feat: add admin role check for article deletion in storage.external.ts
All checks were successful
Build and Test / run-test (20.x) (push) Successful in 1m53s
All checks were successful
Build and Test / run-test (20.x) (push) Successful in 1m53s
This commit is contained in:
@@ -1,5 +1,6 @@
|
|||||||
'use server';
|
'use server';
|
||||||
|
|
||||||
|
import { getSessionData } from '@/lib/session/session-storage';
|
||||||
import { createStorageProvider } from '@/lib/storage/storage.factory';
|
import { createStorageProvider } from '@/lib/storage/storage.factory';
|
||||||
import { StorageProvider } from '@/lib/storage/storage.interface';
|
import { StorageProvider } from '@/lib/storage/storage.interface';
|
||||||
import { TypedResult } from '@/utils/types/results';
|
import { TypedResult } from '@/utils/types/results';
|
||||||
@@ -13,6 +14,10 @@ export const getSignedUrl = async (
|
|||||||
if (!storageProvider) {
|
if (!storageProvider) {
|
||||||
storageProvider = storage;
|
storageProvider = storage;
|
||||||
}
|
}
|
||||||
|
const session = await getSessionData();
|
||||||
|
if (!session || !session?.user || session?.user.role !== 'admin') {
|
||||||
|
throw new Error('Unauthorized: Only admin users can delete articles.');
|
||||||
|
}
|
||||||
return await storageProvider.get(key);
|
return await storageProvider.get(key);
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -23,6 +28,10 @@ export const checkExists = async (
|
|||||||
if (!storageProvider) {
|
if (!storageProvider) {
|
||||||
storageProvider = storage;
|
storageProvider = storage;
|
||||||
}
|
}
|
||||||
|
const session = await getSessionData();
|
||||||
|
if (!session || !session?.user || session?.user.role !== 'admin') {
|
||||||
|
throw new Error('Unauthorized: Only admin users can delete articles.');
|
||||||
|
}
|
||||||
return await storageProvider.exists(key);
|
return await storageProvider.exists(key);
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -34,6 +43,10 @@ export const getPutUrl = async (
|
|||||||
if (!storageProvider) {
|
if (!storageProvider) {
|
||||||
storageProvider = storage;
|
storageProvider = storage;
|
||||||
}
|
}
|
||||||
|
const session = await getSessionData();
|
||||||
|
if (!session || !session?.user || session?.user.role !== 'admin') {
|
||||||
|
throw new Error('Unauthorized: Only admin users can delete articles.');
|
||||||
|
}
|
||||||
return await storageProvider.put(key, contentType);
|
return await storageProvider.put(key, contentType);
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -44,5 +57,9 @@ export const deleteByKey = async (
|
|||||||
if (!storageProvider) {
|
if (!storageProvider) {
|
||||||
storageProvider = storage;
|
storageProvider = storage;
|
||||||
}
|
}
|
||||||
|
const session = await getSessionData();
|
||||||
|
if (!session || !session?.user || session?.user.role !== 'admin') {
|
||||||
|
throw new Error('Unauthorized: Only admin users can delete articles.');
|
||||||
|
}
|
||||||
return await storageProvider.delete(key);
|
return await storageProvider.delete(key);
|
||||||
};
|
};
|
||||||
|
|||||||
Reference in New Issue
Block a user