first commit
This commit is contained in:
@@ -0,0 +1,79 @@
|
||||
import { Attributes, FindOptions } from "@sequelize/core"
|
||||
|
||||
import { Path } from "@/utils/deep-pick"
|
||||
import { User } from "@/models"
|
||||
import { ALL_RECORDS_SCOPE, PolicyFactory } from "@/policies/base-policy"
|
||||
|
||||
export class UsersPolicy extends PolicyFactory(User) {
|
||||
show(): boolean {
|
||||
if (this.user.isSystemAdmin) {
|
||||
return true
|
||||
}
|
||||
|
||||
if (this.user.id === this.record.id) {
|
||||
return true
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
create(): boolean {
|
||||
if (this.user.isSystemAdmin) {
|
||||
return true
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
update(): boolean {
|
||||
if (this.user.isSystemAdmin) {
|
||||
return true
|
||||
}
|
||||
|
||||
if (this.user.id === this.record.id) {
|
||||
return true
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
destroy(): boolean {
|
||||
if (this.user.id === this.record.id) {
|
||||
return false
|
||||
}
|
||||
|
||||
if (this.user.isSystemAdmin) {
|
||||
return true
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
permittedAttributes(): Path[] {
|
||||
const attributes: (keyof Attributes<User>)[] = [
|
||||
"email",
|
||||
"auth0Subject",
|
||||
"firstName",
|
||||
"lastName",
|
||||
"displayName",
|
||||
]
|
||||
|
||||
return attributes
|
||||
}
|
||||
|
||||
permittedAttributesForCreate(): Path[] {
|
||||
return [...this.permittedAttributes()]
|
||||
}
|
||||
|
||||
permittedAttributesForUpdate(): Path[] {
|
||||
return [...this.permittedAttributes()]
|
||||
}
|
||||
|
||||
static policyScope(user: User): FindOptions<Attributes<User>> {
|
||||
if (user.isSystemAdmin) return ALL_RECORDS_SCOPE
|
||||
|
||||
return { where: { id: user.id } }
|
||||
}
|
||||
}
|
||||
|
||||
export default UsersPolicy
|
||||
Reference in New Issue
Block a user