valkyr/boilerplate
Template
1
0
Fork 0
Code Issues Wiki Activity

feat: identity cerbos implementation

Browse Source
This commit is contained in:
Kodemon
2025-09-26 12:48:31 +02:00
parent 0819534901
commit fe50394ec0
21 changed files with 254 additions and 162 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
modules/identity/routes/identities/get/handle.ts
View File

@@ -1,17 +1,16 @@
import { ForbiddenError, NotFoundError } from "@platform/relay";
import { getPrincipalById } from "../../../services/database.ts";
import route from "./spec.ts";
export default route.access("session").handle(async () => {
// const user = await getUserById(id);
// if (user === undefined) {
// return new NotFoundError("Identity does not exist, or has been removed.");
// }
// const decision = await access.isAllowed({ kind: "identity", id: user.id, attr: {} }, "read");
// if (decision === false) {
// return new ForbiddenError("You do not have permission to view this identity.");
// }
// return {
// id: user.id,
// roles: await getPrincipalRoles(id),
// attr: await getPrincipalAttributes(id),
// };
export default route.access("session").handle(async ({ params: { id } }, { access }) => {
const principal = await getPrincipalById(id);
if (principal === undefined) {
return new NotFoundError("Identity does not exist, or has been removed.");
}
const decision = await access.isAllowed({ kind: "identity", id, attr: {} }, "read");
if (decision === false) {
return new ForbiddenError("You do not have permission to view this identity.");
}
return principal;
});