fix roles
This commit is contained in:
@@ -1,20 +1,30 @@
|
||||
import { Injectable } from '@nestjs/common';
|
||||
import { InjectRepository } from '@nestjs/typeorm';
|
||||
import { Repository } from 'typeorm';
|
||||
import { AuthUser } from '../../auth/interfaces/auth-user.interface';
|
||||
import { Customer } from '../../customers/entities/customer.entity';
|
||||
import { Reserve } from '../../reserves/entities/reserve.entity';
|
||||
import { UserRole } from '../../users/enums/user-role.enum';
|
||||
import { AuthorizationService } from '../authorization.service';
|
||||
|
||||
@Injectable()
|
||||
export class CustomerPolicy {
|
||||
constructor(private readonly authorizationService: AuthorizationService) {}
|
||||
constructor(
|
||||
private readonly authorizationService: AuthorizationService,
|
||||
@InjectRepository(Reserve)
|
||||
private readonly reservesRepository: Repository<Reserve>,
|
||||
) {}
|
||||
|
||||
canRead(user: AuthUser, customer: Customer): boolean {
|
||||
async canRead(user: AuthUser, customer: Customer): Promise<boolean> {
|
||||
if (this.authorizationService.isAdmin(user)) {
|
||||
return true;
|
||||
}
|
||||
if (user.role === UserRole.CUSTOMER) {
|
||||
return customer.userId === user.id;
|
||||
}
|
||||
if (user.role === UserRole.SALON) {
|
||||
return this.hasReserveAtSalon(customer.id, user.id);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
@@ -27,4 +37,16 @@ export class CustomerPolicy {
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
private async hasReserveAtSalon(
|
||||
customerId: string,
|
||||
salonOwnerId: string,
|
||||
): Promise<boolean> {
|
||||
return this.reservesRepository.exists({
|
||||
where: {
|
||||
customerId,
|
||||
salon: { ownerId: salonOwnerId },
|
||||
},
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,7 +1,9 @@
|
||||
import { Injectable } from '@nestjs/common';
|
||||
import { AuthUser } from '../../auth/interfaces/auth-user.interface';
|
||||
import { UserRole } from '../../users/enums/user-role.enum';
|
||||
import { UpdateReserveDto } from '../../reserves/dto/update-reserve.dto';
|
||||
import { Reserve } from '../../reserves/entities/reserve.entity';
|
||||
import { ReserveStatus } from '../../reserves/enums/reserve-status.enum';
|
||||
import { AuthorizationService } from '../authorization.service';
|
||||
|
||||
@Injectable()
|
||||
@@ -34,7 +36,55 @@ export class ReservePolicy {
|
||||
return false;
|
||||
}
|
||||
|
||||
canUpdate(user: AuthUser, reserve: Reserve): boolean {
|
||||
return this.canRead(user, reserve);
|
||||
canUpdate(
|
||||
user: AuthUser,
|
||||
reserve: Reserve,
|
||||
updateDto: UpdateReserveDto,
|
||||
): boolean {
|
||||
if (!this.canRead(user, reserve)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (this.authorizationService.isAdmin(user)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if (user.role === UserRole.SALON) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if (user.role === UserRole.CUSTOMER) {
|
||||
return this.isCustomerCancellationUpdate(updateDto);
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
private isCustomerCancellationUpdate(updateDto: UpdateReserveDto): boolean {
|
||||
const providedFields = (
|
||||
Object.keys(updateDto) as (keyof UpdateReserveDto)[]
|
||||
).filter((key) => updateDto[key] !== undefined);
|
||||
|
||||
if (providedFields.length === 0) {
|
||||
return false;
|
||||
}
|
||||
|
||||
const allowedFields: (keyof UpdateReserveDto)[] = [
|
||||
'status',
|
||||
'cancellationReason',
|
||||
];
|
||||
|
||||
if (!providedFields.every((field) => allowedFields.includes(field))) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (
|
||||
updateDto.status !== undefined &&
|
||||
updateDto.status !== ReserveStatus.CANCELLED
|
||||
) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return updateDto.status === ReserveStatus.CANCELLED;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user