andrewwallacespeckle
69decafb5d
* Hide settings for logged out users * Hide settings tab for non-logged in users * Add middleware to settings to login * Add middleware * Update to webhooks middleware * Updates to middleware * Changes to middleware * Update comments
31 lines
1.0 KiB
TypeScript
31 lines
1.0 KiB
TypeScript
import { Roles } from '@speckle/shared'
|
|
import { useApolloClientFromNuxt } from '~~/lib/common/composables/graphql'
|
|
import { convertThrowIntoFetchResult } from '~~/lib/common/helpers/graphql'
|
|
import { projectSettingsRoute } from '~~/lib/common/helpers/route'
|
|
import { projectRoleCheckQuery } from '~~/lib/projects/graphql/queries'
|
|
|
|
/**
|
|
* Apply this to a page to prevent unauthenticated access to webhooks and ensure the user is the owner
|
|
*/
|
|
export default defineNuxtRouteMiddleware(async (to) => {
|
|
const client = useApolloClientFromNuxt()
|
|
|
|
// Fetch project role data to check if the user is the owner
|
|
const projectId = to.params.id as string
|
|
const { data } = await client
|
|
.query({
|
|
query: projectRoleCheckQuery,
|
|
variables: { id: projectId }
|
|
})
|
|
.catch(convertThrowIntoFetchResult)
|
|
|
|
// Check if the user is the owner of the project
|
|
const isOwner = data?.project.role === Roles.Stream.Owner
|
|
|
|
if (!isOwner) {
|
|
return navigateTo(projectSettingsRoute(projectId))
|
|
}
|
|
|
|
return undefined
|
|
})
|