Brunobrno/vontor-cz
Template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
202ce22102d66b422a620ba5802c8c53fd211b63
vontor-cz/frontend/src/hooks/usePermissions.ts

61 lines
2.0 KiB
TypeScript
Raw Blame History

import type { CustomUser } from "@/api/generated/private/models/customUser";
import type { Post } from "@/api/generated/private/models/post";
import type { Chat } from "@/api/generated/private/models/chat";
import type { Message } from "@/api/generated/private/models/message";
/**
* Frontend permission inference. Mirrors backend permission classes so the UI
* hides actions the user cannot perform — this is a UX guard, NOT a security
* boundary. The backend remains the source of truth and will return 403.
*/
function isSuperuser(user: CustomUser | null): boolean {
// CustomUser shape does not currently expose is_superuser; treat as false.
// If a role-based check becomes useful, extend here.
void user;
return false;
}
export function canEditPost(user: CustomUser | null, post: Post): boolean {
if (!user) return false;
return user.id === post.author;
}
export function canDeletePost(
user: CustomUser | null,
post: Post,
ctx?: { hubOwnerId?: number | null; isHubModerator?: boolean },
): boolean {
if (!user) return false;
if (user.id === post.author) return true;
if (isSuperuser(user)) return true;
if (ctx?.hubOwnerId && ctx.hubOwnerId === user.id) return true;
if (ctx?.isHubModerator) return true;
return false;
}
export function canEditMessage(user: CustomUser | null, message: Message): boolean {
if (!user || message.sender == null) return false;
return user.id === message.sender;
}
export function canDeleteMessage(
user: CustomUser | null,
message: Message,
chat?: Chat | null,
): boolean {
if (!user) return false;
if (message.sender != null && user.id === message.sender) return true;
if (isSuperuser(user)) return true;
if (chat?.owner === user.id) return true;
if (chat?.moderators?.includes(user.id)) return true;
return false;
}
export function canManageChat(user: CustomUser | null, chat: Chat | null): boolean {
if (!user || !chat) return false;
if (chat.owner === user.id) return true;
if (isSuperuser(user)) return true;
return chat.moderators?.includes(user.id) ?? false;
}
Reference in New Issue View Git Blame Copy Permalink