refactor(api/utils): add isLoggedIn
guard to story checks
This commit is contained in:
parent
3bc828ad5e
commit
46c9a07b7d
@ -1,14 +1,17 @@
|
||||
import type { H3Event, EventHandlerRequest } from "h3";
|
||||
import { IStory } from "~/models/stories";
|
||||
import isLoggedIn from "~/lib/server/middlewareButNotReally/isLoggedIn";
|
||||
export function canDelete(event: H3Event<EventHandlerRequest>, story: IStory) {
|
||||
isLoggedIn(event);
|
||||
return (
|
||||
event.context.currentUser?.profile.isAdmin ||
|
||||
story.author._id === event.context.currentUser?._id
|
||||
);
|
||||
}
|
||||
export function canModify(event: H3Event<EventHandlerRequest>, story: IStory) {
|
||||
isLoggedIn(event);
|
||||
return (
|
||||
event.context.currentUser?._id === story.author._id ||
|
||||
story.coAuthor._id === event.context.currentUser?._id
|
||||
story.coAuthor?._id === event.context.currentUser?._id
|
||||
);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user