tracker/api-js/src/user/queries/is-user-admin.js at master · LearningAzure2020/tracker · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
import { t } from '@lingui/macro'
import { GraphQLBoolean, GraphQLID } from 'graphql'
import { fromGlobalId } from 'graphql-relay'

export const isUserAdmin = {
  type: GraphQLBoolean,
  description: 'Query used to check if the user has an admin role.',
  args: {
    orgId: {
      type: GraphQLID,
      description:
        'Optional org id to see if user is an admin for the requested org.',
    },
  },
  resolve: async (
    _,
    args,
    {
      i18n,
      query,
      userKey,
      auth: { checkPermission, userRequired },
      loaders: { loadOrgByKey },
      validators: { cleanseInput },
    },
  ) => {
    const { id: orgKey } = fromGlobalId(cleanseInput(args.orgId))

    const user = await userRequired()

    // check if for a specific org
    if (orgKey !== '') {
      const org = await loadOrgByKey.load(orgKey)

      const permission = await checkPermission({ orgId: org._id })

      if (permission === 'admin' || permission === 'super_admin') {
        return true
      }

      return false
    }

    // check to see if user is an admin or higher for at least one org
    let userAdmin
    try {
      userAdmin = await query`
        FOR v, e IN 1..1 INBOUND ${user._id} affiliations
        FILTER e.permission == "admin" || e.permission == "super_admin"
        LIMIT 1
        RETURN e.permission
      `
    } catch (err) {
      console.error(
        `Database error occurred when user: ${userKey} was seeing if they were an admin, err: ${err}`,
      )
      throw new Error(
        i18n._(t`Unable to verify if user is an admin, please try again.`),
      )
    }

    if (userAdmin.count > 0) {
      return true
    }

    return false
  },
}