Refactor evaluation and admin pages to use server actions for data fetching, enhancing performance and simplifying state management. Update README to reflect API route changes and remove deprecated API endpoints for users and evaluations.
All checks were successful
Deploy with Docker Compose / deploy (push) Successful in 3m7s
All checks were successful
Deploy with Docker Compose / deploy (push) Successful in 3m7s
This commit is contained in:
Julien Froidefond
19
src/lib/evaluation-access.ts
Normal file
19
src/lib/evaluation-access.ts
Normal file
@@ -0,0 +1,19 @@
|
||||
import { prisma } from "@/lib/db";
|
||||
|
||||
export async function canAccessEvaluation(
|
||||
evaluationId: string,
|
||||
userId: string,
|
||||
isAdmin: boolean,
|
||||
readOnly = false
|
||||
) {
|
||||
if (isAdmin) return true;
|
||||
const eval_ = await prisma.evaluation.findUnique({
|
||||
where: { id: evaluationId },
|
||||
select: { evaluatorId: true, isPublic: true, sharedWith: { select: { userId: true } } },
|
||||
});
|
||||
if (!eval_) return false;
|
||||
if (eval_.evaluatorId === userId) return true;
|
||||
if (eval_.sharedWith.some((s) => s.userId === userId)) return true;
|
||||
if (readOnly && eval_.isPublic) return true;
|
||||
return false;
|
||||
}
|
||||
Reference in New Issue
Block a user