admin/PolyMPR
1
0
Fork 0
Code Issues 14 Pull Requests 1 Actions Packages Projects 1 Releases Wiki Activity

fix: faculty users are now recognized as employees
Check Deno code / Check Deno code (push) Has been cancelled
Details
Tests / Unit tests (push) Has been cancelled
Details
Tests / Integration tests (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Djalim Simaila
2026-05-05 15:29:02 +02:00
parent 0f87bc18c3
commit 49bcc3083a
19 changed files with 62 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files
routes/(apps)/mobility/api/mobilites.ts
+3 -4
View File
@@ -1,7 +1,7 @@
import { FreshContext, Handlers } from "$fresh/server.ts";
import { db } from "$root/databases/db.ts";
import { mobilites } from "$root/databases/schema.ts";
import { AuthenticatedState } from "$root/defaults/interfaces.ts";
import { AuthenticatedState, isEmployee } from "$root/defaults/interfaces.ts";
import { eq } from "npm:drizzle-orm@0.45.2";
const VALID_STATUSES = [
@@ -46,15 +46,14 @@ export const handler: Handlers<null, AuthenticatedState> = {
request: Request,
context: FreshContext<AuthenticatedState>,
): Promise<Response> {
const isEmployee =
context.state.session.eduPersonPrimaryAffiliation === "employee";
const employeeCheck = isEmployee(context.state.session);
try {
const body = await request.json();
const { numEtud, duree, ecole, pays, status, idStage } = body;
// Students can only create mobilites for themselves
if (!isEmployee && numEtud !== undefined) {
if (!employeeCheck && numEtud !== undefined) {
// Students cannot set idStage or status
if (idStage || (status && status !== "contracts_received")) {
return new Response(null, { status: 403 });
routes/(apps)/mobility/api/mobilites/[idMob].ts
+3 -3
View File
@@ -1,7 +1,7 @@
import { FreshContext, Handlers } from "$fresh/server.ts";
import { db } from "$root/databases/db.ts";
import { mobilites } from "$root/databases/schema.ts";
import { AuthenticatedState } from "$root/defaults/interfaces.ts";
import { AuthenticatedState, isEmployee } from "$root/defaults/interfaces.ts";
import { eq } from "npm:drizzle-orm@0.45.2";
const VALID_STATUSES = [
@@ -49,7 +49,7 @@ export const handler: Handlers<null, AuthenticatedState> = {
request: Request,
context: FreshContext<AuthenticatedState>,
): Promise<Response> {
if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
if (!isEmployee(context.state.session)) {
return FORBIDDEN();
}
@@ -115,7 +115,7 @@ export const handler: Handlers<null, AuthenticatedState> = {
_request: Request,
context: FreshContext<AuthenticatedState>,
): Promise<Response> {
if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
if (!isEmployee(context.state.session)) {
return FORBIDDEN();
}
routes/(apps)/mobility/api/mobilites/[idMob]/contrat.ts
+2 -2
View File
@@ -1,7 +1,7 @@
import { FreshContext, Handlers } from "$fresh/server.ts";
import { db } from "$root/databases/db.ts";
import { mobilites } from "$root/databases/schema.ts";
import { AuthenticatedState } from "$root/defaults/interfaces.ts";
import { AuthenticatedState, isEmployee } from "$root/defaults/interfaces.ts";
import { eq } from "npm:drizzle-orm@0.45.2";
const CONTRACTS_DIR = "uploads/contracts";
@@ -118,7 +118,7 @@ export const handler: Handlers<null, AuthenticatedState> = {
_request: Request,
context: FreshContext<AuthenticatedState>,
): Promise<Response> {
if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
if (!isEmployee(context.state.session)) {
return new Response(null, { status: 403 });
}