34 lines
960 B
JavaScript
34 lines
960 B
JavaScript
|
'use strict'
|
||
|
|
/** @typedef {import('@adonisjs/framework/src/Request')} Request */
|
||
|
|
/** @typedef {import('@adonisjs/framework/src/Response')} Response */
|
||
|
|
/** @typedef {import('@adonisjs/framework/src/View')} View */
|
||
|
|
|
||
|
|
class BookCallPageAuth {
|
||
|
|
/**
|
||
|
|
* @param {object} ctx
|
||
|
|
* @param {Request} ctx.request
|
||
|
|
* @param {Function} next
|
||
|
|
*/
|
||
|
|
async handle(ctx, next) {
|
||
|
|
const {request, auth, response, book, call} = ctx;
|
||
|
|
// call next to advance the request
|
||
|
|
const user = auth.user;
|
||
|
|
if (book.user_id) {
|
||
|
|
// Belongs to a user. Check if the book user has a connection with this
|
||
|
|
// user
|
||
|
|
if (book.user_id === user.id) {
|
||
|
|
await next();
|
||
|
|
} else if (call.parent_id === user.id || call.guest_id === user.id) {
|
||
|
|
await next();
|
||
|
|
} else {
|
||
|
|
response.status(403);
|
||
|
|
response.send({code: 403, message: 'Book is private'});
|
||
|
|
}
|
||
|
|
} else {
|
||
|
|
await next();
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
module.exports = BookCallPageAuth
|