feat: add auth store shorthands for testing permissions and ownership

88502bce · Konrad Mohrfeldt · b8a8f51a · 88502bce
Commit 88502bce authored 11 months ago by Konrad Mohrfeldt
--- a/src/stores/auth.ts
+++ b/src/stores/auth.ts
@@ -101,19 +101,26 @@ export function useOnAuthBehaviour(behaviour: (user?: SteeringUser) => unknown |

 export type Authorizer = (userPermissions: string[]) => boolean

+function _hasUserPermission(
+  user: SteeringUser | undefined | null,
+  requiredPermissions: string[] | Authorizer,
+) {
+  if (user?.isPrivileged) return true
+  const userPermissions = (user?.permissions ?? []) as string[]
+  const permissionChecker = requiredPermissions
+  if (typeof permissionChecker === 'function') return permissionChecker(userPermissions)
+  else {
+    return (
+      permissionChecker.length === 0 ||
+      permissionChecker.every((perm) => userPermissions.includes(perm))
+    )
+  }
+}
+
 export function useHasUserPermission(requiredPermissions: MaybeRefOrGetter<string[] | Authorizer>) {
  const authStore = useAuthStore()
  return computed(() => {
-    if (authStore.steeringUser?.isPrivileged) return true
-    const userPermissions = (authStore.steeringUser?.permissions ?? []) as string[]
-    const permissionChecker = toValue(requiredPermissions)
-    if (typeof permissionChecker === 'function') return permissionChecker(userPermissions)
-    else {
-      return (
-        permissionChecker.length === 0 ||
-        permissionChecker.every((perm) => userPermissions.includes(perm))
-      )
-    }
+    return _hasUserPermission(authStore.steeringUser, toValue(requiredPermissions))
  })
 }

@@ -203,11 +210,23 @@ export const useAuthStore = defineStore('auth', () => {
    }
  }

+  function hasUserPermission(requiredPermissions: string[] | Authorizer) {
+    return _hasUserPermission(_steeringUser.value, requiredPermissions)
+  }
+
+  function isOwner(ownedBy: SteeringUser['id'][], privilegedOwnsEverything = true) {
+    const user = steeringUser.value
+    if (!user) return false
+    return ownedBy.includes(user.id) || (privilegedOwnsEverything && user.isPrivileged)
+  }
+
  return {
    currentUser: shallowReadonly(currentUser),
    steeringUser,
    sessionInitializationState: readonly(sessionInitializationState),
    isInitializingSession: readonly(isInitializingSession),
+    hasUserPermission,
+    isOwner,
    init,
  }
 })