renati/music-repo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Support missing roles and deleted user

Browse Source
This commit is contained in:
Szymon Nowakowski
2025-04-01 23:26:56 +02:00
parent fc302d8ef2
commit 3694492e1a
10 changed files with 88 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
packages/backend/src/app.ts
View File

@@ -274,7 +274,7 @@ const app = new Elysia()
);
return Option.match(res, {
onNone: () => error("Not Found", undefined),
onNone: () => error("Not Found", new Response() as unknown as void),
onSome: ({ displayName }) => ({ userId, displayName }),
});
}, {
@@ -290,13 +290,13 @@ const app = new Elysia()
// --- MARK: PIECE CRUD ------------------------------------------------
.post("/piece", async ({ db, body: { name, composer, lyricist, arranger }, session: { idToken } }) => {
.post("/piece", async ({ db, body: { name, composer, lyricist, arranger }, session: { idToken, roles } }) => {
if (Option.isNone(idToken)) {
return error("Unauthorized", "Session invalid or expired");
}
if (!idToken.value.payload.roles.includes("Editor")) {
if (!roles.includes("Editor")) {
return error("Forbidden", "Must be an Editor");
}
@@ -369,7 +369,7 @@ const app = new Elysia()
.executeTakeFirst();
if (piece === undefined) {
return error("Not Found", undefined);
return error("Not Found", new Response() as unknown as void);
}
const attachments = await db
@@ -396,13 +396,13 @@ const app = new Elysia()
},
})
.put("/piece/:pieceId", async ({ db, body: { name, composer, lyricist, arranger }, params: { pieceId }, session: { idToken } }) => {
.put("/piece/:pieceId", async ({ db, body: { name, composer, lyricist, arranger }, params: { pieceId }, session: { idToken, roles } }) => {
if (Option.isNone(idToken)) {
return error("Unauthorized", "Session invalid or expired");
}
if (!idToken.value.payload.roles.includes("Editor")) {
if (!roles.includes("Editor")) {
return error("Forbidden", "Must be an Editor");
}
@@ -414,7 +414,7 @@ const app = new Elysia()
.execute();
if (res.length === 0) {
return error("Not Found", undefined);
return error("Not Found", new Response() as unknown as void);
}
const attachments = await db
@@ -448,13 +448,13 @@ const app = new Elysia()
},
})
.delete("/piece/:pieceId", async ({ db, params: { pieceId }, set, session: { idToken } }) => {
.delete("/piece/:pieceId", async ({ db, params: { pieceId }, set, session: { idToken, roles } }) => {
if (Option.isNone(idToken)) {
return error("Unauthorized", "Session invalid or expired");
}
if (!idToken.value.payload.roles.includes("Editor")) {
if (!roles.includes("Editor")) {
return error("Forbidden", "Must be an Editor");
}
@@ -465,7 +465,7 @@ const app = new Elysia()
.execute();
if (res.length === 0) {
return error("Not Found", undefined);
return error("Not Found", new Response() as unknown as void);
}
set.status = "No Content";
@@ -482,13 +482,13 @@ const app = new Elysia()
// --- MARK: ATTACHMENT CRUD -------------------------------------------
.post("/piece/:pieceId/attachment", async ({ db, body: { filename, mediaType, data }, params: { pieceId }, session: { idToken } }) => {
.post("/piece/:pieceId/attachment", async ({ db, body: { filename, mediaType, data }, params: { pieceId }, session: { idToken, roles } }) => {
if (Option.isNone(idToken)) {
return error("Unauthorized", "Session invalid or expired");
}
if (!idToken.value.payload.roles.includes("Editor")) {
if (!roles.includes("Editor")) {
return error("Forbidden", "Must be an Editor");
}
@@ -554,7 +554,7 @@ const app = new Elysia()
.executeTakeFirst();
if (res === undefined) {
return error("Not Found", undefined);
return error("Not Found", new Response() as unknown as void);
}
set.headers["content-disposition"] = `attachment; filename*=UTF-8''${encodeURIComponent(res.filename)}`;
@@ -572,13 +572,13 @@ const app = new Elysia()
},
})
.put("/piece/:pieceId/attachment/:attachmentId", async ({ db, body: { filename }, params: { pieceId, attachmentId }, session: { idToken } }) => {
.put("/piece/:pieceId/attachment/:attachmentId", async ({ db, body: { filename }, params: { pieceId, attachmentId }, session: { idToken, roles } }) => {
if (Option.isNone(idToken)) {
return error("Unauthorized", "Session invalid or expired");
}
if (!idToken.value.payload.roles.includes("Editor")) {
if (!roles.includes("Editor")) {
return error("Forbidden", "Must be an Editor");
}
@@ -593,7 +593,7 @@ const app = new Elysia()
.execute();
if (res.length === 0) {
return error("Not Found", undefined);
return error("Not Found", new Response() as unknown as void);
}
return {
@@ -616,13 +616,13 @@ const app = new Elysia()
},
})
.delete("/piece/:pieceId/attachment/:attachmentId", async ({ db, params: { pieceId, attachmentId }, set, session: { idToken } }) => {
.delete("/piece/:pieceId/attachment/:attachmentId", async ({ db, params: { pieceId, attachmentId }, set, session: { idToken, roles } }) => {
if (Option.isNone(idToken)) {
return error("Unauthorized", "Session invalid or expired");
}
if (!idToken.value.payload.roles.includes("Editor")) {
if (!roles.includes("Editor")) {
return error("Forbidden", "Must be an Editor");
}
@@ -636,7 +636,7 @@ const app = new Elysia()
.execute();
if (res.length === 0) {
return error("Not Found", undefined);
return error("Not Found", new Response() as unknown as void);
}
set.status = "No Content";
@@ -655,13 +655,13 @@ const app = new Elysia()
// --- MARK: REPERTOIRE CRUD -------------------------------------------
.post("/repertoire", async ({ db, body: { name, entries }, session: { idToken } }) => {
.post("/repertoire", async ({ db, body: { name, entries }, session: { idToken, roles } }) => {
if (Option.isNone(idToken)) {
return error("Unauthorized", "Session invalid or expired");
}
if (!idToken.value.payload.roles.includes("Editor")) {
if (!roles.includes("Editor")) {
return error("Forbidden", "Must be an Editor");
}
@@ -741,7 +741,7 @@ const app = new Elysia()
.executeTakeFirst();
if (repertoire === undefined) {
return error("Not Found", undefined);
return error("Not Found", new Response() as unknown as void);
}
const entries = await db
@@ -766,13 +766,13 @@ const app = new Elysia()
},
})
.put("/repertoire/:repertoireId", async ({ db, body: { name, entries }, params: { repertoireId }, session: { idToken } }) => {
.put("/repertoire/:repertoireId", async ({ db, body: { name, entries }, params: { repertoireId }, session: { idToken, roles } }) => {
if (Option.isNone(idToken)) {
return error("Unauthorized", "Session invalid or expired");
}
if (!idToken.value.payload.roles.includes("Editor")) {
if (!roles.includes("Editor")) {
return error("Forbidden", "Must be an Editor");
}
@@ -784,7 +784,7 @@ const app = new Elysia()
.execute();
if (res.length === 0) {
return error("Not Found", undefined);
return error("Not Found", new Response() as unknown as void);
}
await db
@@ -821,13 +821,13 @@ const app = new Elysia()
},
})
.delete("/repertoire/:repertoireId", async ({ db, params: { repertoireId }, set, session: { idToken } }) => {
.delete("/repertoire/:repertoireId", async ({ db, params: { repertoireId }, set, session: { idToken, roles } }) => {
if (Option.isNone(idToken)) {
return error("Unauthorized", "Session invalid or expired");
}
if (!idToken.value.payload.roles.includes("Editor")) {
if (!roles.includes("Editor")) {
return error("Forbidden", "Must be an Editor");
}