mirror/formbricks-formbricks
1
0
Fork 0
mirror of https://github.com/formbricks/formbricks.git synced 2026-03-13 12:39:25 -05:00
Code Issues Packages Projects Releases 100 Wiki Activity

feat: authorization in attributeClassAction (#1056)

Browse Source 
Co-authored-by: Matti Nannt <mail@matthiasnannt.com>
This commit is contained in:
Shubham Palriwala
2023-10-10 16:21:00 +05:30
committed by GitHub
parent 6fb61f1bfd
commit b52adf0122
2 changed files with 40 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
apps/web/app/(app)/environments/[environmentId]/(actionsAndAttributes)/attributes/actions.ts
View File

@@ -1,10 +1,20 @@
"use server";
import { getServerSession } from "next-auth";
import { AuthorizationError } from "@formbricks/types/v1/errors";
import { authOptions } from "@formbricks/lib/authOptions";
import { getSurveysByAttributeClassId } from "@formbricks/lib/survey/service";
import { canUserAccessAttributeClass } from "@formbricks/lib/attributeClass/auth";
export const GetActiveInactiveSurveysAction = async (
attributeClassId: string
): Promise<{ activeSurveys: string[]; inactiveSurveys: string[] }> => {
const session = await getServerSession(authOptions);
if (!session) throw new AuthorizationError("Not authorized");
const isAuthorized = await canUserAccessAttributeClass(session.user.id, attributeClassId);
if (!isAuthorized) throw new AuthorizationError("Not authorized");
const surveys = await getSurveysByAttributeClassId(attributeClassId);
const response = {
activeSurveys: surveys.filter((s) => s.status === "inProgress").map((survey) => survey.name),

30
packages/lib/attributeClass/auth.ts Normal file
View File

@@ -0,0 +1,30 @@
import "server-only";
import { ZId } from "@formbricks/types/v1/environment";
import { validateInputs } from "../utils/validate";
import { hasUserEnvironmentAccess } from "../environment/auth";
import { getAttributeClass } from "./service";
import { unstable_cache } from "next/cache";
import { SERVICES_REVALIDATION_INTERVAL } from "../constants";
export const canUserAccessAttributeClass = async (
userId: string,
attributeClassId: string
): Promise<boolean> =>
await unstable_cache(
async () => {
validateInputs([userId, ZId], [attributeClassId, ZId]);
if (!userId) return false;
const attributeClass = await getAttributeClass(attributeClassId);
if (!attributeClass) return false;
const hasAccessToEnvironment = await hasUserEnvironmentAccess(userId, attributeClass.environmentId);
if (!hasAccessToEnvironment) return false;
return true;
},
[`users-${userId}-attributeClasses-${attributeClassId}`],
{ revalidate: SERVICES_REVALIDATION_INTERVAL, tags: [`attributeClasses-${attributeClassId}`] }
)();