2023-02-21 17:12:26 +00:00
|
|
|
import type { User } from "@prisma/client";
|
2023-06-20 13:42:37 +00:00
|
|
|
import type { Session } from "next-auth";
|
2022-04-26 08:48:17 +00:00
|
|
|
import CredentialsProvider from "next-auth/providers/credentials";
|
2022-09-17 21:09:06 +00:00
|
|
|
import { z } from "zod";
|
2022-04-26 08:48:17 +00:00
|
|
|
|
2023-03-10 23:45:24 +00:00
|
|
|
import { getSession } from "@calcom/features/auth/lib/getSession";
|
2022-07-28 19:58:26 +00:00
|
|
|
import prisma from "@calcom/prisma";
|
|
|
|
|
|
2022-09-17 21:09:06 +00:00
|
|
|
const teamIdschema = z.object({
|
2022-12-05 12:03:36 +00:00
|
|
|
teamId: z.preprocess((a) => parseInt(z.string().parse(a), 10), z.number().positive()),
|
2022-09-17 21:09:06 +00:00
|
|
|
});
|
2022-04-26 08:48:17 +00:00
|
|
|
|
2022-07-21 17:02:20 +00:00
|
|
|
const auditAndReturnNextUser = async (
|
2023-08-19 00:46:17 +00:00
|
|
|
impersonatedUser: Pick<User, "id" | "username" | "email" | "name" | "role" | "organizationId" | "locale">,
|
2022-12-07 15:04:04 +00:00
|
|
|
impersonatedByUID: number,
|
|
|
|
|
hasTeam?: boolean
|
2022-07-21 17:02:20 +00:00
|
|
|
) => {
|
|
|
|
|
// Log impersonations for audit purposes
|
|
|
|
|
await prisma.impersonations.create({
|
|
|
|
|
data: {
|
|
|
|
|
impersonatedBy: {
|
|
|
|
|
connect: {
|
|
|
|
|
id: impersonatedByUID,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
impersonatedUser: {
|
|
|
|
|
connect: {
|
|
|
|
|
id: impersonatedUser.id,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
const obj = {
|
|
|
|
|
id: impersonatedUser.id,
|
|
|
|
|
username: impersonatedUser.username,
|
|
|
|
|
email: impersonatedUser.email,
|
|
|
|
|
name: impersonatedUser.name,
|
|
|
|
|
role: impersonatedUser.role,
|
|
|
|
|
impersonatedByUID,
|
2022-12-07 15:04:04 +00:00
|
|
|
belongsToActiveTeam: hasTeam,
|
feat: Organizations (#8993)
* Initial commit
* Adding feature flag
* feat: Orgs Schema Changing `scopedMembers` to `orgUsers` (#9209)
* Change scopedMembers to orgMembers
* Change to orgUsers
* Letting duplicate slugs for teams to support orgs
* Covering null on unique clauses
* Supporting having the orgId in the session cookie
* feat: organization event type filter (#9253)
Signed-off-by: Udit Takkar <udit.07814802719@cse.mait.ac.in>
* Missing changes to support orgs schema changes
* feat: Onboarding process to create an organization (#9184)
* Desktop first banner, mobile pending
* Removing dead code and img
* WIP
* Adds Email verification template+translations for organizations (#9202)
* First step done
* Merge branch 'feat/organizations-onboarding' of github.com:calcom/cal.com into feat/organizations-onboarding
* Step 2 done, avatar not working
* Covering null on unique clauses
* Onboarding admins step
* Last step to create teams
* Moving change password handler, improving verifying code flow
* Clearing error before submitting
* Reverting email testing api changes
* Reverting having the banner for now
* Consistent exported components
* Remove unneeded files from banner
* Removing uneeded code
* Fixing avatar selector
* Using meta component for head/descr
* Missing i18n strings
* Feedback
* Making an org avatar (temp)
* Check for subteams slug clashes with usernames
* Fixing create teams onsuccess
* feedback
* Making sure we check requestedSlug now
---------
Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
* feat: [CAL-1816] Organization subdomain support (#9345)
* Desktop first banner, mobile pending
* Removing dead code and img
* WIP
* Adds Email verification template+translations for organizations (#9202)
* First step done
* Merge branch 'feat/organizations-onboarding' of github.com:calcom/cal.com into feat/organizations-onboarding
* Step 2 done, avatar not working
* Covering null on unique clauses
* Onboarding admins step
* Last step to create teams
* Moving change password handler, improving verifying code flow
* Clearing error before submitting
* Reverting email testing api changes
* Reverting having the banner for now
* Consistent exported components
* Remove unneeded files from banner
* Removing uneeded code
* Fixing avatar selector
* Using meta component for head/descr
* Missing i18n strings
* Feedback
* Making an org avatar (temp)
* Check for subteams slug clashes with usernames
* Fixing create teams onsuccess
* Covering users and subteams, excluding non-org users
* Unpublished teams shows correctly
* Create subdomain in Vercel
* feedback
* Renaming Vercel env vars
* Vercel domain check before creation
* Supporting cal-staging.com
* Change to have vercel detect it
* vercel domain check data message error
* Remove check domain
* Making sure we check requestedSlug now
* Feedback and unneeded code
* Reverting unneeded changes
* Unneeded changes
---------
Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
* Vercel subdomain creation in PROD only
* Making sure we let localhost still work
* Feedback
* Type check fixes
* feat: Organization branding in side menu (#9279)
* Desktop first banner, mobile pending
* Removing dead code and img
* WIP
* Adds Email verification template+translations for organizations (#9202)
* First step done
* Merge branch 'feat/organizations-onboarding' of github.com:calcom/cal.com into feat/organizations-onboarding
* Step 2 done, avatar not working
* Covering null on unique clauses
* Onboarding admins step
* Last step to create teams
* Moving change password handler, improving verifying code flow
* Clearing error before submitting
* Reverting email testing api changes
* Reverting having the banner for now
* Consistent exported components
* Remove unneeded files from banner
* Removing uneeded code
* Fixing avatar selector
* Org branding provider used in shell sidebar
* Using meta component for head/descr
* Missing i18n strings
* Feedback
* Making an org avatar (temp)
* Using org avatar (temp)
* Not showing org logo if not set
* User onboarding with org branding (slug)
* Check for subteams slug clashes with usernames
* Fixing create teams onsuccess
* feedback
* Feedback
* Org public profile
* Public profiles for team event types
* Added setup profile alert
* Using org avatar on subteams avatar
* Making sure we show the set up profile on org only
* Profile username availability rely on org hook
* Update apps/web/pages/team/[slug].tsx
Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
* Update apps/web/pages/team/[slug].tsx
Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
---------
Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
* feat: Organization support for event types page (#9449)
* Desktop first banner, mobile pending
* Removing dead code and img
* WIP
* Adds Email verification template+translations for organizations (#9202)
* First step done
* Merge branch 'feat/organizations-onboarding' of github.com:calcom/cal.com into feat/organizations-onboarding
* Step 2 done, avatar not working
* Covering null on unique clauses
* Onboarding admins step
* Last step to create teams
* Moving change password handler, improving verifying code flow
* Clearing error before submitting
* Reverting email testing api changes
* Reverting having the banner for now
* Consistent exported components
* Remove unneeded files from banner
* Removing uneeded code
* Fixing avatar selector
* Org branding provider used in shell sidebar
* Using meta component for head/descr
* Missing i18n strings
* Feedback
* Making an org avatar (temp)
* Using org avatar (temp)
* Not showing org logo if not set
* User onboarding with org branding (slug)
* Check for subteams slug clashes with usernames
* Fixing create teams onsuccess
* feedback
* Feedback
* Org public profile
* Public profiles for team event types
* Added setup profile alert
* Using org avatar on subteams avatar
* Processing orgs and children as profile options
* Reverting change not belonging to this PR
* Making sure we show the set up profile on org only
* Removing console.log
* Comparing memberships to choose the highest one
---------
Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
* Type errors
* Refactor and type fixes
* Update orgDomains.ts
* Feedback
* Reverting
* NIT
* fix issue getting org slug from domain
* Improving orgDomains util
* Host comes with port
* Update useRouterQuery.ts
* Feedback
* Feedback
* Feedback
* Feedback: SSR for user event-types to have org context
* chore: Cache node_modules (#9492)
* Adding check for cache hit
* Adding a separate install step first
* Put the restore cache steps back
* Revert the uses type for restoring cache
* Added step to restore nm cache
* Removed the cache-hit check
* Comments and naming
* Removed extra install command
* Updated the name of the linting step to be more clear
* Removes the need for useEffect here
* Feedback
* Feedback
* Cookie domain needs a dot
* Type fix
* Update apps/web/public/static/locales/en/common.json
Co-authored-by: Omar López <zomars@me.com>
* Update packages/emails/src/templates/OrganizationAccountVerifyEmail.tsx
* Feedback
---------
Signed-off-by: Udit Takkar <udit.07814802719@cse.mait.ac.in>
Co-authored-by: Joe Au-Yeung <65426560+joeauyeung@users.noreply.github.com>
Co-authored-by: Udit Takkar <53316345+Udit-takkar@users.noreply.github.com>
Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
Co-authored-by: zomars <zomars@me.com>
Co-authored-by: Efraín Rochín <roae.85@gmail.com>
Co-authored-by: Keith Williams <keithwillcode@gmail.com>
2023-06-14 21:40:20 +00:00
|
|
|
organizationId: impersonatedUser.organizationId,
|
2023-08-19 00:46:17 +00:00
|
|
|
locale: impersonatedUser.locale,
|
2022-07-21 17:02:20 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
return obj;
|
|
|
|
|
};
|
|
|
|
|
|
2023-06-20 13:42:37 +00:00
|
|
|
type Credentials = Record<"username" | "teamId", string> | undefined;
|
|
|
|
|
|
|
|
|
|
export function parseTeamId(creds: Partial<Credentials>) {
|
|
|
|
|
return creds?.teamId ? teamIdschema.parse({ teamId: creds.teamId }).teamId : undefined;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export function checkSelfImpersonation(session: Session | null, creds: Partial<Credentials>) {
|
|
|
|
|
if (session?.user.username === creds?.username || session?.user.email === creds?.username) {
|
|
|
|
|
throw new Error("You cannot impersonate yourself.");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export function checkUserIdentifier(creds: Partial<Credentials>) {
|
|
|
|
|
if (!creds?.username) throw new Error("User identifier must be present");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export function checkPermission(session: Session | null) {
|
|
|
|
|
if (session?.user.role !== "ADMIN" && process.env.NEXT_PUBLIC_TEAM_IMPERSONATION === "false") {
|
|
|
|
|
throw new Error("You do not have permission to do this.");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-26 08:48:17 +00:00
|
|
|
const ImpersonationProvider = CredentialsProvider({
|
|
|
|
|
id: "impersonation-auth",
|
|
|
|
|
name: "Impersonation",
|
|
|
|
|
type: "credentials",
|
|
|
|
|
credentials: {
|
2022-07-21 17:02:20 +00:00
|
|
|
username: { type: "text" },
|
|
|
|
|
teamId: { type: "text" },
|
2022-04-26 08:48:17 +00:00
|
|
|
},
|
|
|
|
|
async authorize(creds, req) {
|
2022-05-18 16:05:25 +00:00
|
|
|
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
2022-04-26 08:48:17 +00:00
|
|
|
// @ts-ignore need to figure out how to correctly type this
|
|
|
|
|
const session = await getSession({ req });
|
2023-06-20 13:42:37 +00:00
|
|
|
const teamId = parseTeamId(creds);
|
|
|
|
|
checkSelfImpersonation(session, creds);
|
|
|
|
|
checkUserIdentifier(creds);
|
|
|
|
|
checkPermission(session);
|
2022-07-21 17:02:20 +00:00
|
|
|
|
|
|
|
|
// Get user who is being impersonated
|
2023-02-21 17:12:26 +00:00
|
|
|
const impersonatedUser = await prisma.user.findFirst({
|
2022-04-26 08:48:17 +00:00
|
|
|
where: {
|
2023-02-21 17:12:26 +00:00
|
|
|
OR: [{ username: creds?.username }, { email: creds?.username }],
|
2022-04-26 08:48:17 +00:00
|
|
|
},
|
2022-07-21 17:02:20 +00:00
|
|
|
select: {
|
|
|
|
|
id: true,
|
|
|
|
|
username: true,
|
|
|
|
|
role: true,
|
|
|
|
|
name: true,
|
|
|
|
|
email: true,
|
feat: Organizations (#8993)
* Initial commit
* Adding feature flag
* feat: Orgs Schema Changing `scopedMembers` to `orgUsers` (#9209)
* Change scopedMembers to orgMembers
* Change to orgUsers
* Letting duplicate slugs for teams to support orgs
* Covering null on unique clauses
* Supporting having the orgId in the session cookie
* feat: organization event type filter (#9253)
Signed-off-by: Udit Takkar <udit.07814802719@cse.mait.ac.in>
* Missing changes to support orgs schema changes
* feat: Onboarding process to create an organization (#9184)
* Desktop first banner, mobile pending
* Removing dead code and img
* WIP
* Adds Email verification template+translations for organizations (#9202)
* First step done
* Merge branch 'feat/organizations-onboarding' of github.com:calcom/cal.com into feat/organizations-onboarding
* Step 2 done, avatar not working
* Covering null on unique clauses
* Onboarding admins step
* Last step to create teams
* Moving change password handler, improving verifying code flow
* Clearing error before submitting
* Reverting email testing api changes
* Reverting having the banner for now
* Consistent exported components
* Remove unneeded files from banner
* Removing uneeded code
* Fixing avatar selector
* Using meta component for head/descr
* Missing i18n strings
* Feedback
* Making an org avatar (temp)
* Check for subteams slug clashes with usernames
* Fixing create teams onsuccess
* feedback
* Making sure we check requestedSlug now
---------
Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
* feat: [CAL-1816] Organization subdomain support (#9345)
* Desktop first banner, mobile pending
* Removing dead code and img
* WIP
* Adds Email verification template+translations for organizations (#9202)
* First step done
* Merge branch 'feat/organizations-onboarding' of github.com:calcom/cal.com into feat/organizations-onboarding
* Step 2 done, avatar not working
* Covering null on unique clauses
* Onboarding admins step
* Last step to create teams
* Moving change password handler, improving verifying code flow
* Clearing error before submitting
* Reverting email testing api changes
* Reverting having the banner for now
* Consistent exported components
* Remove unneeded files from banner
* Removing uneeded code
* Fixing avatar selector
* Using meta component for head/descr
* Missing i18n strings
* Feedback
* Making an org avatar (temp)
* Check for subteams slug clashes with usernames
* Fixing create teams onsuccess
* Covering users and subteams, excluding non-org users
* Unpublished teams shows correctly
* Create subdomain in Vercel
* feedback
* Renaming Vercel env vars
* Vercel domain check before creation
* Supporting cal-staging.com
* Change to have vercel detect it
* vercel domain check data message error
* Remove check domain
* Making sure we check requestedSlug now
* Feedback and unneeded code
* Reverting unneeded changes
* Unneeded changes
---------
Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
* Vercel subdomain creation in PROD only
* Making sure we let localhost still work
* Feedback
* Type check fixes
* feat: Organization branding in side menu (#9279)
* Desktop first banner, mobile pending
* Removing dead code and img
* WIP
* Adds Email verification template+translations for organizations (#9202)
* First step done
* Merge branch 'feat/organizations-onboarding' of github.com:calcom/cal.com into feat/organizations-onboarding
* Step 2 done, avatar not working
* Covering null on unique clauses
* Onboarding admins step
* Last step to create teams
* Moving change password handler, improving verifying code flow
* Clearing error before submitting
* Reverting email testing api changes
* Reverting having the banner for now
* Consistent exported components
* Remove unneeded files from banner
* Removing uneeded code
* Fixing avatar selector
* Org branding provider used in shell sidebar
* Using meta component for head/descr
* Missing i18n strings
* Feedback
* Making an org avatar (temp)
* Using org avatar (temp)
* Not showing org logo if not set
* User onboarding with org branding (slug)
* Check for subteams slug clashes with usernames
* Fixing create teams onsuccess
* feedback
* Feedback
* Org public profile
* Public profiles for team event types
* Added setup profile alert
* Using org avatar on subteams avatar
* Making sure we show the set up profile on org only
* Profile username availability rely on org hook
* Update apps/web/pages/team/[slug].tsx
Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
* Update apps/web/pages/team/[slug].tsx
Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
---------
Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
* feat: Organization support for event types page (#9449)
* Desktop first banner, mobile pending
* Removing dead code and img
* WIP
* Adds Email verification template+translations for organizations (#9202)
* First step done
* Merge branch 'feat/organizations-onboarding' of github.com:calcom/cal.com into feat/organizations-onboarding
* Step 2 done, avatar not working
* Covering null on unique clauses
* Onboarding admins step
* Last step to create teams
* Moving change password handler, improving verifying code flow
* Clearing error before submitting
* Reverting email testing api changes
* Reverting having the banner for now
* Consistent exported components
* Remove unneeded files from banner
* Removing uneeded code
* Fixing avatar selector
* Org branding provider used in shell sidebar
* Using meta component for head/descr
* Missing i18n strings
* Feedback
* Making an org avatar (temp)
* Using org avatar (temp)
* Not showing org logo if not set
* User onboarding with org branding (slug)
* Check for subteams slug clashes with usernames
* Fixing create teams onsuccess
* feedback
* Feedback
* Org public profile
* Public profiles for team event types
* Added setup profile alert
* Using org avatar on subteams avatar
* Processing orgs and children as profile options
* Reverting change not belonging to this PR
* Making sure we show the set up profile on org only
* Removing console.log
* Comparing memberships to choose the highest one
---------
Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
* Type errors
* Refactor and type fixes
* Update orgDomains.ts
* Feedback
* Reverting
* NIT
* fix issue getting org slug from domain
* Improving orgDomains util
* Host comes with port
* Update useRouterQuery.ts
* Feedback
* Feedback
* Feedback
* Feedback: SSR for user event-types to have org context
* chore: Cache node_modules (#9492)
* Adding check for cache hit
* Adding a separate install step first
* Put the restore cache steps back
* Revert the uses type for restoring cache
* Added step to restore nm cache
* Removed the cache-hit check
* Comments and naming
* Removed extra install command
* Updated the name of the linting step to be more clear
* Removes the need for useEffect here
* Feedback
* Feedback
* Cookie domain needs a dot
* Type fix
* Update apps/web/public/static/locales/en/common.json
Co-authored-by: Omar López <zomars@me.com>
* Update packages/emails/src/templates/OrganizationAccountVerifyEmail.tsx
* Feedback
---------
Signed-off-by: Udit Takkar <udit.07814802719@cse.mait.ac.in>
Co-authored-by: Joe Au-Yeung <65426560+joeauyeung@users.noreply.github.com>
Co-authored-by: Udit Takkar <53316345+Udit-takkar@users.noreply.github.com>
Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com>
Co-authored-by: zomars <zomars@me.com>
Co-authored-by: Efraín Rochín <roae.85@gmail.com>
Co-authored-by: Keith Williams <keithwillcode@gmail.com>
2023-06-14 21:40:20 +00:00
|
|
|
organizationId: true,
|
2022-07-21 17:02:20 +00:00
|
|
|
disableImpersonation: true,
|
2023-08-19 00:46:17 +00:00
|
|
|
locale: true,
|
2022-07-21 17:02:20 +00:00
|
|
|
teams: {
|
|
|
|
|
where: {
|
|
|
|
|
disableImpersonation: false, // Ensure they have impersonation enabled
|
|
|
|
|
accepted: true, // Ensure they are apart of the team and not just invited.
|
|
|
|
|
team: {
|
|
|
|
|
id: teamId, // Bring back only the right team
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
select: {
|
|
|
|
|
teamId: true,
|
|
|
|
|
disableImpersonation: true,
|
2023-02-17 11:15:42 +00:00
|
|
|
role: true,
|
2022-07-21 17:02:20 +00:00
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
2022-04-26 08:48:17 +00:00
|
|
|
});
|
|
|
|
|
|
2022-07-21 17:02:20 +00:00
|
|
|
// Check if impersonating is allowed for this user
|
|
|
|
|
if (!impersonatedUser) {
|
2022-04-26 08:48:17 +00:00
|
|
|
throw new Error("This user does not exist");
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-21 17:02:20 +00:00
|
|
|
if (session?.user.role === "ADMIN") {
|
|
|
|
|
if (impersonatedUser.disableImpersonation) {
|
|
|
|
|
throw new Error("This user has disabled Impersonation.");
|
|
|
|
|
}
|
2022-12-07 15:04:04 +00:00
|
|
|
return auditAndReturnNextUser(
|
|
|
|
|
impersonatedUser,
|
|
|
|
|
session?.user.id as number,
|
|
|
|
|
impersonatedUser.teams.length > 0 // If the user has any teams, they belong to an active team and we can set the hasActiveTeam ctx to true
|
|
|
|
|
);
|
2022-05-25 15:21:18 +00:00
|
|
|
}
|
|
|
|
|
|
2022-09-17 21:09:06 +00:00
|
|
|
if (!teamId) throw new Error("You do not have permission to do this.");
|
|
|
|
|
|
2022-07-21 17:02:20 +00:00
|
|
|
// Check session
|
|
|
|
|
const sessionUserFromDb = await prisma.user.findUnique({
|
|
|
|
|
where: {
|
|
|
|
|
id: session?.user.id,
|
|
|
|
|
},
|
|
|
|
|
include: {
|
|
|
|
|
teams: {
|
|
|
|
|
where: {
|
|
|
|
|
AND: [
|
|
|
|
|
{
|
|
|
|
|
role: {
|
|
|
|
|
in: ["ADMIN", "OWNER"],
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
team: {
|
|
|
|
|
id: teamId,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
],
|
2022-04-26 08:48:17 +00:00
|
|
|
},
|
2023-02-17 11:15:42 +00:00
|
|
|
select: {
|
|
|
|
|
role: true,
|
|
|
|
|
},
|
2022-04-26 08:48:17 +00:00
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
2022-07-21 17:02:20 +00:00
|
|
|
if (sessionUserFromDb?.teams.length === 0 || impersonatedUser.teams.length === 0) {
|
|
|
|
|
throw new Error("You do not have permission to do this.");
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-17 11:15:42 +00:00
|
|
|
// We find team by ID so we know there is only one team in the array
|
|
|
|
|
if (sessionUserFromDb?.teams[0].role === "ADMIN" && impersonatedUser.teams[0].role === "OWNER") {
|
|
|
|
|
throw new Error("You do not have permission to do this.");
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-07 15:04:04 +00:00
|
|
|
return auditAndReturnNextUser(
|
|
|
|
|
impersonatedUser,
|
|
|
|
|
session?.user.id as number,
|
|
|
|
|
impersonatedUser.teams.length > 0 // If the user has any teams, they belong to an active team and we can set the hasActiveTeam ctx to true
|
|
|
|
|
);
|
2022-04-26 08:48:17 +00:00
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
export default ImpersonationProvider;
|