feat: introduce role based access control

2023-06-22 22:20:10 +00:00
parent ff774c2e8e
commit 399fb8312a
25 changed files with 376 additions and 19 deletions
--- a/packages/backend/src/helpers/authentication.ts
+++ b/packages/backend/src/helpers/authentication.ts
@@ -12,7 +12,15 @@ const isAuthenticated = rule()(async (_parent, _args, req) => {
    const { userId } = jwt.verify(token, appConfig.appSecretKey) as {
      userId: string;
    };
-    req.currentUser = await User.query().findById(userId).throwIfNotFound();
+    req.currentUser = await User
+      .query()
+      .findById(userId)
+      .joinRelated({
+        permissions: true,
+      })
+      .withGraphFetched({
+        permissions: true,
+      });

    return true;
  } catch (error) {