scandic/web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
16cc26632e5282275c5c22af09c4bcfb14b086af
web/apps/scandic-web/components/HotelReservation/MyStay/accessBooking.ts
Joakim Jäderberg 16cc26632e Merged in chore/refactor-trpc-booking-routes (pull request #3510) 
feat(BOOK-750): refactor booking endpoints

* WIP

* wip

* wip

* parse dates in UTC

* wip

* no more errors

* Merge branch 'master' of bitbucket.org:scandic-swap/web into chore/refactor-trpc-booking-routes

* .

* cleanup

* import named z from zod

* fix(BOOK-750): updateBooking api endpoint expects dateOnly, we passed ISO date


Approved-by: Anton Gunnarsson
2026-02-02 14:28:14 +00:00

77 lines
1.8 KiB
TypeScript
Raw Blame History

import type { AdditionalInfoCookieValue } from "@scandic-hotels/booking-flow/types/components/findMyBooking/additionalInfoCookieValue"
import type { BookingConfirmation } from "@scandic-hotels/trpc/types/bookingConfirmation"
import type { SafeUser } from "@/types/user"
export {
ACCESS_GRANTED,
accessBooking as default,
ERROR_BAD_REQUEST,
ERROR_NOT_FOUND,
ERROR_UNAUTHORIZED,
}
/**
* Whether a request can access a confirmed booking or not.
*/
function accessBooking(
guest: BookingConfirmation["booking"]["guest"],
lastName: string,
user: SafeUser | null,
cookie: string = ""
) {
if (
user &&
user.membershipNumber === guest.membershipNumber &&
user.firstName.toLowerCase() === guest.firstName?.toLowerCase() &&
user.email.toLowerCase() === guest.email?.toLowerCase()
) {
return ACCESS_GRANTED
}
if (guest.membershipNumber) {
if (!user) {
return ERROR_UNAUTHORIZED
}
if (guest.membershipNumber !== user.membershipNumber) {
return ERROR_UNAUTHORIZED
}
}
if (guest.lastName?.toLowerCase() === lastName.toLowerCase()) {
const values =
cookie && (JSON.parse(cookie) as Partial<AdditionalInfoCookieValue>)
if (
values &&
values.firstName?.toLowerCase() === guest.firstName?.toLowerCase() &&
values.email?.toLowerCase() === guest.email?.toLowerCase()
) {
return ACCESS_GRANTED
} else {
return ERROR_BAD_REQUEST
}
}
return ERROR_NOT_FOUND
}
const ERROR_BAD_REQUEST = {
code: "BAD_REQUEST",
status: 400,
} as const
const ERROR_UNAUTHORIZED = {
code: "UNAUTHORIZED",
status: 401,
} as const
const ERROR_NOT_FOUND = {
code: "NOT_FOUND",
status: 404,
} as const
const ACCESS_GRANTED = {
code: "ACCESS_GRANTED",
status: 200,
} as const
Reference in New Issue View Git Blame Copy Permalink