19 lines
527 B
TypeScript
19 lines
527 B
TypeScript
import { jsonError } from "../../../common.js";
|
|
|
|
export async function onRequest(context: RequestContext) {
|
|
const { current_user: user } = context.data;
|
|
|
|
if (!user) return jsonError("Not logged in", 401);
|
|
|
|
if (![1 << 3, 1 << 4, 1 << 12].find((p) => user.permissions & p))
|
|
return jsonError("Not part of Events Team", 403);
|
|
|
|
if (
|
|
context.request.method !== "GET" &&
|
|
![1 << 4, 1 << 12].find((p) => user.permissions & p)
|
|
)
|
|
return jsonError("Cannot manage strikes", 403);
|
|
|
|
return await context.next();
|
|
}
|