diff --git a/src/lib/auth.ts b/src/lib/auth.ts index 80fda55c..890e535f 100644 --- a/src/lib/auth.ts +++ b/src/lib/auth.ts @@ -21,7 +21,7 @@ export async function checkAuth(request: Request) { const shareToken = await parseShareToken(request); let user = null; - const { userId, authKey, grant } = payload || {}; + const { userId, authKey } = payload || {}; if (userId) { user = await getUser(userId); @@ -33,7 +33,7 @@ export async function checkAuth(request: Request) { } } - log({ token, shareToken, payload, user, grant }); + log({ token, payload, authKey, shareToken, user }); if (!user?.id && !shareToken) { log('User not authorized'); @@ -45,11 +45,10 @@ export async function checkAuth(request: Request) { } return { - user, - grant, token, - shareToken, authKey, + shareToken, + user, }; } diff --git a/src/lib/types.ts b/src/lib/types.ts index c7049059..1237f519 100644 --- a/src/lib/types.ts +++ b/src/lib/types.ts @@ -1,5 +1,5 @@ import { UseQueryOptions } from '@tanstack/react-query'; -import { DATA_TYPE, PERMISSIONS, ROLES, OPERATORS } from './constants'; +import { DATA_TYPE, ROLES, OPERATORS } from './constants'; import { TIME_UNIT } from './date'; export type ObjectValues = T[keyof T]; @@ -7,7 +7,6 @@ export type ObjectValues = T[keyof T]; export type ReactQueryOptions = Omit, 'queryKey' | 'queryFn'>; export type TimeUnit = ObjectValues; -export type Permission = ObjectValues; export type Role = ObjectValues; export type DynamicDataType = ObjectValues; export type Operator = (typeof OPERATORS)[keyof typeof OPERATORS]; @@ -19,7 +18,6 @@ export interface Auth { role: string; isAdmin: boolean; }; - grant?: Permission[]; shareToken?: { websiteId: string; }; diff --git a/src/permissions/team.ts b/src/permissions/team.ts index 3273c819..77e42b1b 100644 --- a/src/permissions/team.ts +++ b/src/permissions/team.ts @@ -3,8 +3,6 @@ import { PERMISSIONS } from '@/lib/constants'; import { getTeamUser } from '@/queries'; import { hasPermission } from '@/lib/auth'; -const cloudMode = !!process.env.CLOUD_URL; - export async function canViewTeam({ user }: Auth, teamId: string) { if (user.isAdmin) { return true; @@ -13,11 +11,7 @@ export async function canViewTeam({ user }: Auth, teamId: string) { return getTeamUser(teamId, user.id); } -export async function canCreateTeam({ user, grant }: Auth) { - if (cloudMode) { - return !!grant?.find(a => a === PERMISSIONS.teamCreate); - } - +export async function canCreateTeam({ user }: Auth) { if (user.isAdmin) { return true; } @@ -25,15 +19,11 @@ export async function canCreateTeam({ user, grant }: Auth) { return !!user; } -export async function canUpdateTeam({ user, grant }: Auth, teamId: string) { +export async function canUpdateTeam({ user }: Auth, teamId: string) { if (user.isAdmin) { return true; } - if (cloudMode) { - return !!grant?.find(a => a === PERMISSIONS.teamUpdate); - } - const teamUser = await getTeamUser(teamId, user.id); return teamUser && hasPermission(teamUser.role, PERMISSIONS.teamUpdate); @@ -49,11 +39,7 @@ export async function canDeleteTeam({ user }: Auth, teamId: string) { return teamUser && hasPermission(teamUser.role, PERMISSIONS.teamDelete); } -export async function canAddUserToTeam({ user, grant }: Auth) { - if (cloudMode) { - return !!grant?.find(a => a === PERMISSIONS.teamUpdate); - } - +export async function canAddUserToTeam({ user }: Auth) { return user.isAdmin; } diff --git a/src/permissions/website.ts b/src/permissions/website.ts index 63ae5c90..11e8dc65 100644 --- a/src/permissions/website.ts +++ b/src/permissions/website.ts @@ -3,8 +3,6 @@ import { PERMISSIONS } from '@/lib/constants'; import { hasPermission } from '@/lib/auth'; import { getTeamUser, getWebsite } from '@/queries'; -const cloudMode = !!process.env.CLOUD_URL; - export async function canViewWebsite({ user, shareToken }: Auth, websiteId: string) { if (user?.isAdmin) { return true; @@ -33,11 +31,7 @@ export async function canViewAllWebsites({ user }: Auth) { return user.isAdmin; } -export async function canCreateWebsite({ user, grant }: Auth) { - if (cloudMode) { - return !!grant?.find(a => a === PERMISSIONS.websiteCreate); - } - +export async function canCreateWebsite({ user }: Auth) { if (user.isAdmin) { return true; }