-
Notifications
You must be signed in to change notification settings - Fork 168
Expand file tree
/
Copy pathauth.js
More file actions
56 lines (48 loc) · 1.36 KB
/
auth.js
File metadata and controls
56 lines (48 loc) · 1.36 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
import {
ErrorAccountRestricted,
ErrorDeleteRestricted,
ErrorPinningUnauthorized,
ErrorPinningQuotaExceeded,
} from '../errors'
import { getServiceConfig } from '../config.js'
import { validate } from '../utils/auth'
import { hasTag } from '../utils/utils'
const { PSA_QUOTA } = getServiceConfig()
/**
*
* @param {import('../bindings').Handler} handler
* @param {import('../bindings').AuthOptions} [options]
* @returns {import('../bindings').Handler}
*/
export function withAuth(handler, options) {
return async (event, ctx) => {
const auth = await validate(event, ctx, options)
if (
options?.checkHasAccountRestriction &&
hasTag(auth.user, 'HasAccountRestriction', 'true')
) {
throw new ErrorAccountRestricted()
}
if (
options?.checkHasDeleteRestriction &&
hasTag(auth.user, 'HasDeleteRestriction', 'true')
) {
throw new ErrorDeleteRestricted()
}
if (
options?.checkHasPsaAccess &&
!hasTag(auth.user, 'HasPsaAccess', 'true')
) {
throw new ErrorPinningUnauthorized()
}
if (options?.checkHasPsaQuota) {
const countPendingPsaRequests = await auth.db.getPendingPsaRequestsCount(
auth.user.id
)
if (countPendingPsaRequests >= PSA_QUOTA) {
throw new ErrorPinningQuotaExceeded()
}
}
return handler(event, { ...ctx, auth })
}
}