Moved code into src folder. Added build for component library.

2026-02-06 21:57:16 +01:00 · 2023-08-21 02:06:09 -07:00 · 2023-08-21 02:06:09 -07:00 · ede658771e
commit ede658771e
parent 7a7233ead4
490 changed files with 749 additions and 442 deletions
--- a/lib/auth.ts
+++ b/lib/auth.ts
@ -1,212 +0,0 @@
-import { Report } from '@prisma/client';
-import redis from '@umami/redis-client';
-import debug from 'debug';
-import { PERMISSIONS, ROLE_PERMISSIONS, SHARE_TOKEN_HEADER } from 'lib/constants';
-import { secret } from 'lib/crypto';
-import { createSecureToken, ensureArray, getRandomChars, parseToken } from 'next-basics';
-import { getTeamUser, getTeamWebsite, findTeamWebsiteByUserId } from 'queries';
-import { loadWebsite } from './load';
-import { Auth } from './types';
-
-const log = debug('umami:auth');
-
-export async function setAuthKey(user, expire = 0) {
-  const authKey = `auth:${getRandomChars(32)}`;
-
-  await redis.set(authKey, user);
-
-  if (expire) {
-    await redis.expire(authKey, expire);
-  }
-
-  return createSecureToken({ authKey }, secret());
-}
-
-export function getAuthToken(req) {
-  try {
-    return req.headers.authorization.split(' ')[1];
-  } catch {
-    return null;
-  }
-}
-
-export function parseShareToken(req) {
-  try {
-    return parseToken(req.headers[SHARE_TOKEN_HEADER], secret());
-  } catch (e) {
-    log(e);
-    return null;
-  }
-}
-
-export async function canViewWebsite({ user, shareToken }: Auth, websiteId: string) {
-  if (user?.isAdmin) {
-    return true;
-  }
-
-  if (shareToken?.websiteId === websiteId) {
-    return true;
-  }
-
-  const website = await loadWebsite(websiteId);
-
-  if (user.id === website?.userId) {
-    return true;
-  }
-
-  return !!(await findTeamWebsiteByUserId(websiteId, user.id));
-}
-
-export async function canCreateWebsite({ user }: Auth) {
-  if (user.isAdmin) {
-    return true;
-  }
-
-  return hasPermission(user.role, PERMISSIONS.websiteCreate);
-}
-
-export async function canUpdateWebsite({ user }: Auth, websiteId: string) {
-  if (user.isAdmin) {
-    return true;
-  }
-
-  const website = await loadWebsite(websiteId);
-
-  return user.id === website?.userId;
-}
-
-export async function canDeleteWebsite({ user }: Auth, websiteId: string) {
-  if (user.isAdmin) {
-    return true;
-  }
-
-  const website = await loadWebsite(websiteId);
-
-  return user.id === website?.userId;
-}
-
-export async function canViewReport(auth: Auth, report: Report) {
-  if (auth.user.isAdmin) {
-    return true;
-  }
-
-  if (auth.user.id == report.userId) {
-    return true;
-  }
-
-  return !!(await canViewWebsite(auth, report.websiteId));
-}
-
-export async function canUpdateReport({ user }: Auth, report: Report) {
-  if (user.isAdmin) {
-    return true;
-  }
-
-  return user.id == report.userId;
-}
-
-export async function canDeleteReport(auth: Auth, report: Report) {
-  return canUpdateReport(auth, report);
-}
-
-export async function canCreateTeam({ user }: Auth) {
-  if (user.isAdmin) {
-    return true;
-  }
-
-  return !!user;
-}
-
-export async function canViewTeam({ user }: Auth, teamId: string) {
-  if (user.isAdmin) {
-    return true;
-  }
-
-  return getTeamUser(teamId, user.id);
-}
-
-export async function canUpdateTeam({ user }: Auth, teamId: string) {
-  if (user.isAdmin) {
-    return true;
-  }
-
-  const teamUser = await getTeamUser(teamId, user.id);
-
-  return teamUser && hasPermission(teamUser.role, PERMISSIONS.teamUpdate);
-}
-
-export async function canDeleteTeam({ user }: Auth, teamId: string) {
-  if (user.isAdmin) {
-    return true;
-  }
-
-  const teamUser = await getTeamUser(teamId, user.id);
-
-  return teamUser && hasPermission(teamUser.role, PERMISSIONS.teamDelete);
-}
-
-export async function canDeleteTeamUser({ user }: Auth, teamId: string, removeUserId: string) {
-  if (user.isAdmin) {
-    return true;
-  }
-
-  if (removeUserId === user.id) {
-    return true;
-  }
-
-  const teamUser = await getTeamUser(teamId, user.id);
-
-  return teamUser && hasPermission(teamUser.role, PERMISSIONS.teamUpdate);
-}
-
-export async function canDeleteTeamWebsite({ user }: Auth, teamId: string, websiteId: string) {
-  if (user.isAdmin) {
-    return true;
-  }
-
-  const teamWebsite = await getTeamWebsite(teamId, websiteId);
-
-  if (teamWebsite?.website?.userId === user.id) {
-    return true;
-  }
-
-  if (teamWebsite) {
-    const teamUser = await getTeamUser(teamWebsite.teamId, user.id);
-
-    return hasPermission(teamUser.role, PERMISSIONS.teamUpdate);
-  }
-
-  return false;
-}
-
-export async function canCreateUser({ user }: Auth) {
-  return user.isAdmin;
-}
-
-export async function canViewUser({ user }: Auth, viewedUserId: string) {
-  if (user.isAdmin) {
-    return true;
-  }
-
-  return user.id === viewedUserId;
-}
-
-export async function canViewUsers({ user }: Auth) {
-  return user.isAdmin;
-}
-
-export async function canUpdateUser({ user }: Auth, viewedUserId: string) {
-  if (user.isAdmin) {
-    return true;
-  }
-
-  return user.id === viewedUserId;
-}
-
-export async function canDeleteUser({ user }: Auth) {
-  return user.isAdmin;
-}
-
-export async function hasPermission(role: string, permission: string | string[]) {
-  return ensureArray(permission).some(e => ROLE_PERMISSIONS[role]?.includes(e));
-}