mirror of
https://github.com/formbricks/formbricks.git
synced 2026-02-11 18:58:45 -06:00
8c0aba82e5
* poc: use server session and api key validation on deletion * feat: use server session and api key validation on deletion and creation * feat: packages/lib/apiKey for apiKey services and auth * shubham/auth-for-api-key * fix: caching * feat: handle authorization for tag creation, updation & deletion * fix: use cached wrapper * fix: club caching methods and use authzn errors * feat: add caching in canUserAccessApiKey * fix: suggrsted changes and authzn for response as well * fix: work on suggested changes * fix broken lock file --------- Co-authored-by: Matthias Nannt <mail@matthiasnannt.com>
29 lines
1.0 KiB
TypeScript
29 lines
1.0 KiB
TypeScript
import { ZId } from "@formbricks/types/v1/environment";
|
|
import { validateInputs } from "../utils/validate";
|
|
import { hasUserEnvironmentAccess } from "../environment/auth";
|
|
import { getResponse, getResponseCacheTag } from "./service";
|
|
import { unstable_cache } from "next/cache";
|
|
import { getSurvey } from "../services/survey";
|
|
|
|
export const canUserAccessResponse = async (userId: string, responseId: string): Promise<boolean> =>
|
|
await unstable_cache(
|
|
async () => {
|
|
validateInputs([userId, ZId], [responseId, ZId]);
|
|
|
|
if (!userId) return false;
|
|
|
|
const response = await getResponse(responseId);
|
|
if (!response) return false;
|
|
|
|
const survey = await getSurvey(response.surveyId);
|
|
if (!survey) return false;
|
|
|
|
const hasAccessToEnvironment = await hasUserEnvironmentAccess(userId, survey.environmentId);
|
|
if (!hasAccessToEnvironment) return false;
|
|
|
|
return true;
|
|
},
|
|
[`users-${userId}-responses-${responseId}`],
|
|
{ revalidate: 30 * 60, tags: [getResponseCacheTag(responseId)] }
|
|
)(); // 30 minutes
|