basic permissions

2019-01-11 00:10:37 -08:00
parent 7151adbfdf
commit 24b82802a8
5 changed files with 25 additions and 7 deletions
--- a/src/clj/auto_ap/graphql/utils.clj
+++ b/src/clj/auto_ap/graphql/utils.clj
@@ -47,9 +47,22 @@

 (defn can-see-company? [identity company]
  (or (= "admin" (:role identity))
-      ((set (map :db/id (:user/companies identity))) (:db/id company))
-      ((set (map :db/id (:user/companies identity))) company)))
+      ((set (map :db/id (:user/clients identity))) (:db/id company))
+      ((set (map :db/id (:user/clients identity))) company)))

 (defn assert-can-see-company [identity company]
  (when-not (can-see-company? identity company)
    (throw-unauthorized)))
+
+;; TODO - the namespaces here are missing because jwt.
+(defn limited-clients [id]
+  (println id)
+  (cond
+    (= (:role id) "none")
+    []
+
+    (= (:role id) "admin")
+    nil
+
+    (= (:role id) "user")
+    (:clients id [])))