import { jsonError } from "../../common.js";

export async function onRequest(context: RequestContext) {
  const { current_user: currentUser } = context.data;

  if (
    !(currentUser?.permissions & (1 << 5)) &&
    !(currentUser?.permissions & (1 << 12))
  )
    return jsonError("Forbidden", 403);

  return await context.next();
}