Add database migration.

2026-02-04 04:37:11 +01:00 · 2022-11-29 21:56:43 -08:00 · 2022-11-29 21:56:43 -08:00 · 77b739870e
commit 77b739870e
parent 0a9089a463
5 changed files with 360 additions and 6 deletions
--- a/lib/auth.ts
+++ b/lib/auth.ts
@ -34,6 +34,13 @@ export function parseShareToken(req) {
  }
 }

+export function hasPermission(
+  value: UmamiApi.Role | UmamiApi.Permission,
+  permissions: UmamiApi.Role[] | UmamiApi.Permission[],
+) {
+  return permissions.some(a => a === value);
+}
+
 export function isValidToken(token, validation) {
  try {
    if (typeof validation === 'object') {
@ -85,7 +92,6 @@ export async function allowQuery(
      const teamUser = await getTeamUser({
        userId: user.id,
        teamId: typeId ?? id,
-        isDeleted: false,
      });

      return teamUser;
@ -93,10 +99,12 @@ export async function allowQuery(
      const teamUser = await getTeamUser({
        userId: user.id,
        teamId: typeId ?? id,
-        isDeleted: false,
      });

-      return teamUser && teamUser.isOwner;
+      return (
+        teamUser &&
+        (teamUser.roleId === UmamiApi.Role.TeamOwner || teamUser.roleId === UmamiApi.Role.Admin)
+      );
    }
  }

--- a/lib/constants.ts
+++ b/lib/constants.ts
@ -14,10 +14,24 @@ export namespace UmamiApi {

  export enum Permission {
    Admin = 'Admin',
+    WebsiteCreate = 'website:create',
+    WebsiteRead = 'website:read',
+    WebsiteUpdate = 'website:update',
+    WebsiteReset = 'website:reset',
+    WebsiteDelete = 'website:delete',
+    TeamCreate = 'team:create',
+    TeamUpdate = 'team:update',
+    TeamDelete = 'team:delete',
+    TeamAddUser = 'team:add-user',
+    TeamRemoveUser = 'team:remove-user',
  }

  export enum Role {
    Admin = 'Admin',
+    Member = 'Member',
+    TeamOwner = 'Team Owner',
+    TeamMember = 'Team Member',
+    TeamGuest = 'Team Guest,',
  }
 }
 export const CURRENT_VERSION = process.env.currentVersion;