import { jsonError } from "../../../common.js";

export async function onRequest(context: RequestContext) {
  const { current_user: user } = context.data;

  if (!user) return jsonError("Not logged in", 401);

  if (![1 << 3, 1 << 4, 1 << 12].find((p) => user.permissions & p))
    return jsonError("Not part of Events Team", 403);

  if (
    context.request.method !== "GET" &&
    ![1 << 4, 1 << 12].find((p) => user.permissions & p)
  )
    return jsonError("Cannot manage strikes", 403);

  return await context.next();
}