frontend/hooks/usePermissions.ts (view raw)
1import {PassengerEntity, TravelEntity} from '../generated/graphql';
2import useEventStore from '../stores/useEventStore';
3import useProfile from './useProfile';
4
5interface UserPermissions {
6 canEditEventOptions: () => boolean;
7 canEditEventDetails: () => boolean;
8 canEditWaitingList: () => boolean;
9 canAddTravel: () => boolean;
10 canEditTravel: (travel: TravelEntity) => boolean;
11 canJoinTravels: () => boolean;
12 canAddToTravel: () => boolean;
13 canDeletePassenger: (passenger: PassengerEntity) => boolean;
14}
15
16const noPermissions = {
17 canEditEventOptions: () => false,
18 canEditEventDetails: () => false,
19 canEditWaitingList: () => false,
20 canAddTravel: () => false,
21 canEditTravel: () => false,
22 canJoinTravels: () => false,
23 canAddToTravel: () => false,
24 canDeletePassenger: () => false,
25};
26
27const usePermissions = (): {userPermissions: UserPermissions} => {
28 const {event} = useEventStore();
29 const {profile, connected, userId} = useProfile();
30
31 const carosterPlus = event?.enabled_modules?.includes('caroster-plus');
32 const userIsAnonymous = !connected;
33 const userIsEventCreator = event && profile?.email === event.email;
34 const userIsEventAdmin = event?.administrators?.includes(profile?.email);
35
36 const allPermissions: UserPermissions = {
37 canEditEventOptions: () => true,
38 canEditEventDetails: () => true,
39 canEditWaitingList: () => true,
40 canAddTravel: () => true,
41 canEditTravel: () => true,
42 canJoinTravels: () => true,
43 canAddToTravel: () => true,
44 canDeletePassenger: () => true,
45 };
46
47 if (carosterPlus) {
48 if (userIsAnonymous) return {userPermissions: noPermissions};
49 else if (userIsEventCreator || userIsEventAdmin)
50 return {userPermissions: {...allPermissions, canAddToTravel: () => false}};
51 else {
52 const carosterPlusPermissions: UserPermissions = {
53 ...noPermissions,
54 canEditTravel: travel => {
55 const travelCreatorId = travel.attributes.user?.data?.id || travel.attributes.user;
56 return travelCreatorId === userId;
57 },
58 canJoinTravels: () => true,
59 canAddTravel: () => true,
60 canDeletePassenger: (passenger) => {
61 const travel = event?.travels?.data?.find(travel => travel.id === passenger.attributes.travel.data.id);
62 const travelCreatorId = travel?.attributes.user?.data?.id || travel?.attributes.user;
63 return travelCreatorId === userId;
64 },
65 };
66 return {userPermissions: carosterPlusPermissions};
67 }
68 }
69 // Caroster Vanilla permissions
70 else
71 return {
72 userPermissions: {
73 ...allPermissions,
74 canEditEventOptions: () => userIsEventCreator,
75 canJoinTravels: () => connected,
76 },
77 };
78};
79
80export default usePermissions;