e572d9e7e9
feat(SW-2861): Move booking router to trpc package * Use direct imports from trpc package * Add lint-staged config to trpc * Move lang enum to common * Restructure trpc package folder structure * WIP first step * update internal imports in trpc * Fix most errors in scandic-web Just 100 left... * Move Props type out of trpc * Fix CategorizedFilters types * Move more schemas in hotel router * Fix deps * fix getNonContentstackUrls * Fix import error * Fix entry error handling * Fix generateMetadata metrics * Fix alertType enum * Fix duplicated types * lint:fix * Merge branch 'master' into feat/sw-2863-move-contentstack-router-to-trpc-package * Fix broken imports * Move booking router to trpc package * Move partners router to trpc package * Move autocomplete router to trpc package * Move booking router to trpc package * Merge branch 'master' into feat/sw-2862-move-booking-router-to-trpc-package Approved-by: Linus Flood
81 lines
1.6 KiB
TypeScript
81 lines
1.6 KiB
TypeScript
import type { Guest } from "@scandic-hotels/trpc/routers/booking/output"
|
|
|
|
import type { SafeUser } from "@/types/user"
|
|
|
|
export {
|
|
ACCESS_GRANTED,
|
|
accessBooking as default,
|
|
ERROR_BAD_REQUEST,
|
|
ERROR_FORBIDDEN,
|
|
ERROR_NOT_FOUND,
|
|
ERROR_UNAUTHORIZED,
|
|
}
|
|
|
|
/**
|
|
* Whether a request can access a confirmed booking or not.
|
|
*/
|
|
function accessBooking(
|
|
guest: Guest,
|
|
lastName: string,
|
|
user: SafeUser | null,
|
|
cookie: string = ""
|
|
) {
|
|
if (guest.membershipNumber) {
|
|
if (user) {
|
|
if (
|
|
user.membershipNumber === guest.membershipNumber &&
|
|
user.lastName.toLowerCase() === lastName.toLowerCase() &&
|
|
lastName.toLowerCase() === guest.lastName?.toLowerCase()
|
|
) {
|
|
return ACCESS_GRANTED
|
|
}
|
|
}
|
|
|
|
return ERROR_UNAUTHORIZED
|
|
}
|
|
|
|
if (guest.lastName?.toLowerCase() === lastName.toLowerCase()) {
|
|
if (user) {
|
|
return ERROR_FORBIDDEN
|
|
} else {
|
|
const params = new URLSearchParams(cookie)
|
|
if (
|
|
params.get("firstName")?.toLowerCase() ===
|
|
guest.firstName?.toLowerCase() &&
|
|
params.get("email")?.toLowerCase() === guest.email?.toLowerCase()
|
|
) {
|
|
return ACCESS_GRANTED
|
|
} else {
|
|
return ERROR_BAD_REQUEST
|
|
}
|
|
}
|
|
}
|
|
|
|
return ERROR_NOT_FOUND
|
|
}
|
|
|
|
const ERROR_BAD_REQUEST = {
|
|
code: "BAD_REQUEST",
|
|
status: 400,
|
|
} as const
|
|
|
|
const ERROR_UNAUTHORIZED = {
|
|
code: "UNAUTHORIZED",
|
|
status: 401,
|
|
} as const
|
|
|
|
const ERROR_FORBIDDEN = {
|
|
code: "FORBIDDEN",
|
|
status: 403,
|
|
} as const
|
|
|
|
const ERROR_NOT_FOUND = {
|
|
code: "NOT_FOUND",
|
|
status: 404,
|
|
} as const
|
|
|
|
const ACCESS_GRANTED = {
|
|
code: "ACCESS_GRANTED",
|
|
status: 200,
|
|
} as const
|