reserves module
This commit is contained in:
@@ -4,6 +4,7 @@ import { AuthorizationService } from './authorization.service';
|
||||
import { Permission } from './entities/permission.entity';
|
||||
import { UserPermission } from './entities/user-permission.entity';
|
||||
import { CustomerPolicy } from './policies/customer.policy';
|
||||
import { ReservePolicy } from './policies/reserve.policy';
|
||||
import { SalonPolicy } from './policies/salon.policy';
|
||||
import { ServicePolicy } from './policies/service.policy';
|
||||
import { StylistPolicy } from './policies/stylist.policy';
|
||||
@@ -16,6 +17,7 @@ import { StylistPolicy } from './policies/stylist.policy';
|
||||
ServicePolicy,
|
||||
CustomerPolicy,
|
||||
StylistPolicy,
|
||||
ReservePolicy,
|
||||
],
|
||||
exports: [
|
||||
AuthorizationService,
|
||||
@@ -23,6 +25,7 @@ import { StylistPolicy } from './policies/stylist.policy';
|
||||
ServicePolicy,
|
||||
CustomerPolicy,
|
||||
StylistPolicy,
|
||||
ReservePolicy,
|
||||
],
|
||||
})
|
||||
export class AuthorizationModule {}
|
||||
|
||||
@@ -13,4 +13,6 @@ export enum PermissionCode {
|
||||
SERVICES_READ = 'services:read',
|
||||
SERVICES_WRITE = 'services:write',
|
||||
SERVICES_DELETE = 'services:delete',
|
||||
RESERVES_READ = 'reserves:read',
|
||||
RESERVES_WRITE = 'reserves:write',
|
||||
}
|
||||
|
||||
@@ -0,0 +1,40 @@
|
||||
import { Injectable } from '@nestjs/common';
|
||||
import { AuthUser } from '../../auth/interfaces/auth-user.interface';
|
||||
import { UserRole } from '../../users/enums/user-role.enum';
|
||||
import { Reserve } from '../../reserves/entities/reserve.entity';
|
||||
import { AuthorizationService } from '../authorization.service';
|
||||
|
||||
@Injectable()
|
||||
export class ReservePolicy {
|
||||
constructor(private readonly authorizationService: AuthorizationService) {}
|
||||
|
||||
canCreate(user: AuthUser, reserve: Pick<Reserve, 'salon' | 'customer'>): boolean {
|
||||
if (this.authorizationService.isAdmin(user)) {
|
||||
return true;
|
||||
}
|
||||
if (user.role === UserRole.SALON) {
|
||||
return reserve.salon.ownerId === user.id;
|
||||
}
|
||||
if (user.role === UserRole.CUSTOMER) {
|
||||
return reserve.customer.userId === user.id;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
canRead(user: AuthUser, reserve: Reserve): boolean {
|
||||
if (this.authorizationService.isAdmin(user)) {
|
||||
return true;
|
||||
}
|
||||
if (user.role === UserRole.SALON) {
|
||||
return reserve.salon.ownerId === user.id;
|
||||
}
|
||||
if (user.role === UserRole.CUSTOMER) {
|
||||
return reserve.customer.userId === user.id;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
canUpdate(user: AuthUser, reserve: Reserve): boolean {
|
||||
return this.canRead(user, reserve);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user