31 lines
833 B
TypeScript
31 lines
833 B
TypeScript
import { Injectable } from '@nestjs/common';
|
|
import { Client } from 'connect-redis';
|
|
import { User } from 'src/modules/objects/user/user.entity';
|
|
|
|
const UNPRIVILEGED_STRIP = ['openid', 'id_token', 'management', 'implicit'];
|
|
|
|
@Injectable()
|
|
export class AdminService {
|
|
public userHasPrivilege(user: User, privilege: string): boolean {
|
|
return user.privileges.some(({ name }) => name === privilege);
|
|
}
|
|
|
|
public userCanEditClient(user: User, client: Client): boolean {
|
|
if (this.userHasPrivilege(user, 'admin:oauth2')) {
|
|
return true;
|
|
}
|
|
|
|
return client.owner?.id === user.id;
|
|
}
|
|
|
|
public removeUnprivileged(input: string[]): string[] {
|
|
return input.reduce((list, current) => {
|
|
if (UNPRIVILEGED_STRIP.includes(current)) {
|
|
return list;
|
|
}
|
|
|
|
return [...list, current];
|
|
}, []);
|
|
}
|
|
}
|