feat: implement permission functions for updated/deleted data events

backend/src/modules/DataModule/models/minifiedUsers/events/MinifiedUserDeletedEvent.ts

@@ -1,5 +1,19 @@
+import { HydratedDocument } from "mongoose";
 import ModelDeletedEvent from "@/modules/DataModule/ModelDeletedEvent";
+import { MinifiedUserSchema } from "../schema";
 
 export default abstract class MinifiedUserDeletedEvent extends ModelDeletedEvent {
 	protected static _modelName = "minifiedUsers";
+
+	// TODO make this function shared
+	/**
+	 * If a modelId was specified, any user can subscribe.
+	 * If not, only admins can subscribe.
+	 */
+	protected static _hasPermission = (
+		model: HydratedDocument<MinifiedUserSchema>
+	) => {
+		if (model) return true;
+		return false;
+	};
 }

backend/src/modules/DataModule/models/minifiedUsers/events/MinifiedUserUpdatedEvent.ts

@@ -1,5 +1,19 @@
+import { HydratedDocument } from "mongoose";
 import ModelUpdatedEvent from "@/modules/DataModule/ModelUpdatedEvent";
+import { MinifiedUserSchema } from "../schema";
 
 export default abstract class MinifiedUserUpdatedEvent extends ModelUpdatedEvent {
 	protected static _modelName = "minifiedUsers";
+
+	// TODO make this function shared
+	/**
+	 * If a modelId was specified, any user can subscribe.
+	 * If not, only admins can subscribe.
+	 */
+	protected static _hasPermission = (
+		model: HydratedDocument<MinifiedUserSchema>
+	) => {
+		if (model) return true;
+		return false;
+	};
 }

backend/src/modules/DataModule/models/news/events/NewsDeletedEvent.ts

@@ -1,15 +1,13 @@
-import { HydratedDocument, Schema } from "mongoose";
+import { HydratedDocument } from "mongoose";
 import ModelDeletedEvent from "@/modules/DataModule/ModelDeletedEvent";
 import { NewsStatus } from "@/modules/DataModule/models/news/NewsStatus";
+import { NewsSchema } from "../schema";
 
 export default abstract class NewsDeletedEvent extends ModelDeletedEvent {
 	protected static _modelName = "news";
 
-	protected static _hasPermission = <ModelSchemaType extends Schema>(
-		model: HydratedDocument<ModelSchemaType>
-	) => {
-		// eslint-disable-next-line
-		// @ts-ignore
+	// TODO make this function shared
+	protected static _hasPermission = (model: HydratedDocument<NewsSchema>) => {
 		if (model?.status === NewsStatus.PUBLISHED) return true;
 		return false;
 	};

backend/src/modules/DataModule/models/news/events/NewsUpdatedEvent.ts

@@ -1,15 +1,13 @@
-import { HydratedDocument, Schema } from "mongoose";
+import { HydratedDocument } from "mongoose";
 import ModelUpdatedEvent from "@/modules/DataModule/ModelUpdatedEvent";
 import { NewsStatus } from "@/modules/DataModule/models/news/NewsStatus";
+import { NewsSchema } from "../schema";
 
 export default abstract class NewsUpdatedEvent extends ModelUpdatedEvent {
 	protected static _modelName = "news";
 
-	protected static _hasPermission = <ModelSchemaType extends Schema>(
-		model: HydratedDocument<ModelSchemaType>
-	) => {
-		// eslint-disable-next-line
-		// @ts-ignore
+	// TODO make this function shared
+	protected static _hasPermission = (model: HydratedDocument<NewsSchema>) => {
 		if (model?.status === NewsStatus.PUBLISHED) return true;
 		return false;
 	};

backend/src/modules/DataModule/models/stations/events/StationDeletedEvent.ts

@@ -1,5 +1,32 @@
+import { Schema, HydratedDocument } from "mongoose";
 import ModelDeletedEvent from "@/modules/DataModule/ModelDeletedEvent";
+import { StationSchema } from "../schema";
+import { StationPrivacy } from "../StationPrivacy";
+import { UserSchema } from "../../users/schema";
+import { StationType } from "../StationType";
 
 export default abstract class StationDeletedEvent extends ModelDeletedEvent {
 	protected static _modelName = "stations";
+
+	// TODO make this function shared
+	protected static _hasPermission = (
+		model: HydratedDocument<StationSchema>,
+		user: HydratedDocument<UserSchema> | null
+	) => {
+		if (!model) return false;
+		if (
+			model.privacy === StationPrivacy.PUBLIC ||
+			model.privacy === StationPrivacy.UNLISTED
+		)
+			return true;
+		// If the station isn't public/unlisted, and the user isn't logged in, don't give permission
+		if (!user) return false;
+		if (
+			model.type === StationType.COMMUNITY &&
+			model.owner?.toString() === user._id.toString()
+		)
+			return true;
+
+		return false;
+	};
 }

backend/src/modules/DataModule/models/stations/events/StationUpdatedEvent.ts

@@ -1,5 +1,32 @@
+import { Schema, HydratedDocument } from "mongoose";
 import ModelUpdatedEvent from "@/modules/DataModule/ModelUpdatedEvent";
+import { StationPrivacy } from "../StationPrivacy";
+import { StationType } from "../StationType";
+import { StationSchema } from "../schema";
+import { UserSchema } from "../../users/schema";
 
 export default abstract class StationUpdatedEvent extends ModelUpdatedEvent {
 	protected static _modelName = "stations";
+
+	// TODO make this function shared
+	protected static _hasPermission = (
+		model: HydratedDocument<StationSchema>,
+		user: HydratedDocument<UserSchema> | null
+	) => {
+		if (!model) return false;
+		if (
+			model.privacy === StationPrivacy.PUBLIC ||
+			model.privacy === StationPrivacy.UNLISTED
+		)
+			return true;
+		// If the station isn't public/unlisted, and the user isn't logged in, don't give permission
+		if (!user) return false;
+		if (
+			model.type === StationType.COMMUNITY &&
+			model.owner?.toString() === user._id.toString()
+		)
+			return true;
+
+		return false;
+	};
 }

backend/src/modules/DataModule/models/users/events/UserUpdatedEvent.ts

@@ -2,4 +2,6 @@ import ModelUpdatedEvent from "@/modules/DataModule/ModelUpdatedEvent";
 
 export default abstract class UserUpdatedEvent extends ModelUpdatedEvent {
 	protected static _modelName = "users";
+
+	// TODO maybe allow this for the current logged in user?
 }