refactor: remove the PrivacyAware interface

10 files changed, 9 insertions, 104 deletions

diff --git a/packages/trpc/models/bookmarks.ts b/packages/trpc/models/bookmarks.ts
index e4bfdab2..bd696ee8 100644
--- a/packages/trpc/models/bookmarks.ts
+++ b/packages/trpc/models/bookmarks.ts
@@ -57,7 +57,6 @@ import { htmlToPlainText } from "@karakeep/shared/utils/htmlUtils";
 import { AuthedContext } from "..";
 import { mapDBAssetTypeToUserType } from "../lib/attachments";
 import { List } from "./lists";
-import { PrivacyAware } from "./privacy";
 
 async function dummyDrizzleReturnType() {
   const x = await DONT_USE_db.query.bookmarks.findFirst({
@@ -83,7 +82,7 @@ type BookmarkQueryReturnType = Awaited<
   ReturnType<typeof dummyDrizzleReturnType>
 >;
 
-export class BareBookmark implements PrivacyAware {
+export class BareBookmark {
   protected constructor(
     protected ctx: AuthedContext,
     private bareBookmark: ZBareBookmark,
@@ -138,15 +137,6 @@ export class BareBookmark implements PrivacyAware {
       });
     }
   }
-
-  ensureCanAccess(ctx: AuthedContext): void {
-    if (this.bareBookmark.userId != ctx.user.id) {
-      throw new TRPCError({
-        code: "FORBIDDEN",
-        message: "User is not allowed to access resource",
-      });
-    }
-  }
 }
 
 export class Bookmark extends BareBookmark {
diff --git a/packages/trpc/models/feeds.ts b/packages/trpc/models/feeds.ts
index 7effa414..c0828bbf 100644
--- a/packages/trpc/models/feeds.ts
+++ b/packages/trpc/models/feeds.ts
@@ -10,9 +10,8 @@ import {
 } from "@karakeep/shared/types/feeds";
 
 import { AuthedContext } from "..";
-import { PrivacyAware } from "./privacy";
 
-export class Feed implements PrivacyAware {
+export class Feed {
   constructor(
     protected ctx: AuthedContext,
     private feed: typeof rssFeedsTable.$inferSelect,
@@ -67,15 +66,6 @@ export class Feed implements PrivacyAware {
     return feeds.map((f) => new Feed(ctx, f));
   }
 
-  ensureCanAccess(ctx: AuthedContext): void {
-    if (this.feed.userId !== ctx.user.id) {
-      throw new TRPCError({
-        code: "FORBIDDEN",
-        message: "User is not allowed to access resource",
-      });
-    }
-  }
-
   async delete(): Promise<void> {
     const res = await this.ctx.db
       .delete(rssFeedsTable)
diff --git a/packages/trpc/models/highlights.ts b/packages/trpc/models/highlights.ts
index 260c4b8a..49791467 100644
--- a/packages/trpc/models/highlights.ts
+++ b/packages/trpc/models/highlights.ts
@@ -12,9 +12,8 @@ import { zCursorV2 } from "@karakeep/shared/types/pagination";
 
 import { AuthedContext } from "..";
 import { BareBookmark } from "./bookmarks";
-import { PrivacyAware } from "./privacy";
 
-export class Highlight implements PrivacyAware {
+export class Highlight {
   constructor(
     protected ctx: AuthedContext,
     private highlight: typeof highlights.$inferSelect,
@@ -115,15 +114,6 @@ export class Highlight implements PrivacyAware {
     };
   }
 
-  ensureCanAccess(ctx: AuthedContext): void {
-    if (this.highlight.userId !== ctx.user.id) {
-      throw new TRPCError({
-        code: "FORBIDDEN",
-        message: "User is not allowed to access resource",
-      });
-    }
-  }
-
   async delete(): Promise<z.infer<typeof zHighlightSchema>> {
     const result = await this.ctx.db
       .delete(highlights)
diff --git a/packages/trpc/models/importSessions.ts b/packages/trpc/models/importSessions.ts
index 270c2bce..56bcaf9a 100644
--- a/packages/trpc/models/importSessions.ts
+++ b/packages/trpc/models/importSessions.ts
@@ -15,9 +15,8 @@ import {
 } from "@karakeep/shared/types/importSessions";
 
 import type { AuthedContext } from "../index";
-import { PrivacyAware } from "./privacy";
 
-export class ImportSession implements PrivacyAware {
+export class ImportSession {
   protected constructor(
     protected ctx: AuthedContext,
     public session: ZImportSession,
@@ -82,15 +81,6 @@ export class ImportSession implements PrivacyAware {
     );
   }
 
-  ensureCanAccess(ctx: AuthedContext): void {
-    if (this.session.userId !== ctx.user.id) {
-      throw new TRPCError({
-        code: "FORBIDDEN",
-        message: "User is not allowed to access this import session",
-      });
-    }
-  }
-
   async attachBookmark(bookmarkId: string): Promise<void> {
     await this.ctx.db.insert(importSessionBookmarks).values({
       importSessionId: this.session.id,
diff --git a/packages/trpc/models/lists.ts b/packages/trpc/models/lists.ts
index 28473c12..2250819f 100644
--- a/packages/trpc/models/lists.ts
+++ b/packages/trpc/models/lists.ts
@@ -26,13 +26,12 @@ import { AuthedContext, Context } from "..";
 import { buildImpersonatingAuthedContext } from "../lib/impersonate";
 import { getBookmarkIdsFromMatcher } from "../lib/search";
 import { Bookmark } from "./bookmarks";
-import { PrivacyAware } from "./privacy";
 
 interface ListCollaboratorEntry {
   membershipId: string;
 }
 
-export abstract class List implements PrivacyAware {
+export abstract class List {
   protected constructor(
     protected ctx: AuthedContext,
     protected list: ZBookmarkList & { userId: string },
@@ -388,15 +387,6 @@ export abstract class List implements PrivacyAware {
     });
   }
 
-  ensureCanAccess(ctx: AuthedContext): void {
-    if (this.list.userId != ctx.user.id) {
-      throw new TRPCError({
-        code: "FORBIDDEN",
-        message: "User is not allowed to access resource",
-      });
-    }
-  }
-
   /**
    * Check if the user can view this list and its bookmarks.
    */
diff --git a/packages/trpc/models/privacy.ts b/packages/trpc/models/privacy.ts
deleted file mode 100644
index e2235f44..00000000
--- a/packages/trpc/models/privacy.ts
+++ /dev/null
@@ -1,5 +0,0 @@
-import { AuthedContext } from "..";
-
-export interface PrivacyAware {
-  ensureCanAccess(ctx: AuthedContext): void;
-}
diff --git a/packages/trpc/models/rules.ts b/packages/trpc/models/rules.ts
index 7b17fd8a..7d943465 100644
--- a/packages/trpc/models/rules.ts
+++ b/packages/trpc/models/rules.ts
@@ -17,7 +17,6 @@ import {
 } from "@karakeep/shared/types/rules";
 
 import { AuthedContext } from "..";
-import { PrivacyAware } from "./privacy";
 
 function dummy_fetchRule(ctx: AuthedContext, id: string) {
   return DONT_USE_DB.query.ruleEngineRulesTable.findFirst({
@@ -33,7 +32,7 @@ function dummy_fetchRule(ctx: AuthedContext, id: string) {
 
 type FetchedRuleType = NonNullable<Awaited<ReturnType<typeof dummy_fetchRule>>>;
 
-export class RuleEngineRuleModel implements PrivacyAware {
+export class RuleEngineRuleModel {
   protected constructor(
     protected ctx: AuthedContext,
     public rule: RuleEngineRule & { userId: string },
@@ -83,15 +82,6 @@ export class RuleEngineRuleModel implements PrivacyAware {
     return this.fromData(ctx, ruleData);
   }
 
-  ensureCanAccess(ctx: AuthedContext): void {
-    if (this.rule.userId != ctx.user.id) {
-      throw new TRPCError({
-        code: "FORBIDDEN",
-        message: "User is not allowed to access resource",
-      });
-    }
-  }
-
   static async create(
     ctx: AuthedContext,
     input: z.infer<typeof zNewRuleEngineRuleSchema>,
diff --git a/packages/trpc/models/tags.ts b/packages/trpc/models/tags.ts
index 33b032c1..b230b6b4 100644
--- a/packages/trpc/models/tags.ts
+++ b/packages/trpc/models/tags.ts
@@ -26,9 +26,8 @@ import {
 import { switchCase } from "@karakeep/shared/utils/switch";
 
 import { AuthedContext } from "..";
-import { PrivacyAware } from "./privacy";
 
-export class Tag implements PrivacyAware {
+export class Tag {
   constructor(
     protected ctx: AuthedContext,
     public tag: typeof bookmarkTags.$inferSelect,
@@ -293,15 +292,6 @@ export class Tag implements PrivacyAware {
     };
   }
 
-  ensureCanAccess(ctx: AuthedContext): void {
-    if (this.tag.userId !== ctx.user.id) {
-      throw new TRPCError({
-        code: "FORBIDDEN",
-        message: "User is not allowed to access resource",
-      });
-    }
-  }
-
   async delete(): Promise<void> {
     const affectedBookmarks = await this.ctx.db
       .select({
diff --git a/packages/trpc/models/users.ts b/packages/trpc/models/users.ts
index 7e6be7a5..97b062f0 100644
--- a/packages/trpc/models/users.ts
+++ b/packages/trpc/models/users.ts
@@ -31,9 +31,8 @@ import {
 import { AuthedContext, Context } from "..";
 import { generatePasswordSalt, hashPassword, validatePassword } from "../auth";
 import { sendPasswordResetEmail, sendVerificationEmail } from "../email";
-import { PrivacyAware } from "./privacy";
 
-export class User implements PrivacyAware {
+export class User {
   constructor(
     protected ctx: AuthedContext,
     public user: typeof users.$inferSelect,
@@ -355,15 +354,6 @@ export class User implements PrivacyAware {
       .where(eq(passwordResetTokens.token, input.token));
   }
 
-  ensureCanAccess(ctx: AuthedContext): void {
-    if (this.user.id !== ctx.user.id) {
-      throw new TRPCError({
-        code: "FORBIDDEN",
-        message: "User is not allowed to access resource",
-      });
-    }
-  }
-
   private static async deleteInternal(db: Context["db"], userId: string) {
     const res = await db.delete(users).where(eq(users.id, userId));
 
diff --git a/packages/trpc/models/webhooks.ts b/packages/trpc/models/webhooks.ts
index 3a8c7bab..d2d9c19c 100644
--- a/packages/trpc/models/webhooks.ts
+++ b/packages/trpc/models/webhooks.ts
@@ -10,9 +10,8 @@ import {
 } from "@karakeep/shared/types/webhooks";
 
 import { AuthedContext } from "..";
-import { PrivacyAware } from "./privacy";
 
-export class Webhook implements PrivacyAware {
+export class Webhook {
   constructor(
     protected ctx: AuthedContext,
     public webhook: typeof webhooksTable.$inferSelect,
@@ -66,15 +65,6 @@ export class Webhook implements PrivacyAware {
     return webhooks.map((w) => new Webhook(ctx, w));
   }
 
-  ensureCanAccess(ctx: AuthedContext): void {
-    if (this.webhook.userId !== ctx.user.id) {
-      throw new TRPCError({
-        code: "FORBIDDEN",
-        message: "User is not allowed to access resource",
-      });
-    }
-  }
-
   async delete(): Promise<void> {
     const res = await this.ctx.db
       .delete(webhooksTable)