diff options
Diffstat (limited to 'packages')
| -rw-r--r-- | packages/trpc/models/bookmarks.ts | 12 | ||||
| -rw-r--r-- | packages/trpc/models/feeds.ts | 12 | ||||
| -rw-r--r-- | packages/trpc/models/highlights.ts | 12 | ||||
| -rw-r--r-- | packages/trpc/models/importSessions.ts | 12 | ||||
| -rw-r--r-- | packages/trpc/models/lists.ts | 12 | ||||
| -rw-r--r-- | packages/trpc/models/privacy.ts | 5 | ||||
| -rw-r--r-- | packages/trpc/models/rules.ts | 12 | ||||
| -rw-r--r-- | packages/trpc/models/tags.ts | 12 | ||||
| -rw-r--r-- | packages/trpc/models/users.ts | 12 | ||||
| -rw-r--r-- | packages/trpc/models/webhooks.ts | 12 |
10 files changed, 9 insertions, 104 deletions
diff --git a/packages/trpc/models/bookmarks.ts b/packages/trpc/models/bookmarks.ts index e4bfdab2..bd696ee8 100644 --- a/packages/trpc/models/bookmarks.ts +++ b/packages/trpc/models/bookmarks.ts @@ -57,7 +57,6 @@ import { htmlToPlainText } from "@karakeep/shared/utils/htmlUtils"; import { AuthedContext } from ".."; import { mapDBAssetTypeToUserType } from "../lib/attachments"; import { List } from "./lists"; -import { PrivacyAware } from "./privacy"; async function dummyDrizzleReturnType() { const x = await DONT_USE_db.query.bookmarks.findFirst({ @@ -83,7 +82,7 @@ type BookmarkQueryReturnType = Awaited< ReturnType<typeof dummyDrizzleReturnType> >; -export class BareBookmark implements PrivacyAware { +export class BareBookmark { protected constructor( protected ctx: AuthedContext, private bareBookmark: ZBareBookmark, @@ -138,15 +137,6 @@ export class BareBookmark implements PrivacyAware { }); } } - - ensureCanAccess(ctx: AuthedContext): void { - if (this.bareBookmark.userId != ctx.user.id) { - throw new TRPCError({ - code: "FORBIDDEN", - message: "User is not allowed to access resource", - }); - } - } } export class Bookmark extends BareBookmark { diff --git a/packages/trpc/models/feeds.ts b/packages/trpc/models/feeds.ts index 7effa414..c0828bbf 100644 --- a/packages/trpc/models/feeds.ts +++ b/packages/trpc/models/feeds.ts @@ -10,9 +10,8 @@ import { } from "@karakeep/shared/types/feeds"; import { AuthedContext } from ".."; -import { PrivacyAware } from "./privacy"; -export class Feed implements PrivacyAware { +export class Feed { constructor( protected ctx: AuthedContext, private feed: typeof rssFeedsTable.$inferSelect, @@ -67,15 +66,6 @@ export class Feed implements PrivacyAware { return feeds.map((f) => new Feed(ctx, f)); } - ensureCanAccess(ctx: AuthedContext): void { - if (this.feed.userId !== ctx.user.id) { - throw new TRPCError({ - code: "FORBIDDEN", - message: "User is not allowed to access resource", - }); - } - } - async delete(): Promise<void> { const res = await this.ctx.db .delete(rssFeedsTable) diff --git a/packages/trpc/models/highlights.ts b/packages/trpc/models/highlights.ts index 260c4b8a..49791467 100644 --- a/packages/trpc/models/highlights.ts +++ b/packages/trpc/models/highlights.ts @@ -12,9 +12,8 @@ import { zCursorV2 } from "@karakeep/shared/types/pagination"; import { AuthedContext } from ".."; import { BareBookmark } from "./bookmarks"; -import { PrivacyAware } from "./privacy"; -export class Highlight implements PrivacyAware { +export class Highlight { constructor( protected ctx: AuthedContext, private highlight: typeof highlights.$inferSelect, @@ -115,15 +114,6 @@ export class Highlight implements PrivacyAware { }; } - ensureCanAccess(ctx: AuthedContext): void { - if (this.highlight.userId !== ctx.user.id) { - throw new TRPCError({ - code: "FORBIDDEN", - message: "User is not allowed to access resource", - }); - } - } - async delete(): Promise<z.infer<typeof zHighlightSchema>> { const result = await this.ctx.db .delete(highlights) diff --git a/packages/trpc/models/importSessions.ts b/packages/trpc/models/importSessions.ts index 270c2bce..56bcaf9a 100644 --- a/packages/trpc/models/importSessions.ts +++ b/packages/trpc/models/importSessions.ts @@ -15,9 +15,8 @@ import { } from "@karakeep/shared/types/importSessions"; import type { AuthedContext } from "../index"; -import { PrivacyAware } from "./privacy"; -export class ImportSession implements PrivacyAware { +export class ImportSession { protected constructor( protected ctx: AuthedContext, public session: ZImportSession, @@ -82,15 +81,6 @@ export class ImportSession implements PrivacyAware { ); } - ensureCanAccess(ctx: AuthedContext): void { - if (this.session.userId !== ctx.user.id) { - throw new TRPCError({ - code: "FORBIDDEN", - message: "User is not allowed to access this import session", - }); - } - } - async attachBookmark(bookmarkId: string): Promise<void> { await this.ctx.db.insert(importSessionBookmarks).values({ importSessionId: this.session.id, diff --git a/packages/trpc/models/lists.ts b/packages/trpc/models/lists.ts index 28473c12..2250819f 100644 --- a/packages/trpc/models/lists.ts +++ b/packages/trpc/models/lists.ts @@ -26,13 +26,12 @@ import { AuthedContext, Context } from ".."; import { buildImpersonatingAuthedContext } from "../lib/impersonate"; import { getBookmarkIdsFromMatcher } from "../lib/search"; import { Bookmark } from "./bookmarks"; -import { PrivacyAware } from "./privacy"; interface ListCollaboratorEntry { membershipId: string; } -export abstract class List implements PrivacyAware { +export abstract class List { protected constructor( protected ctx: AuthedContext, protected list: ZBookmarkList & { userId: string }, @@ -388,15 +387,6 @@ export abstract class List implements PrivacyAware { }); } - ensureCanAccess(ctx: AuthedContext): void { - if (this.list.userId != ctx.user.id) { - throw new TRPCError({ - code: "FORBIDDEN", - message: "User is not allowed to access resource", - }); - } - } - /** * Check if the user can view this list and its bookmarks. */ diff --git a/packages/trpc/models/privacy.ts b/packages/trpc/models/privacy.ts deleted file mode 100644 index e2235f44..00000000 --- a/packages/trpc/models/privacy.ts +++ /dev/null @@ -1,5 +0,0 @@ -import { AuthedContext } from ".."; - -export interface PrivacyAware { - ensureCanAccess(ctx: AuthedContext): void; -} diff --git a/packages/trpc/models/rules.ts b/packages/trpc/models/rules.ts index 7b17fd8a..7d943465 100644 --- a/packages/trpc/models/rules.ts +++ b/packages/trpc/models/rules.ts @@ -17,7 +17,6 @@ import { } from "@karakeep/shared/types/rules"; import { AuthedContext } from ".."; -import { PrivacyAware } from "./privacy"; function dummy_fetchRule(ctx: AuthedContext, id: string) { return DONT_USE_DB.query.ruleEngineRulesTable.findFirst({ @@ -33,7 +32,7 @@ function dummy_fetchRule(ctx: AuthedContext, id: string) { type FetchedRuleType = NonNullable<Awaited<ReturnType<typeof dummy_fetchRule>>>; -export class RuleEngineRuleModel implements PrivacyAware { +export class RuleEngineRuleModel { protected constructor( protected ctx: AuthedContext, public rule: RuleEngineRule & { userId: string }, @@ -83,15 +82,6 @@ export class RuleEngineRuleModel implements PrivacyAware { return this.fromData(ctx, ruleData); } - ensureCanAccess(ctx: AuthedContext): void { - if (this.rule.userId != ctx.user.id) { - throw new TRPCError({ - code: "FORBIDDEN", - message: "User is not allowed to access resource", - }); - } - } - static async create( ctx: AuthedContext, input: z.infer<typeof zNewRuleEngineRuleSchema>, diff --git a/packages/trpc/models/tags.ts b/packages/trpc/models/tags.ts index 33b032c1..b230b6b4 100644 --- a/packages/trpc/models/tags.ts +++ b/packages/trpc/models/tags.ts @@ -26,9 +26,8 @@ import { import { switchCase } from "@karakeep/shared/utils/switch"; import { AuthedContext } from ".."; -import { PrivacyAware } from "./privacy"; -export class Tag implements PrivacyAware { +export class Tag { constructor( protected ctx: AuthedContext, public tag: typeof bookmarkTags.$inferSelect, @@ -293,15 +292,6 @@ export class Tag implements PrivacyAware { }; } - ensureCanAccess(ctx: AuthedContext): void { - if (this.tag.userId !== ctx.user.id) { - throw new TRPCError({ - code: "FORBIDDEN", - message: "User is not allowed to access resource", - }); - } - } - async delete(): Promise<void> { const affectedBookmarks = await this.ctx.db .select({ diff --git a/packages/trpc/models/users.ts b/packages/trpc/models/users.ts index 7e6be7a5..97b062f0 100644 --- a/packages/trpc/models/users.ts +++ b/packages/trpc/models/users.ts @@ -31,9 +31,8 @@ import { import { AuthedContext, Context } from ".."; import { generatePasswordSalt, hashPassword, validatePassword } from "../auth"; import { sendPasswordResetEmail, sendVerificationEmail } from "../email"; -import { PrivacyAware } from "./privacy"; -export class User implements PrivacyAware { +export class User { constructor( protected ctx: AuthedContext, public user: typeof users.$inferSelect, @@ -355,15 +354,6 @@ export class User implements PrivacyAware { .where(eq(passwordResetTokens.token, input.token)); } - ensureCanAccess(ctx: AuthedContext): void { - if (this.user.id !== ctx.user.id) { - throw new TRPCError({ - code: "FORBIDDEN", - message: "User is not allowed to access resource", - }); - } - } - private static async deleteInternal(db: Context["db"], userId: string) { const res = await db.delete(users).where(eq(users.id, userId)); diff --git a/packages/trpc/models/webhooks.ts b/packages/trpc/models/webhooks.ts index 3a8c7bab..d2d9c19c 100644 --- a/packages/trpc/models/webhooks.ts +++ b/packages/trpc/models/webhooks.ts @@ -10,9 +10,8 @@ import { } from "@karakeep/shared/types/webhooks"; import { AuthedContext } from ".."; -import { PrivacyAware } from "./privacy"; -export class Webhook implements PrivacyAware { +export class Webhook { constructor( protected ctx: AuthedContext, public webhook: typeof webhooksTable.$inferSelect, @@ -66,15 +65,6 @@ export class Webhook implements PrivacyAware { return webhooks.map((w) => new Webhook(ctx, w)); } - ensureCanAccess(ctx: AuthedContext): void { - if (this.webhook.userId !== ctx.user.id) { - throw new TRPCError({ - code: "FORBIDDEN", - message: "User is not allowed to access resource", - }); - } - } - async delete(): Promise<void> { const res = await this.ctx.db .delete(webhooksTable) |