move action permission check to middleware

2025-08-04 10:05:53 +02:00 · 2024-11-05 23:55:46 -05:00 · 2024-11-05 23:55:46 -05:00 · 372e51c0a5
commit 372e51c0a5
parent 03051878ef
48 changed files with 266 additions and 936 deletions
--- a/server/routers/auth/verifyUserHasAction.ts
+++ b/server/routers/auth/verifyUserHasAction.ts
@ -0,0 +1,36 @@
+import { Request, Response, NextFunction } from "express";
+import createHttpError from "http-errors";
+import HttpCode from "@server/types/HttpCode";
+import logger from "@server/logger";
+import { checkUserActionPermission } from "@server/auth/actions";
+import { ActionsEnum } from "@server/auth/actions";
+
+export function verifyUserHasAction(action: ActionsEnum) {
+    return async function (
+        req: Request,
+        res: Response,
+        next: NextFunction
+    ): Promise<any> {
+        try {
+            const hasPermission = await checkUserActionPermission(action, req);
+            if (!hasPermission) {
+                return next(
+                    createHttpError(
+                        HttpCode.FORBIDDEN,
+                        "User does not have permission perform this action"
+                    )
+                );
+            }
+
+            return next();
+        } catch (error) {
+            logger.error("Error verifying role access:", error);
+            return next(
+                createHttpError(
+                    HttpCode.INTERNAL_SERVER_ERROR,
+                    "Error verifying role access"
+                )
+            );
+        }
+    };
+}