feat(acls): added backend acls

This commit is contained in:
DecDuck
2025-02-04 13:15:34 +11:00
parent 09fd01d9b5
commit d4dd259b5f
66 changed files with 394 additions and 473 deletions
@@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:image:delete",
]);
if (!allowed) throw createError({ statusCode: 403 });
const body = await readBody(h3);
const gameId = body.gameId;
+5 -2
View File
@@ -1,9 +1,12 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
import { handleFileUpload } from "~/server/internal/utils/handlefileupload";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:image:new",
]);
if (!allowed) throw createError({ statusCode: 403 });
const form = await readMultipartFormData(h3);
if (!form)
+5 -2
View File
@@ -1,9 +1,12 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
import libraryManager from "~/server/internal/library";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:delete",
]);
if (!allowed) throw createError({ statusCode: 403 });
const query = getQuery(h3);
const gameId = query.id?.toString();
+5 -2
View File
@@ -1,9 +1,12 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
import libraryManager from "~/server/internal/library";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:read",
]);
if (!allowed) throw createError({ statusCode: 403 });
const query = getQuery(h3);
const gameId = query.id?.toString();
+5 -2
View File
@@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:update",
]);
if (!allowed) throw createError({ statusCode: 403 });
const body = await readBody(h3);
const id = body.id;
+5 -2
View File
@@ -1,9 +1,12 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
import { handleFileUpload } from "~/server/internal/utils/handlefileupload";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:update",
]);
if (!allowed) throw createError({ statusCode: 403 });
const form = await readMultipartFormData(h3);
if (!form)
@@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:version:delete",
]);
if (!allowed) throw createError({ statusCode: 403 });
const body = await readBody(h3);
const gameId = body.id.toString();
@@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:version:update",
]);
if (!allowed) throw createError({ statusCode: 403 });
const body = await readBody(h3);
const gameId = body.id?.toString();