Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import { Response } from "express"
- import { getAuth } from "firebase-admin/auth"
- import { Request } from "../types"
- interface Privileges {
- owner: boolean
- admin: boolean
- moderator: boolean
- editor: boolean
- }
- export default class AdminController {
- // Return a user's privileges, so the UI presents the correct options
- public async getMyPrivileges(req: Request, res: Response): Promise<Response> {
- const { owner, admin, moderator, editor } = req.firebaseUser
- const result: Privileges = {
- owner: !!owner,
- admin: !!admin,
- moderator: !!moderator,
- editor: !!editor,
- }
- return res.status(200).json(result)
- }
- public async getPrivileges(req: Request, res: Response): Promise<Response> {
- const { uid } = req.params
- const user = await getAuth().getUser(uid)
- if (!user) {
- return res.status(404).json("User not found")
- }
- const { owner, admin, moderator, editor } = user.customClaims
- const result: Privileges = {
- owner: !!owner,
- admin: !!admin,
- moderator: !!moderator,
- editor: !!editor,
- }
- return res.status(200).json(result)
- }
- // Assign another user additional privileges
- // Only an owner can create other owners or admins
- // Admins can only assign moderators and editors privileges to other users
- // Moderators and editors do not have any privileges they can assign
- public async setPrivileges(req: Request, res: Response): Promise<Response> {
- const { uid, owner, admin, moderator, editor } = req.firebaseUser
- const { privileges, targetUid } = req.body
- if (!privileges || !targetUid) {
- return res.status(400).json("Missing required data")
- }
- const targetUser = await getAuth().getUser(targetUid)
- if (!targetUser) {
- return res.status(404).json("User not found")
- }
- const targetUserClaims = targetUser.customClaims
- if (owner) {
- if (privileges.owner) {
- targetUserClaims.owner = true
- }
- if (privileges.admin) {
- targetUserClaims.admin = true
- }
- if (privileges.moderator) {
- targetUserClaims.moderator = true
- }
- if (privileges.editor) {
- targetUserClaims.editor = true
- }
- } else if (admin) {
- if (privileges.moderator) {
- targetUserClaims.moderator = true
- }
- if (privileges.editor) {
- targetUserClaims.editor = true
- }
- } else {
- return res.status(403).json("You do not have permission to do that")
- }
- try {
- await getAuth().setCustomUserClaims(targetUid, targetUserClaims)
- return res.status(200).json("Privileges updated")
- } catch (error) {
- return res.status(500).json("Error updating privileges")
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement