From d7102df21f148449a786763595752065f57df8cf Mon Sep 17 00:00:00 2001 From: Eric Park Date: Sat, 24 Feb 2024 12:00:41 -0500 Subject: [PATCH] backend: api: set permissions for book status documents --- backend/src/app/api/v0/bookstatus/route.ts | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/backend/src/app/api/v0/bookstatus/route.ts b/backend/src/app/api/v0/bookstatus/route.ts index 1c01d558..379b8a99 100644 --- a/backend/src/app/api/v0/bookstatus/route.ts +++ b/backend/src/app/api/v0/bookstatus/route.ts @@ -1,7 +1,7 @@ const sdk = require("node-appwrite"); import { NextRequest, NextResponse } from "next/server"; -import { ID, Query } from "appwrite"; +import { ID, Permission, Query, Role } from "appwrite"; import { client } from "@/app/appwrite"; import { construct_development_api_response } from "../dev_api_response"; @@ -18,6 +18,14 @@ enum BookStatus_Status { DID_NOT_FINISH, } +function bookStatusPermissions(user_id: string) { + return [ + Permission.read(Role.user(user_id)), + Permission.update(Role.user(user_id)), + Permission.delete(Role.user(user_id)), + ]; +} + async function createBookStatus({ user_id, edition_id, @@ -36,6 +44,7 @@ async function createBookStatus({ edition_id, status, }, + bookStatusPermissions, ); return res.$id; } @@ -93,6 +102,7 @@ export async function POST(request: NextRequest) { { status: status, }, + bookStatusPermissions ); }