roleResources)
        .where(
            and(
                eq(roleResources.resourceId, resourceId),
                eq(roleResources.roleId, roleId)
            )
        )
        .limit(1);

    if (roleResourceAccess.length > 0) {
        return true;
    }

    const userResourceAccess = await db
        .select()
        .from(userResources)
        .where(
            and(
                eq(userResources.userId, userId),
                eq(userResources.resourceId, resourceId)
            )
        )
        .limit(1);

    if (userResourceAccess.length > 0) {
        return true;
    }

    return false;
}
support postgresql as database option 2025-06-04 12:02:07 -04:00			`import { db } from "@server/db";`
access token endpoints and other backend support 2024-12-18 23:14:26 -05:00			`import { and, eq } from "drizzle-orm";`
support postgresql as database option 2025-06-04 12:02:07 -04:00			`import { roleResources, userResources } from "@server/db";`
access token endpoints and other backend support 2024-12-18 23:14:26 -05:00
			`export async function canUserAccessResource({`
			`userId,`
			`resourceId,`
			`roleId`
			`}: {`
			`userId: string;`
			`resourceId: number;`
			`roleId: number;`
			`}): Promise<boolean> {`
			`const roleResourceAccess = await db`
			`.select()`
			`.from(roleResources)`
			`.where(`
			`and(`
			`eq(roleResources.resourceId, resourceId),`
			`eq(roleResources.roleId, roleId)`
			`)`
			`)`
			`.limit(1);`

			`if (roleResourceAccess.length > 0) {`
			`return true;`
			`}`

			`const userResourceAccess = await db`
			`.select()`
			`.from(userResources)`
			`.where(`
			`and(`
			`eq(userResources.userId, userId),`
			`eq(userResources.resourceId, resourceId)`
			`)`
			`)`
			`.limit(1);`

			`if (userResourceAccess.length > 0) {`
			`return true;`
			`}`

			`return false;`
			`}`