git server — caroster.git (d48304caf9bbcf05225577509e9eff78e5a0df95): frontend/hooks/usePermissions.ts

frontend/hooks/usePermissions.ts (view raw)
  1import {PassengerEntity, TravelEntity} from '../generated/graphql';
  2import useEventStore from '../stores/useEventStore';
  3import useProfile from './useProfile';
  4
  5interface UserPermissions {
  6  canEditEventOptions: () => boolean;
  7  canEditEventDetails: () => boolean;
  8  canEditWaitingList: () => boolean;
  9  canSeeAdminWaitingList: () => boolean;
 10  canSetAlert: () => boolean;
 11  canAddTravel: () => boolean;
 12  canEditTravel: (travel: TravelEntity) => boolean;
 13  canSeeTravelDetails: (travel: TravelEntity) => boolean;
 14  canJoinTravels: () => boolean;
 15  canAddToTravel: () => boolean;
 16  canDeletePassenger: (passenger: PassengerEntity) => boolean;
 17  canSeePassengerDetails: (passenger: PassengerEntity) => boolean;
 18}
 19
 20const noPermissions = {
 21  canEditEventOptions: () => false,
 22  canEditEventDetails: () => false,
 23  canEditWaitingList: () => false,
 24  canSeeAdminWaitingList: () => false,
 25  canSetAlert: () => false,
 26  canAddTravel: () => false,
 27  canEditTravel: () => false,
 28  canSeeTravelDetails: () => false,
 29  canJoinTravels: () => false,
 30  canAddToTravel: () => false,
 31  canDeletePassenger: () => false,
 32  canSeePassengerDetails: () => false,
 33};
 34
 35const usePermissions = (): {userPermissions: UserPermissions} => {
 36  const {event} = useEventStore();
 37  const {profile, connected, userId} = useProfile();
 38
 39  const carosterPlus = event?.enabled_modules?.includes('caroster-plus');
 40  const userIsAnonymous = !connected;
 41  const userIsEventCreator = event && profile?.email === event.email;
 42  const userIsEventAdmin = event?.administrators?.includes(profile?.email);
 43
 44  const allPermissions: UserPermissions = {
 45    canEditEventOptions: () => true,
 46    canEditEventDetails: () => true,
 47    canEditWaitingList: () => true,
 48    canSeeAdminWaitingList: () => true,
 49    canSetAlert: () => true,
 50    canAddTravel: () => true,
 51    canSeeTravelDetails: () => true,
 52    canEditTravel: () => true,
 53    canJoinTravels: () => true,
 54    canAddToTravel: () => true,
 55    canDeletePassenger: () => true,
 56    canSeePassengerDetails: () => true,
 57  };
 58
 59  if (carosterPlus) {
 60    if (userIsAnonymous) return {userPermissions: noPermissions};
 61    else if (userIsEventCreator || userIsEventAdmin)
 62      return {
 63        userPermissions: {...allPermissions, canAddToTravel: () => false},
 64      };
 65    else {
 66      const carosterPlusPermissions: UserPermissions = {
 67        ...noPermissions,
 68        canEditTravel: travel => {
 69          const travelCreatorId =
 70            travel.attributes.user?.data?.id || travel.attributes.user;
 71          return travelCreatorId === userId;
 72        },
 73
 74        canJoinTravels: () => true,
 75        canAddTravel: () => true,
 76        canSeeTravelDetails: travel => {
 77          const travelCreatorId =
 78            travel.attributes.user?.data?.id || travel.attributes.user;
 79          if (travelCreatorId === userId) return true;
 80          const isInPassengersList = travel.attributes.passengers.data?.some(
 81            passenger => passenger.attributes.user?.data?.id === userId
 82          );
 83          return isInPassengersList;
 84        },
 85        canSetAlert: () => true,
 86        canDeletePassenger: passenger => {
 87          const travel = event?.travels?.data?.find(travel =>
 88            travel.attributes.passengers.data.some(
 89              travelPassenger => travelPassenger.id === passenger.id
 90            )
 91          );
 92          const isTravelCreator = travel?.attributes.user?.data?.id === userId;
 93          const isCurrentPassenger =
 94            passenger.attributes.user?.data?.id === userId;
 95          return isTravelCreator || isCurrentPassenger;
 96        },
 97        canSeePassengerDetails: passenger => {
 98          const travel = event?.travels?.data?.find(
 99            travel => travel?.id === passenger.attributes.travel.data?.id
100          );
101          const userIsDriver = travel?.attributes.user?.data?.id === userId;
102          return userIsDriver || passenger.attributes.user?.data?.id === userId;
103        },
104      };
105      return {userPermissions: carosterPlusPermissions};
106    }
107  }
108  // Caroster Vanilla permissions
109  else
110    return {
111      userPermissions: {
112        ...allPermissions,
113        canSeePassengerDetails: () => false,
114        canDeletePassenger: () => true,
115        canEditEventOptions: () => userIsEventCreator,
116        canSetAlert: () => false,
117        canJoinTravels: () => connected,
118        canSeeTravelDetails: () => true,
119      },
120    };
121};
122
123export default usePermissions;
all repos — caroster @ d48304caf9bbcf05225577509e9eff78e5a0df95

[Octree] Group carpool to your event https://caroster.io
