mirror of
https://github.com/MeshEnvy/mesh-forge.git
synced 2026-05-07 05:44:49 +02:00
Ben Allfree
119 lines
2.8 KiB
TypeScript
119 lines
2.8 KiB
TypeScript
import { getAuthUserId } from '@convex-dev/auth/server'
|
|
import { ConvexError, v } from 'convex/values'
|
|
import {
|
|
customAction,
|
|
customCtx,
|
|
customMutation,
|
|
customQuery,
|
|
} from 'convex-helpers/server/customFunctions'
|
|
import { api } from './_generated/api'
|
|
import { action, mutation, query } from './_generated/server'
|
|
|
|
export const authQuery = customQuery(
|
|
query,
|
|
customCtx(async (ctx) => {
|
|
const identity = await ctx.auth.getUserIdentity()
|
|
if (identity === null) {
|
|
throw new ConvexError('Not authenticated!')
|
|
}
|
|
return {}
|
|
})
|
|
)
|
|
|
|
export const authMutation = customMutation(
|
|
mutation,
|
|
customCtx(async (ctx) => {
|
|
const identity = await ctx.auth.getUserIdentity()
|
|
if (identity === null) {
|
|
throw new ConvexError('Not authenticated!')
|
|
}
|
|
return {}
|
|
})
|
|
)
|
|
|
|
export const authAction = customAction(
|
|
action,
|
|
customCtx(async (ctx) => {
|
|
const identity = await ctx.auth.getUserIdentity()
|
|
if (identity === null) {
|
|
throw new ConvexError('Not authenticated!')
|
|
}
|
|
return {}
|
|
})
|
|
)
|
|
|
|
export const adminQuery = customQuery(
|
|
query,
|
|
customCtx(async (ctx) => {
|
|
const userId = await getAuthUserId(ctx)
|
|
if (!userId) {
|
|
throw new ConvexError('Not authenticated!')
|
|
}
|
|
|
|
const userSettings = await ctx.db
|
|
.query('userSettings')
|
|
.withIndex('by_user', (q) => q.eq('userId', userId))
|
|
.first()
|
|
|
|
if (userSettings?.isAdmin !== true) {
|
|
throw new ConvexError('Unauthorized: Admin access required')
|
|
}
|
|
|
|
return {}
|
|
})
|
|
)
|
|
|
|
export const adminMutation = customMutation(
|
|
mutation,
|
|
customCtx(async (ctx) => {
|
|
const userId = await getAuthUserId(ctx)
|
|
if (!userId) {
|
|
throw new ConvexError('Not authenticated!')
|
|
}
|
|
|
|
const userSettings = await ctx.db
|
|
.query('userSettings')
|
|
.withIndex('by_user', (q) => q.eq('userId', userId))
|
|
.first()
|
|
|
|
if (userSettings?.isAdmin !== true) {
|
|
throw new ConvexError('Unauthorized: Admin access required')
|
|
}
|
|
|
|
return {}
|
|
})
|
|
)
|
|
|
|
export const adminAction = customAction(
|
|
action,
|
|
customCtx(async (ctx) => {
|
|
const userId = await getAuthUserId(ctx)
|
|
if (!userId) {
|
|
throw new ConvexError('Not authenticated!')
|
|
}
|
|
|
|
// Actions can't access ctx.db directly, so we need to use a query
|
|
const isAdmin = await ctx.runQuery(api.helpers.checkIsAdmin, {
|
|
userId,
|
|
})
|
|
if (!isAdmin) {
|
|
throw new ConvexError('Unauthorized: Admin access required')
|
|
}
|
|
|
|
return {}
|
|
})
|
|
)
|
|
|
|
// Internal query to check if user is admin (used by action middleware)
|
|
export const checkIsAdmin = query({
|
|
args: { userId: v.id('users') },
|
|
handler: async (ctx, args) => {
|
|
const userSettings = await ctx.db
|
|
.query('userSettings')
|
|
.withIndex('by_user', (q) => q.eq('userId', args.userId))
|
|
.first()
|
|
|
|
return userSettings?.isAdmin === true
|
|
},
|
|
})
|