Feat/um 197 hook up teams (#1825)

* Link up teams UI. * Fix auth order. * PR touchups.
2026-02-04 04:37:11 +01:00 · 2023-03-09 12:42:12 -08:00 · 2023-03-09 12:42:12 -08:00 · 8a9532f213
commit 8a9532f213
parent f908476e71
17 changed files with 500 additions and 111 deletions
--- a/lib/auth.ts
+++ b/lib/auth.ts
@ -1,10 +1,11 @@
 import debug from 'debug';
-import { validate } from 'uuid';
 import cache from 'lib/cache';
 import { PERMISSIONS, ROLE_PERMISSIONS, SHARE_TOKEN_HEADER } from 'lib/constants';
 import { secret } from 'lib/crypto';
 import { ensureArray, parseSecureToken, parseToken } from 'next-basics';
 import { getTeamUser } from 'queries';
+import { getTeamWebsite, getTeamWebsiteByTeamMemberId } from 'queries/admin/teamWebsite';
+import { validate } from 'uuid';
 import { Auth } from './types';

 const log = debug('umami:auth');
@ -59,6 +60,12 @@ export async function canViewWebsite({ user, shareToken }: Auth, websiteId: stri
    return true;
  }

+  const teamWebsite = await getTeamWebsiteByTeamMemberId(websiteId, user.id);
+
+  if (teamWebsite) {
+    return true;
+  }
+
  const website = await cache.fetchWebsite(websiteId);

  if (website.userId) {
@ -160,6 +167,26 @@ export async function canDeleteTeam({ user }: Auth, teamId: string) {
  return false;
 }

+export async function canDeleteTeamWebsite({ user }: Auth, teamWebsiteId: string) {
+  if (user.isAdmin) {
+    return true;
+  }
+
+  if (validate(teamWebsiteId)) {
+    const teamWebsite = await getTeamWebsite(teamWebsiteId);
+
+    if (teamWebsite.website.userId === user.id) {
+      return true;
+    }
+
+    const teamUser = await getTeamUser(teamWebsite.teamId, user.id);
+
+    return hasPermission(teamUser.role, PERMISSIONS.teamDelete);
+  }
+
+  return false;
+}
+
 export async function canCreateUser({ user }: Auth) {
  return user.isAdmin;
 }