From 1a25ae981a15fc1c09d7f7d46e8d9c93715e8a94 Mon Sep 17 00:00:00 2001
From: Djalim Simaila <DjalimS.pro@outlook.fr>
Date: Wed, 22 Apr 2026 15:28:33 +0200
Subject: [PATCH] feat(defaults/withRules.ts): add own_teaching_note rule for
 teacher access

---
 defaults/withRules.ts | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/defaults/withRules.ts b/defaults/withRules.ts
index e249785..22e758c 100644
--- a/defaults/withRules.ts
+++ b/defaults/withRules.ts
@@ -1,6 +1,10 @@
 import { FreshContext } from "$fresh/server.ts";
 import { db } from "$root/databases/db.ts";
-import { rolePermissions, users } from "$root/databases/schema.ts";
+import {
+  enseignements,
+  rolePermissions,
+  users,
+} from "$root/databases/schema.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
 import { and, eq } from "npm:drizzle-orm@0.45.2";
 
@@ -54,6 +58,20 @@ const rules = {
     parseNumEtud(ctx.state.session.uid) === Number(ctx.params.numEtud),
   own_note: (_req: Request, ctx: FreshContext<AuthenticatedState>) =>
     parseNumEtud(ctx.state.session.uid) === Number(ctx.params.numEtud),
+
+  // Contextual rule — teacher accessing notes for a module they teach
+  own_teaching_note: async (
+    _req: Request,
+    ctx: FreshContext<AuthenticatedState>,
+  ) => {
+    const [row] = await db.select().from(enseignements).where(
+      and(
+        eq(enseignements.idProf, ctx.state.session.uid),
+        eq(enseignements.idModule, ctx.params.idModule),
+      ),
+    );
+    return !!row;
+  },
 };
 
 export type RuleName = keyof typeof rules;