backend/src/api/travel/policies/check-deletion.ts (view raw)
1import { errors } from "@strapi/utils";
2
3export default async (policyContext, config, { strapi }) => {
4 const travelId = policyContext.args?.id;
5 const travel = await strapi.entityService.findOne(
6 "api::travel.travel",
7 travelId,
8 {
9 populate: ["event", "user"],
10 }
11 );
12
13 if (!travel) throw new errors.NotFoundError(`Travel not found`);
14
15 const event = travel.event;
16
17 if (event.enabled_modules?.includes("caroster-plus")) {
18 const user = policyContext.state.user;
19 if (!user) throw new errors.ForbiddenError();
20
21 const admins = event.administrators?.split(/, ?/) || [];
22 const isAdmin = [...admins, event.email].includes(user.email);
23
24 if (isAdmin) {
25 await strapi.entityService.create("api::notification.notification", {
26 data: {
27 type: "DeletedYourTrip",
28 event,
29 user: travel.user,
30 payload: { travel },
31 },
32 });
33 return true;
34 } else if (travel.user?.email === user.email) return true;
35 else return false;
36 }
37};