mirror of
https://github.com/formbricks/formbricks.git
synced 2026-01-04 12:50:58 -06:00
ab80bc1bf2
Co-authored-by: Johannes <johannes@formbricks.com> Co-authored-by: Matti Nannt <mail@matthiasnannt.com>
93 lines
2.3 KiB
TypeScript
93 lines
2.3 KiB
TypeScript
import { compare, hash } from "bcryptjs";
|
|
import { prisma } from "@formbricks/database";
|
|
import { AuthenticationError } from "@formbricks/types/errors";
|
|
|
|
export const hashPassword = async (password: string) => {
|
|
const hashedPassword = await hash(password, 12);
|
|
return hashedPassword;
|
|
};
|
|
|
|
export const verifyPassword = async (password: string, hashedPassword: string) => {
|
|
const isValid = await compare(password, hashedPassword);
|
|
return isValid;
|
|
};
|
|
|
|
export const hasOrganizationAccess = async (userId: string, organizationId: string) => {
|
|
const membership = await prisma.membership.findUnique({
|
|
where: {
|
|
userId_organizationId: {
|
|
userId,
|
|
organizationId,
|
|
},
|
|
},
|
|
});
|
|
|
|
if (membership) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
};
|
|
|
|
export const isAdminOrOwner = async (userId: string, organizationId: string) => {
|
|
const membership = await prisma.membership.findUnique({
|
|
where: {
|
|
userId_organizationId: {
|
|
userId,
|
|
organizationId,
|
|
},
|
|
},
|
|
});
|
|
|
|
if (membership && (membership.role === "admin" || membership.role === "owner")) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
};
|
|
|
|
export const isOwner = async (userId: string, organizationId: string) => {
|
|
const membership = await prisma.membership.findUnique({
|
|
where: {
|
|
userId_organizationId: {
|
|
userId,
|
|
organizationId,
|
|
},
|
|
},
|
|
});
|
|
|
|
if (membership && membership.role === "owner") {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
};
|
|
|
|
export const hasOrganizationAuthority = async (userId: string, organizationId: string) => {
|
|
const hasAccess = await hasOrganizationAccess(userId, organizationId);
|
|
if (!hasAccess) {
|
|
throw new AuthenticationError("Not authorized");
|
|
}
|
|
|
|
const isAdminOrOwnerAccess = await isAdminOrOwner(userId, organizationId);
|
|
if (!isAdminOrOwnerAccess) {
|
|
throw new AuthenticationError("You are not the admin or owner of this organization");
|
|
}
|
|
|
|
return true;
|
|
};
|
|
|
|
export const hasOrganizationOwnership = async (userId: string, organizationId: string) => {
|
|
const hasAccess = await hasOrganizationAccess(userId, organizationId);
|
|
if (!hasAccess) {
|
|
throw new AuthenticationError("Not authorized");
|
|
}
|
|
|
|
const isOwnerAccess = await isOwner(userId, organizationId);
|
|
if (!isOwnerAccess) {
|
|
throw new AuthenticationError("You are not the owner of this organization");
|
|
}
|
|
|
|
return true;
|
|
};
|