feat(acls): added backend acls
This commit is contained in:
@@ -1,7 +1,8 @@
|
||||
import aclManager from "~/server/internal/acls";
|
||||
import prisma from "~/server/internal/db/database";
|
||||
|
||||
export default defineEventHandler(async (h3) => {
|
||||
const userId = await h3.context.session.getUserId(h3);
|
||||
const userId = await aclManager.getUserIdACL(h3, ["notifications:delete"]);
|
||||
if (!userId) throw createError({ statusCode: 403 });
|
||||
|
||||
const notificationId = getRouterParam(h3, "id");
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
import aclManager from "~/server/internal/acls";
|
||||
import prisma from "~/server/internal/db/database";
|
||||
|
||||
export default defineEventHandler(async (h3) => {
|
||||
const userId = await h3.context.session.getUserId(h3);
|
||||
const userId = await aclManager.getUserIdACL(h3, ["notifications:read"]);
|
||||
if (!userId) throw createError({ statusCode: 403 });
|
||||
|
||||
const notificationId = getRouterParam(h3, "id");
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
import aclManager from "~/server/internal/acls";
|
||||
import prisma from "~/server/internal/db/database";
|
||||
|
||||
export default defineEventHandler(async (h3) => {
|
||||
const userId = await h3.context.session.getUserId(h3);
|
||||
const userId = await aclManager.getUserIdACL(h3, ["notifications:mark"]);
|
||||
if (!userId) throw createError({ statusCode: 403 });
|
||||
|
||||
const notificationId = getRouterParam(h3, "id");
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
import aclManager from "~/server/internal/acls";
|
||||
import prisma from "~/server/internal/db/database";
|
||||
|
||||
export default defineEventHandler(async (h3) => {
|
||||
const userId = await h3.context.session.getUserId(h3);
|
||||
const userId = await aclManager.getUserIdACL(h3, ["notifications:read"]);
|
||||
if (!userId) throw createError({ statusCode: 403 });
|
||||
|
||||
const notifications = await prisma.notification.findMany({
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
import aclManager from "~/server/internal/acls";
|
||||
import prisma from "~/server/internal/db/database";
|
||||
|
||||
export default defineEventHandler(async (h3) => {
|
||||
const userId = await h3.context.session.getUserId(h3);
|
||||
const userId = await aclManager.getUserIdACL(h3, ["notifications:mark"]);
|
||||
if (!userId) throw createError({ statusCode: 403 });
|
||||
|
||||
await prisma.notification.updateMany({
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import notificationSystem from "~/server/internal/notifications";
|
||||
import session from "~/server/internal/session";
|
||||
import { parse as parseCookies } from "cookie-es";
|
||||
import aclManager from "~/server/internal/acls";
|
||||
|
||||
// TODO add web socket sessions for horizontal scaling
|
||||
// Peer ID to user ID
|
||||
@@ -8,16 +9,10 @@ const socketSessions: { [key: string]: string } = {};
|
||||
|
||||
export default defineWebSocketHandler({
|
||||
async open(peer) {
|
||||
const cookies = peer.request?.headers?.get("Cookie");
|
||||
if (!cookies) {
|
||||
peer.send("unauthenticated");
|
||||
return;
|
||||
}
|
||||
|
||||
const parsedCookies = parseCookies(cookies);
|
||||
const token = parsedCookies[session.getDropTokenCookie()];
|
||||
|
||||
const userId = await session.getUserIdRaw(token);
|
||||
const userId = await aclManager.getUserIdACL(
|
||||
{ headers: peer.request?.headers ?? new Headers() },
|
||||
["notifications:listen"]
|
||||
);
|
||||
if (!userId) {
|
||||
peer.send("unauthenticated");
|
||||
return;
|
||||
|
||||
Reference in New Issue
Block a user