80 lines
1.6 KiB
TypeScript
80 lines
1.6 KiB
TypeScript
import type { SafeUser } from "@/types/user"
|
|
import type { Guest } from "@/server/routers/booking/output"
|
|
|
|
export {
|
|
ACCESS_GRANTED,
|
|
accessBooking as default,
|
|
ERROR_BAD_REQUEST,
|
|
ERROR_FORBIDDEN,
|
|
ERROR_NOT_FOUND,
|
|
ERROR_UNAUTHORIZED,
|
|
}
|
|
|
|
/**
|
|
* Whether a request can access a confirmed booking or not.
|
|
*/
|
|
function accessBooking(
|
|
guest: Guest,
|
|
lastName: string,
|
|
user: SafeUser | null,
|
|
cookie: string = ""
|
|
) {
|
|
if (guest.membershipNumber) {
|
|
if (user) {
|
|
if (
|
|
user.membershipNumber === guest.membershipNumber &&
|
|
user.lastName.toLowerCase() === lastName.toLowerCase() &&
|
|
lastName.toLowerCase() === guest.lastName?.toLowerCase()
|
|
) {
|
|
return ACCESS_GRANTED
|
|
}
|
|
}
|
|
|
|
return ERROR_UNAUTHORIZED
|
|
}
|
|
|
|
if (guest.lastName?.toLowerCase() === lastName.toLowerCase()) {
|
|
if (user) {
|
|
return ERROR_FORBIDDEN
|
|
} else {
|
|
const params = new URLSearchParams(cookie)
|
|
if (
|
|
params.get("firstName")?.toLowerCase() ===
|
|
guest.firstName?.toLowerCase() &&
|
|
params.get("email")?.toLowerCase() === guest.email?.toLowerCase()
|
|
) {
|
|
return ACCESS_GRANTED
|
|
} else {
|
|
return ERROR_BAD_REQUEST
|
|
}
|
|
}
|
|
}
|
|
|
|
return ERROR_NOT_FOUND
|
|
}
|
|
|
|
const ERROR_BAD_REQUEST = {
|
|
code: "BAD_REQUEST",
|
|
status: 400,
|
|
} as const
|
|
|
|
const ERROR_UNAUTHORIZED = {
|
|
code: "UNAUTHORIZED",
|
|
status: 401,
|
|
} as const
|
|
|
|
const ERROR_FORBIDDEN = {
|
|
code: "FORBIDDEN",
|
|
status: 403,
|
|
} as const
|
|
|
|
const ERROR_NOT_FOUND = {
|
|
code: "NOT_FOUND",
|
|
status: 404,
|
|
} as const
|
|
|
|
const ACCESS_GRANTED = {
|
|
code: "ACCESS_GRANTED",
|
|
status: 200,
|
|
} as const
|