regalijan/car-crushers-portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Create yet another layer of events middleware

Browse Source
This commit is contained in:
Regalijan 2024-02-20 16:44:08 -05:00
parent 9bdaa4afe9
commit b22f64eb17
Signed by: regalijan
GPG Key ID: 5D4196DA269EF520
1 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
functions/api/events-team/events/[id]/_middleware.ts Normal file
View File

@ -0,0 +1,26 @@
import { jsonError } from "../../../../common.js";
export async function onRequest(context: RequestContext) {
const pathSegments = new URL(context.request.url).pathname.split("/");
// Skip checks for the by-id endpoint
if (pathSegments.length > 5) return await context.next();
const eventInfo = await context.env.D1.prepare(
"SELECT * FROM events WHERE id = ?;",
)
.bind(context.params.id)
.first();
if (!eventInfo) return jsonError("This event does not exist.", 404);
if (
eventInfo.created_by !== context.data.current_user.id &&
![1 << 4, 1 << 12].find((p) => context.data.current_user.permissions & p)
)
return jsonError("You cannot manage this event.", 403);
context.data.event = eventInfo;
return await context.next();
}