mirror/Checkmate
1
0
Fork 0
mirror of https://github.com/bluewave-labs/Checkmate.git synced 2026-04-28 04:29:27 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
74fd20cfa80b5015d9b789d53e4fe5e7ea6e5918
Checkmate/server/middleware/verifyTeamAccess.js
T
Alex Holliday 40f879f671 user and teamId check
2025-06-24 10:02:36 +08:00

39 lines
826 B
JavaScript
Raw Blame History

const SERVICE_NAME = "verifyTeamAccess";
const verifyTeamAccess = (Model, paramName) => {
return async (req, res, next) => {
try {
const documentId = req.params[paramName];
const doc = await Model.findById(documentId);
if (!doc) {
const error = new Error("Document not found");
error.status = 404;
throw error;
}
if (!req?.user?.teamId || !doc.teamId) {
const error = new Error("Missing team information");
error.status = 400;
throw error;
}
if (req.user.teamId.toString() === doc.teamId.toString()) {
next();
return;
}
const error = new Error("Unauthorized");
error.status = 403;
throw error;
} catch (error) {
error.service = SERVICE_NAME;
error.method = "verifyTeamAccess";
next(error);
return;
}
};
};
export { verifyTeamAccess };
Reference in New Issue View Git Blame Copy Permalink