80 lines
1.4 KiB
TypeScript
80 lines
1.4 KiB
TypeScript
import { Attributes, FindOptions } from "@sequelize/core"
|
|
|
|
import { Path } from "@/utils/deep-pick"
|
|
import { User } from "@/models"
|
|
import { ALL_RECORDS_SCOPE, PolicyFactory } from "@/policies/base-policy"
|
|
|
|
export class UsersPolicy extends PolicyFactory(User) {
|
|
show(): boolean {
|
|
if (this.user.isSystemAdmin) {
|
|
return true
|
|
}
|
|
|
|
if (this.user.id === this.record.id) {
|
|
return true
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
create(): boolean {
|
|
if (this.user.isSystemAdmin) {
|
|
return true
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
update(): boolean {
|
|
if (this.user.isSystemAdmin) {
|
|
return true
|
|
}
|
|
|
|
if (this.user.id === this.record.id) {
|
|
return true
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
destroy(): boolean {
|
|
if (this.user.id === this.record.id) {
|
|
return false
|
|
}
|
|
|
|
if (this.user.isSystemAdmin) {
|
|
return true
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
permittedAttributes(): Path[] {
|
|
const attributes: (keyof Attributes<User>)[] = [
|
|
"email",
|
|
"auth0Subject",
|
|
"firstName",
|
|
"lastName",
|
|
"displayName",
|
|
]
|
|
|
|
return attributes
|
|
}
|
|
|
|
permittedAttributesForCreate(): Path[] {
|
|
return [...this.permittedAttributes()]
|
|
}
|
|
|
|
permittedAttributesForUpdate(): Path[] {
|
|
return [...this.permittedAttributes()]
|
|
}
|
|
|
|
static policyScope(user: User): FindOptions<Attributes<User>> {
|
|
if (user.isSystemAdmin) return ALL_RECORDS_SCOPE
|
|
|
|
return { where: { id: user.id } }
|
|
}
|
|
}
|
|
|
|
export default UsersPolicy
|