const senderorg = await this.organizationService.findOne(
organizationId,
);
const orguser = await this.userService.findByEmail(senderorg.orgEmail);
if (
user.organizationId !== organizationId &&
user.role !== Role.ApiUser
) {
this.logger.error(
`Organization in measurement is not same as user's organization`,
);
return new Promise((resolve, reject) => {
reject(
new ConflictException({
success: false,
message: `Organization in measurement is not same as user's organization`,
}),
);
});
}
if (user.role === Role.ApiUser) {
if (senderorg.api_user_id !== user.api_user_id) {
this.logger.error(
`Organization ${senderorg.name} in measurement is not part of your organization`,
);
return new Promise((resolve, reject) => {
reject(
new ConflictException({
success: false,
message: `Organization ${senderorg.name} in measurement is not part of your organization`,
}),
);
});
} else if (orguser.role != Role.OrganizationAdmin) {
this.logger.error(`Unauthorized`);
return new Promise((resolve, reject) => {
reject(
new UnauthorizedException({
success: false,
message: `Unauthorized`,
}),
);
});
}
Acceptance Criteria
A new validation is create and applied to the reads endpoints
The validation works as before and doesn't break anything
When applying the validation to an endpoint make sure to remove any code that was used to do a similar check
Objective
Add a custom validation that will check if the current user has the right to update or access the current organization
Description
Use this function for the validations
Acceptance Criteria