mirror of
https://github.com/johndoe6345789/metabuilder.git
synced 2026-04-25 22:34:56 +00:00
70 lines
2.0 KiB
Lua
70 lines
2.0 KiB
Lua
-- Check if user has permission to access a package or component
|
|
-- Single function module for access control
|
|
|
|
---@class CheckAccess
|
|
local M = {}
|
|
|
|
---Check if user has required permission level for a resource
|
|
---@param userLevel PermissionLevel Current user's permission level (0-6)
|
|
---@param permissions PackagePermissions|ComponentPermission Permission requirements
|
|
---@param featureFlags? table<string, boolean> Active feature flags
|
|
---@param databaseEnabled? boolean Whether database is enabled
|
|
---@return PermissionCheckResult Result with allowed status and reason
|
|
function M.check_access(userLevel, permissions, featureFlags, databaseEnabled)
|
|
-- Default feature flags and database state
|
|
featureFlags = featureFlags or {}
|
|
databaseEnabled = databaseEnabled ~= false -- Default to true
|
|
|
|
-- Check if resource is enabled
|
|
if permissions.enabled == false then
|
|
return {
|
|
allowed = false,
|
|
reason = "Resource is currently disabled"
|
|
}
|
|
end
|
|
|
|
-- Check minimum permission level
|
|
local minLevel = permissions.minLevel or 0
|
|
if userLevel < minLevel then
|
|
return {
|
|
allowed = false,
|
|
reason = "Insufficient permission level",
|
|
requiredLevel = minLevel
|
|
}
|
|
end
|
|
|
|
-- Check database requirement
|
|
if permissions.databaseRequired and not databaseEnabled then
|
|
return {
|
|
allowed = false,
|
|
reason = "Database is required but not enabled"
|
|
}
|
|
end
|
|
|
|
if permissions.requireDatabase and not databaseEnabled then
|
|
return {
|
|
allowed = false,
|
|
reason = "Database is required but not enabled"
|
|
}
|
|
end
|
|
|
|
-- Check feature flags (only if specified)
|
|
if permissions.featureFlags then
|
|
for _, flag in ipairs(permissions.featureFlags) do
|
|
if not featureFlags[flag] then
|
|
return {
|
|
allowed = false,
|
|
reason = "Required feature flag '" .. flag .. "' is not enabled"
|
|
}
|
|
end
|
|
end
|
|
end
|
|
|
|
-- All checks passed
|
|
return {
|
|
allowed = true
|
|
}
|
|
end
|
|
|
|
return M
|